Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

virus [Closed]

Started by djuka0220 , Jul 10 2015 05:04 AM
virus

  • This topic is locked This topic is locked

#1
djuka0220
Posted 10 July 2015 - 05:04 AM

djuka0220

    Member

  • Member
  • PipPip
  • 12 posts
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-07-2015
Ran by User 1 at 2015-07-10 13:00:44
Running from C:\Users\User 1\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2103307149-622382959-3800831923-500 - Administrator - Disabled)
Guest (S-1-5-21-2103307149-622382959-3800831923-501 - Limited - Enabled)
User 1 (S-1-5-21-2103307149-622382959-3800831923-1000 - Administrator - Enabled) => C:\Users\User 1
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
Chrome Remote Desktop Host (HKLM\...\{FD6E648E-1378-467F-AD37-2B98B379B0DD}) (Version: 44.0.2403.25 - Google Inc.)
Corel WinDVD (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.835 - Corel Inc.)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden
Epson Connect Guide (HKLM\...\Epson Connect Guide) (Version:  - )
Epson Event Manager (HKLM\...\{C9AC7ED6-FD1C-4E83-8553-ECF8BCA111E8}) (Version: 3.01.0007 - Seiko Epson Corporation)
Epson Korisnički vodič L355 Series (HKLM\...\L355 Series Useg) (Version:  - )
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
Epson Mrežni vodič L355 Series (HKLM\...\L355 Series Netg) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Odometer (HKLM\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM\...\{05BA6A83-C7A7-4F85-88F1-150142305229}) (Version: 8.5.4489.3576 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{50764328-9744-49B2-A08B-C5109F45E2DE}) (Version: 3.3.0.0 - Hewlett-Packard Company)
HP Support Information (HKLM\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.7.176.0 (HKLM\...\PROSetDX) (Version: 15.7.176.0 - Intel)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
McAfee Internet Security (HKLM\...\MSC) (Version: 14.0.1076 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.354 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 4.0.14 - PDF Complete, Inc)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6730 - Realtek Semiconductor Corp.)
Recovery Manager (Version: 5.5.3621 - CyberLink Corp.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Unity Web Player (HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User 1\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 
==================== Restore Points =========================
 
10-06-2015 15:54:36 Windows Update
16-06-2015 08:49:36 Windows Update
23-06-2015 08:51:12 Windows Update
29-06-2015 13:48:29 Installed Chrome Remote Desktop Host
01-07-2015 08:17:36 Windows Update
07-07-2015 08:45:04 Windows Update
10-07-2015 12:21:36 OTL Restore Point - 10.07.2015. 12:21:35
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0165FB6B-947E-4775-A007-3E5315A6FE6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10] (Adobe Systems Incorporated)
Task: {102048A6-7E59-48D6-834A-6F984E947862} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6b788c8564fe => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-20] (Google Inc.)
Task: {11A8C7DE-3159-46AD-9A85-38FB05D48ADD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000UA1cf91342aa72432 => C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {39545250-C30E-454B-9806-D9CAF6002668} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe [2015-05-06] (McAfee, Inc.)
Task: {3E9BB293-0979-4102-829F-596939C1CB97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {44E08306-4911-403B-A928-7DF205F3E597} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-02-11] (Microsoft)
Task: {67DBC4E5-F57E-43F4-AE29-FF69F0709A7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-02-11] (Microsoft)
Task: {8E555BB3-5A0F-4A3F-950E-76ECF5BEF726} - System32\Tasks\{B597BE7D-A042-4398-9015-50CE6AB7B2AC} => pcalua.exe -a "C:\Users\User 1\Desktop\TL-WN722N_V1_131113\Setup.exe" -d "C:\Users\User 1\Desktop\TL-WN722N_V1_131113"
Task: {B0634635-EEF3-4581-B87E-2C616E332B54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-20] (Google Inc.)
Task: {DD654B34-7742-4F01-9D5A-807F7ED62C7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {E7015A3D-35D6-4662-9D92-BB6C36A4DB8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {ED7038B3-5078-45E8-A8C5-A3ED143E091B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000Core1cf91342a36866b => C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {EEB2A87B-AEA3-4DFF-800F-A72D91E569D6} - System32\Tasks\{E2FE726D-6EF4-49E5-9150-BE0F2606437C} => pcalua.exe -a "C:\Users\User 1\Downloads\SynSetup_4503.exe" -d "C:\Users\User 1\Downloads"
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b788c8564fe.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000Core1cf91342a36866b.job => C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000UA1cf91342aa72432.job => C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-01-07 10:26 - 2012-09-18 16:26 - 00169472 _____ () C:\Windows\System32\ZLhp1020.DLL
2012-09-05 14:16 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-01-07 10:26 - 2012-09-18 16:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2012-09-15 09:59 - 2012-09-18 16:26 - 02223104 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\suhp1020.dll
2014-01-07 10:26 - 2012-09-18 16:26 - 00949248 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\gchp1020.dll
2009-07-14 01:42 - 2009-07-14 03:15 - 00064000 _____ () C:\Windows\system32\BWContextHandler.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2012-09-15 09:59 - 2012-09-18 16:26 - 00532992 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\sdhp1020.dll
2015-07-08 07:58 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-08 07:58 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.132\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Classes\.exe:  =>  <===== ATTENTION!
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\internet -> internet
IE trusted site: HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\mcafee.com -> hxxps://mcafee.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^User 1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Google Update => "C:\Users\User 1\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: hpsysdrv => c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{94301F77-9491-40B6-9495-0A35F32C9108}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B74283EC-6159-4EB6-857D-A7B067F9D5C2}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{44207583-8A1C-4C95-AF2E-BBCB0936B46A}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{F46B9C01-604B-44A7-B9E2-F8E0726489B1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{012BB764-0F61-455B-B132-BAE0E0A54901}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{DD95BF47-82C5-4ECE-92AA-6F2DB37DDC8E}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{8377D066-BCFE-477E-BD97-EFCAFC1063CC}] => (Allow) C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{0C8C67E5-7F0F-4AF8-836B-C7B7F68D50A2}] => (Allow) C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{5F342DC4-1DC1-4E9C-A4FA-65E8EA7733A2}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9862328F-8E98-421D-BBC8-A81241E89E78}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B1989A6E-FE71-49DD-881C-D235145A7B69}] => (Allow) C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{E528B44E-7BC8-4F23-A43A-BFB1E7D74F63}] => (Allow) C:\Users\User 1\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{68ED0194-5066-4F5F-9DB7-B525DFA5893C}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{EF0FB933-9646-4613-8BBA-7374F1E525BE}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F6444673-3584-447A-975C-13A581B19FEC}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2DC895D1-1A09-4EEC-9F8E-FFC23D2A1034}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2F56AC8C-C45C-4DC1-B6A1-1A4397057AE4}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{57FCAF3A-52A3-4756-8DAD-7BB8CBE2C152}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{08BDEBC7-2E99-47AF-9961-F16F05C0B6C1}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E1A0EF47-8C7B-442E-8020-F8F90007A41C}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E86DEB28-E2A3-4115-BAA7-CA853A249548}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E3F0ABC8-773B-4664-82DC-61EAFF32B965}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{38F0B40D-2E9C-43F6-8FE9-413B873F7E08}] => (Allow) C:\Windows\Explorer.EXE
FirewallRules: [{E1C4C8B8-BD29-4589-AEF0-A58E41AA13F7}] => (Allow) C:\Windows\Explorer.EXE
FirewallRules: [{BA69D0B7-82B8-457C-9870-4741C39CD6C3}] => (Allow) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
FirewallRules: [{F7707091-235E-4F49-8585-EE9905B3D35A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/10/2015 08:51:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2015 08:01:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 08:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/08/2015 07:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:58:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Synesis.exe, version: 4.0.0.0, time stamp: 0x54b6505c
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18847, time stamp: 0x554d7b00
Exception code: 0x0eedfade
Fault offset: 0x0000812f
Faulting process id: 0x20c
Faulting application start time: 0xSynesis.exe0
Faulting application path: Synesis.exe1
Faulting module path: Synesis.exe2
Report Id: Synesis.exe3
 
Error: (07/07/2015 08:42:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/06/2015 09:07:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/03/2015 07:48:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/02/2015 08:13:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/01/2015 08:13:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (07/10/2015 08:52:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 08:51:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/10/2015 08:02:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error: 
%%2
 
Error: (07/10/2015 08:00:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}
 
Error: (07/10/2015 08:00:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/09/2015 08:24:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error: 
%%2
 
Error: (07/09/2015 08:23:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/08/2015 07:17:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error: 
%%2
 
Error: (07/08/2015 07:16:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}
 
Error: (07/08/2015 07:16:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
Microsoft Office:
=========================
Error: (07/10/2015 08:51:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2015 08:01:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2015 08:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/08/2015 07:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:58:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Synesis.exe4.0.0.054b6505cKERNELBASE.dll6.1.7601.18847554d7b000eedfade0000812f20c01d0b880e85a9c96C:\Firma\Synesis\Synesis.exeC:\Windows\system32\KERNELBASE.dllbdaf9211-248e-11e5-9b9c-ac162d042524
 
Error: (07/07/2015 08:42:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/06/2015 09:07:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/03/2015 07:48:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/02/2015 08:13:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/01/2015 08:13:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 84%
Total physical RAM: 1930.02 MB
Available physical RAM: 289.61 MB
Total Virtual: 3860.03 MB
Available Virtual: 1205.31 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:465.66 GB) (Free:419.19 GB) NTFS
Drive p: (OS) (Network) (Total:465.66 GB) (Free:419.19 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B94BD413)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End of log ============================

  • 0

Advertisements

#2
pystryker
Posted 12 July 2015 - 12:34 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:

Hi, could you please post the FRST.txt log for my review? It will be located in the same directory as from where you ran FRST from. In this case here: C:\Users\User 1\Downloads

Once you have posted that log, please move FRST.exe to the desktop. All tools must be run from the desktop. :thumbsup:
  • 0

#3
djuka0220
Posted 13 July 2015 - 03:39 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:

Hi, could you please post the FRST.txt log for my review? It will be located in the same directory as from where you ran FRST from. In this case here: C:\Users\User 1\Downloads

Once you have posted that log, please move FRST.exe to the desktop. All tools must be run from the desktop. :thumbsup:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-07-2015
Ran by User 1 (administrator) on B-04854 on 10-07-2015 12:59:29
Running from C:\Users\User 1\Downloads
Loaded Profiles: User 1 (Available Profiles: User 1)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\CSP\1.5.495.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(OldTimer Tools) C:\Users\User 1\Downloads\OTL.exe
(Pupilla d.o.o.) C:\Firma\Synesis\Synesis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582800 2015-05-13] (McAfee, Inc.)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\Run: [UzhH] => rundll32.exe C:\Users\USER1~1\AppData\Roaming\98A1.tmp eYlYRpkQBc2JPs
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088609-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088613-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-07-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
URLSearchHook: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yah...psg&type=CMDTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {90522716-091D-49F4-940C-3EDD477B6E0F} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yah...psg&type=CMDTDF
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{5FF1EC8F-CCA4-49F4-9214-19786B5FBF3F}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{97110541-10EE-43F6-A878-D65C8BA9F75D}: [DhcpNameServer] 192.168.5.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103307149-622382959-3800831923-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\User 1\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2103307149-622382959-3800831923-1000: @talk.google.com/O1DPlugin -> C:\Users\User 1\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2103307149-622382959-3800831923-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2103307149-622382959-3800831923-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2103307149-622382959-3800831923-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User 1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-11-12] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\User 1\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User 1\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor [2011-06-28]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-06-28]
 
Chrome: 
=======
CHR Profile: C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-24]
CHR Extension: (Google Docs) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-24]
CHR Extension: (Google Drive) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-24]
CHR Extension: (YouTube) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-24]
CHR Extension: (Google Search) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-24]
CHR Extension: (Google Sheets) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-24]
CHR Extension: (SiteAdvisor) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-06-24]
CHR Extension: (Chrome Remote Desktop) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-06-29]
CHR Extension: (AdBlock) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-24]
CHR Extension: (Gmail) - C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-24]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2015-07-07]
CHR HKU\S-1-5-21-2103307149-622382959-3800831923-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\USER1~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-03-20]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-11-07] (Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-05-06] (McAfee, Inc.)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [110752 2010-09-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-07-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [691968 2015-05-13] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [180064 2015-06-04] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-05-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [478752 2015-05-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-04-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [335600 2015-05-14] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-04-08] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-05-06] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [1121304 2010-10-22] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [141968 2014-04-17] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1445888 2013-06-28] (Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-04-08] (McAfee, Inc.)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [358224 2012-08-10] (Intel Corporation)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM52x32.sys [264464 2010-08-14] (Intel® Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP52X32.sys [57616 2010-08-14] (Intel® Corporation)
R3 MEI; C:\Windows\system32\drivers\HECI.sys [41088 2010-10-20] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [306368 2015-04-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260600 2015-04-08] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-04-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-04-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648744 2015-04-08] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380848 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [214736 2015-04-08] (McAfee, Inc.)
S3 CpqDtct; \??\C:\Windows\system32\Drivers\Cpqdtct.sys [X]
S3 cpuz134; \??\C:\Users\USER1~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-10 12:59 - 2015-07-10 13:00 - 00020814 _____ C:\Users\User 1\Downloads\FRST.txt
2015-07-10 12:59 - 2015-07-10 12:59 - 00000000 ____D C:\FRST
2015-07-10 12:58 - 2015-07-10 12:58 - 01636352 _____ (Farbar) C:\Users\User 1\Downloads\FRST.exe
2015-07-10 09:40 - 2015-07-10 12:35 - 00046842 _____ C:\Users\User 1\Downloads\Extras.Txt
2015-07-10 09:39 - 2015-07-10 12:34 - 00135516 _____ C:\Users\User 1\Downloads\OTL.Txt
2015-07-10 09:20 - 2015-07-10 09:21 - 00602112 _____ (OldTimer Tools) C:\Users\User 1\Downloads\OTL.exe
2015-07-10 09:14 - 2015-07-10 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-10 08:39 - 2015-07-10 08:39 - 17597104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-07-06 14:40 - 2015-07-06 14:40 - 00513492 _____ C:\Users\User 1\Downloads\2015001-2015142.csv
2015-07-06 09:38 - 2015-07-06 09:38 - 00013945 _____ C:\Users\User 1\Downloads\2015142-2015142.html
2015-07-06 09:37 - 2015-07-06 09:37 - 00018081 _____ C:\Users\User 1\Downloads\2015141-2015141.html
2015-07-06 09:37 - 2015-07-06 09:37 - 00016866 _____ C:\Users\User 1\Downloads\2015140-2015140.html
2015-07-06 09:36 - 2015-07-06 09:36 - 00024198 _____ C:\Users\User 1\Downloads\2015139-2015139.html
2015-07-06 09:35 - 2015-07-06 09:35 - 00027859 _____ C:\Users\User 1\Downloads\2015138-2015138.html
2015-07-06 09:35 - 2015-07-06 09:35 - 00015730 _____ C:\Users\User 1\Downloads\2015137-2015137.html
2015-06-29 13:50 - 2015-06-29 13:50 - 00000000 ____D C:\ProgramData\Google
2015-06-29 13:48 - 2015-06-29 13:48 - 08180736 _____ C:\Users\User 1\Downloads\chromeremotedesktophost.msi
2015-06-29 13:36 - 2015-06-29 13:36 - 00000000 ____D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 08:24 - 2015-06-29 08:24 - 00019444 _____ C:\Users\User 1\Downloads\2015136-2015136.html
2015-06-29 08:22 - 2015-06-29 08:22 - 00018861 _____ C:\Users\User 1\Downloads\2015135-2015135.html
2015-06-29 08:21 - 2015-06-29 08:21 - 00017508 _____ C:\Users\User 1\Downloads\2015134-2015134.html
2015-06-27 11:10 - 2015-06-27 11:10 - 00499712 _____ (Корпорация Майкрософт (Microsoft Corp.)) C:\Users\User 1\AppData\Roaming\CF9D.tmp
2015-06-24 15:04 - 2015-07-08 07:58 - 00002087 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-24 15:04 - 2015-06-24 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-23 09:49 - 2015-06-23 09:49 - 00018179 _____ C:\Users\User 1\Downloads\2015132-2015132.html
2015-06-23 09:49 - 2015-06-23 09:49 - 00017519 _____ C:\Users\User 1\Downloads\2015133-2015133.html
2015-06-23 09:48 - 2015-06-23 09:48 - 00024169 _____ C:\Users\User 1\Downloads\2015131-2015131.html
2015-06-23 09:47 - 2015-06-23 09:47 - 00019898 _____ C:\Users\User 1\Downloads\2015130-2015130.html
2015-06-23 09:45 - 2015-06-23 09:45 - 00014487 _____ C:\Users\User 1\Downloads\2015129-2015129.html
2015-06-15 15:34 - 2015-06-15 15:34 - 00013339 _____ C:\Users\User 1\Downloads\2015128-2015128.html
2015-06-15 15:33 - 2015-06-15 15:33 - 00026786 _____ C:\Users\User 1\Downloads\2015126-2015126.html
2015-06-15 15:33 - 2015-06-15 15:33 - 00018688 _____ C:\Users\User 1\Downloads\2015127-2015127.html
2015-06-15 15:32 - 2015-06-15 15:32 - 00017604 _____ C:\Users\User 1\Downloads\2015124-2015124.html
2015-06-15 15:32 - 2015-06-15 15:32 - 00017525 _____ C:\Users\User 1\Downloads\2015125-2015125.html
2015-06-15 15:32 - 2015-06-15 15:32 - 00017522 _____ C:\Users\User 1\Downloads\2015123-2015123.html
2015-06-11 08:57 - 2015-06-11 08:57 - 00075594 _____ C:\Users\User 1\Downloads\2015107-2015125.csv
2015-06-10 08:38 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 08:38 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 08:38 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 08:38 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 08:38 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 08:38 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 08:38 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 08:38 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 08:38 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 08:38 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 08:37 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 08:37 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 08:37 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:37 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:37 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 08:37 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 08:37 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 08:37 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 08:37 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 08:37 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 08:37 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 08:37 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 08:37 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 08:37 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 08:37 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 08:37 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 08:37 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:37 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 08:37 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 08:37 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:37 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 08:37 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:37 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 08:37 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 08:37 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 08:37 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 08:37 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 08:37 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 08:37 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:37 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 08:37 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:37 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 08:37 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:37 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 08:37 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 08:37 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 08:37 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 08:37 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 08:37 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 08:37 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 08:37 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:37 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 08:37 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 08:37 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 08:37 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 08:37 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 08:37 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 08:37 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 08:37 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 08:37 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:37 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:37 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 08:37 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 08:37 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 08:37 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 08:37 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 08:37 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-10 12:53 - 2014-05-09 13:19 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b788c8564fe.job
2015-07-10 12:50 - 2011-06-27 14:58 - 01266329 _____ C:\Windows\WindowsUpdate.log
2015-07-10 12:39 - 2012-09-15 09:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-10 12:15 - 2014-06-26 13:45 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000UA1cf91342aa72432.job
2015-07-10 12:01 - 2013-02-21 12:05 - 00197520 _____ C:\Users\User 1\Desktop\UF (2).xlsx
2015-07-10 10:15 - 2014-06-26 13:45 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2103307149-622382959-3800831923-1000Core1cf91342a36866b.job
2015-07-10 08:58 - 2009-07-14 06:34 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 08:58 - 2009-07-14 06:34 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 08:50 - 2013-03-20 11:39 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 08:50 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 08:49 - 2015-06-03 08:11 - 00001624 _____ C:\Windows\setupact.log
2015-07-10 08:48 - 2012-08-22 11:03 - 00000000 ____D C:\Users\User 1\Documents\Outlook Files
2015-07-10 08:39 - 2012-09-15 09:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-10 08:39 - 2011-06-28 10:53 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-08 14:46 - 2014-01-16 13:22 - 00047819 _____ C:\Users\User 1\Desktop\TROŠKOVI PO MJESECIMA.xlsx
2015-07-08 08:15 - 2011-05-03 09:03 - 00000000 ____D C:\ProgramData\PDFC
2015-07-08 07:15 - 2013-09-26 08:04 - 00112288 _____ C:\Windows\PFRO.log
2015-07-07 09:36 - 2012-09-20 10:12 - 00000000 ____D C:\Users\User 1\Desktop\Evidencija radnog vremena
2015-07-01 08:13 - 2012-09-17 13:55 - 00000000 ____D C:\Users\User 1\Desktop\Svašta
2015-06-29 13:54 - 2013-03-20 11:39 - 00000000 ____D C:\Program Files\Google
2015-06-24 15:04 - 2012-09-14 16:14 - 00000000 ____D C:\Users\User 1\AppData\Local\Google
2015-06-24 14:50 - 2014-12-15 16:55 - 00000000 __SHD C:\Users\User 1\AppData\Local\EmieBrowserModeList
2015-06-24 14:50 - 2014-08-04 09:12 - 00000000 __SHD C:\Users\User 1\AppData\Local\EmieUserList
2015-06-24 14:50 - 2014-08-04 09:12 - 00000000 __SHD C:\Users\User 1\AppData\Local\EmieSiteList
2015-06-23 16:01 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-23 13:27 - 2011-02-10 21:41 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 10:47 - 2014-07-22 12:35 - 00000000 ____D C:\Users\User 1\Desktop\Zvonimir
2015-06-17 08:54 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 09:40 - 2011-06-28 13:25 - 00000000 ____D C:\Program Files\Common Files\Mcafee
2015-06-12 23:54 - 2013-03-20 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-11 12:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:19 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 08:19 - 2009-07-14 06:33 - 00343472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 08:17 - 2014-12-11 09:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 08:17 - 2014-05-05 16:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 16:04 - 2012-08-20 12:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 16:00 - 2013-07-22 15:55 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 15:55 - 2011-06-27 15:45 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Files in the root of some directories =======
 
2011-06-28 08:44 - 2009-11-03 15:39 - 1702192 _____ () C:\Program Files\TeamViewerQS.exe
2015-06-27 11:10 - 2015-06-27 11:10 - 0499712 _____ (Корпорация Майкрософт (Microsoft Corp.)) C:\Users\User 1\AppData\Roaming\CF9D.tmp
 
Some files in TEMP:
====================
C:\Users\User 1\AppData\Local\Temp\expsrv.dll
C:\Users\User 1\AppData\Local\Temp\win32spl.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-03 08:29
 
==================== End of log ============================

  • 0

#4
pystryker
Posted 13 July 2015 - 04:25 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello, let's get started. :)


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Program Uninstall and Fix with FRST

Please uninstall the following program from your machine as it is an adware/malware related.
  • PDFCreator
Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Classes\.exe: => <===== ATTENTION!
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088609-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088613-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
URLSearchHook: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
BHO: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 CpqDtct; \??\C:\Windows\system32\Drivers\Cpqdtct.sys [X]
S3 cpuz134; \??\C:\Users\USER1~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3: AdwCleaner

Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleanerscreen_zpsm6wq1ei9.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 4: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

TDSSKiller Log

Update on how the machine is running.
  • 0

#5
djuka0220
Posted 14 July 2015 - 12:41 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.7 (07.13.2015:1)
OS: Windows 7 Professional x86
Ran by User 1 on 14.07.2015. at  8:36:31,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{90522716-091D-49F4-940C-3EDD477B6E0F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Program Files\application updater
Successfully deleted: [Folder] C:\Program Files\Common Files\spigot
Successfully deleted: [Folder] C:\Program Files\pdfforge toolbar
Successfully deleted: [Folder] C:\Users\User 1\appdata\locallow\pdfforge
Successfully deleted: [Folder] C:\Users\User 1\appdata\locallow\search settings
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
 
[C:\Users\User 1\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\User 1\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\User 1\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\User 1\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.07.2015. at  8:38:58,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#6
djuka0220
Posted 14 July 2015 - 12:57 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by User 1 at 2015-07-14 08:25:16 Run:1
Running from C:\Users\User 1\Desktop
Loaded Profiles: User 1 (Available Profiles: User 1)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Classes\.exe: => <===== ATTENTION!
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088609-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\MountPoints2: {d7088613-51b0-11e3-972a-ac162d042524} - E:\AutoRun.exe
URLSearchHook: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
SearchScopes: HKU\S-1-5-21-2103307149-622382959-3800831923-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=CMDTDF
BHO: pdfforge Toolbar -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\9.0\pdfforgeToolbarIE.dll [2014-03-28] (Spigot, Inc.)
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 CpqDtct; \??\C:\Windows\system32\Drivers\Cpqdtct.sys [X]
S3 cpuz134; \??\C:\Users\USER1~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User 1\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Classes\.exe" => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7088609-51b0-11e3-972a-ac162d042524}" => key removed successfully.
HKCR\CLSID\{d7088609-51b0-11e3-972a-ac162d042524} => key not found. 
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7088613-51b0-11e3-972a-ac162d042524}" => key removed successfully.
HKCR\CLSID\{d7088613-51b0-11e3-972a-ac162d042524} => key not found. 
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} => value removed successfully.
"HKCR\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}" => key removed successfully.
HKCR\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} => value removed successfully.
HKCR\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} => key not found. 
HP Health Check Service => Service removed successfully.
CpqDtct => Service removed successfully.
cpuz134 => Service removed successfully.
ew_usbenumfilter => Service removed successfully.
huawei_cdcacm => Service removed successfully.
huawei_enumerator => Service removed successfully.
huawei_ext_ctrl => Service removed successfully.
huawei_wwanecm => Service removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
"HKU\S-1-5-21-2103307149-622382959-3800831923-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {C37F05F9-CAA8-4D64-984E-BE61ED1DFE25}.
Unable to cancel {654B5C22-9C13-46F8-BC12-177848DBAD8F}.
0 out of 2 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 701.5 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 08:27:35 ====

  • 0

#7
djuka0220
Posted 14 July 2015 - 01:29 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
# AdwCleaner v4.208 - Logfile created 14/07/2015 at 08:58:27
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : User 1 - B-04854
# Running from : C:\Users\User 1\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Windows\Reimage.ini
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\pdfforge
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\pdfforge
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Application Updater
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Found : HKLM\SOFTWARE\pdfforge
Key Found : HKLM\SOFTWARE\Search Settings
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.132
 
[C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://google.com/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C48BFF78A569E987E5C1CE652A6F448828246FF0B066888ACE04F04DE6668AE9"},"default_search_provider":{"keyword":"85E9CFA406F2A9D6A3B5EE200428CA3969487AD2BC7BD43CF249D8BEEBA1F024","name":"EA83A41C11DE84EC57798CDB87423DB62B5EF00B76A78ACCC44DDF2D96F0EAB0","search_url":"3721B0E4F3A7C8A13E28B69D1FD105709F6D02ECDB12D606BD611C8234AFEAA1"},"default_search_provider_data":{"template_url_data":"6B54250C2FBA345782B96D44ED5A0CC478A2FEBD21E558D99B94AC556DB196E3"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"0990618EBF0459536AE17F37E62474DD23F7E9A8600F2B36E6BA970A51BEE1FB","ahfgeienlihckogmohjhadlkjgocpleb":"55A43F090D4DC2FECF8399F44DB56D37B907D8C6FF79B119B8543CFB10A9DE68","ahjaciijnoiaklcomgnblndopackapon":"C7F9098C63F46FFBD71A9966FFD3EC27F8CE2A6DEB815EF392827C7E35852ECD","aohghmighlieiainnegkcijnfilokake":"0EC9A088266E7B35FCF37BC7D81370D8722D18CE542E68B889B69047D4E13937","apdfllckaahabafndbhieahigkjlhalf":"1B0B9D900448C429DCCBBFB551D10507F6A8D4DCAEC9F68875C43D9CAC26C8FA","bepbmhgboaologfdajaanbcjmnhjmhfn":"C0073F7C8838491325B4AAC1EC29921B9502B38DA2813E80B12CE2552E08A912","blpcfgokakmgnkcojhhkbfbldkacnbeo":"76B10A92D69C14E74BCE7DA3AF6783CF85D680A74D2C8D38DF044ACB71326FAB","coobgpohoikkiipiblmjeljniedjpjpf":"FFEE0922212DBDF0256B686F742376F6F77BB26499A710A128EA9EB46C2A2F72","eemcgdkfndhakfknompkggombfjjjeno":"73C26066B98F90C4CB6E820E16733F60FE385F665E216EE3840A9C3F3DE5001A","ennkphjdgehloodpbhlhldgbnhmacadg":"D05D453427C305C6C0750AED0D66D78C6B5AF583DE9DD6DD0A4B78BFB5F81E24","felcaaldnbdncclmgdcncolpebgiejap":"3C1E4EE43F417A521D8278FF15FA43A473018649A2317093DE6A9327E31A80A1","fheoggkfdfchfphceeifdbepaooicaho":"D6559DD56E96C516AEF08017BBC26BCE82D9891C288368E1E3F27846D405F5E4","gbchcmhmhahfdphkhkmpfmihenigjmpp":"AE2EFB4FA08CC8531B4D311DEAEE8C1FDC28A8EB319BEEC6933016831635C4B4","gfdkimpbcpahaombhbimeihdjnejgicl":"203B39F45630E38326FD0252119887F08B13CBF4FC0DADC2D9796DD9544C1EB3","ghbeeblbbjhelodgakgednnpcchkeifl":"C8479D050BD3DFF9EB626864CA0D1D88DE893B6522020C77BB9153AA877F234C","gighmmpiobklfepjocnamgkkbiglidom":"E87F82747934FCCB8D2D92EAF3AAFBDAE1300DE65D6ABE0CFC9C08E08ABF2635","ihpplppigijgifgajmlmndhpjmggbgij":"B191865A4F089D37917E348EAC2A4497D243D2BF340042B6F8C4D61A5D7D5D6F","kmendfapggjehodndflmmgagdbamhnfd":"CA344E4CA6088BC2BB92ECE32B8C4C68849A9C06F57D9F906D9CD9F6A32FC261","lccekmodgklaepjeofjdjpbminllajkg":"516CD8CBFAB08A9BE875D2BAA7E970D6EB994F6E96929782E656385B284D4480","mfehgcgbbipciphmccgaenjidiccnmng":"21A8B46CADC9C70FF560B854D18DD7E5F57F481790FB6FE0766285BBDBDA154E","mfffpogegjflfpflabcdkioaeobkgjik":"635708DCE5753522A73A297A2AE2EF42D2714069CAD45E1D7D335B18958E9CB5","mgndgikekgjfcpckkfioiadnlibdjbkf":"08C6C386BB8190CC46D795D74785A1EC6CA02A930807F45A312256B4E8F187DE","mhjfbmdgcfjbbpaeojofohoefgiehjai":"4BB50296FD7F713BDD1B256F9F46DFD95CAB8F9370B3B4BF580C543B859E8CB7","nbpagnldghgfoolbancepceaanlmhfmd":"121D34124AA99D54E46C47DB96A05BAB406B7904BD95C214AEA6814429C05C50","neajdppkdcdipfabeoofebfddakdcjhd":"15F366704BC3C5D2ED806EBADB23A671B8FA1D0898D09632F15E94BA140968AC","nkeimhogjdpnpccoofpliimaahmaaome":"074FDFAFC8D6D65768CC67388941B53DA67A20AEE47EF6BA834FF00AC1D98C8C","nmmhkkegccagdldgiimedpiccmgmieda":"3F2ECD6EF766933A81BE39045F0ABCD816737BC27AA4434D38D8C532BB515707","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A60CD5263DF22CFA6A54343424BF697D0C77F7F31042898E7D547F453DEC8EFB","pjkljhegncpnkpknbcohdijeoejaedia":"E06DB8CC5820FAF21B72FA937468B1018EA5C539DA9A30C7FBFE85CC2326B171"}},"google":{"services":{"last_username":"D80434ABE4524A8768690EFF2E19824A65FE11081ACED72CD53BABA621C51076","username":"A22F06DD73A50EC2796EDCF323FBA7B0357142990EE23A7B8996A3614FA72E83"}},"homepage":"241FF6D66CAB5C1374F02D19A5B3B0EF23EF0CDB0D64FB36CE89C10A880F4E49","homepage_is_newtabpage":"8E00CD9BCA61EF6541A9F491CDE3959B875957867BA651BFD77CB7F7573D629F","pinned_tabs":"8EC8E3FB293C2221A4086D4CC8116363F42E992A392898CE9AE23C96608607D5","prefs":{"preference_reset_time":"2223C89A9B672AEF82CE7CD44625AD7DC3B0BC42F71D550F8670D44EDC303F88"},"profile":{"reset_prompt_memento":"C96A455F3244682031D1E42C53CEC57F772EF55F221D4FD09CDCDB1E9C0BA0FC"},"safebrowsing":{"incidents_sent":"9FD4EBB69BF0D4D715B0B360B361BD76775F44C20130D448B14EABAD98E5EA75"},"search_provider_overrides":"2F6394BB34829F52AE6447B0541A8DA0B3FCCD728EEB2AEA218E561202C00741","session":{"restore_on_startup":"C7C7CE2E1C26AC2BA0D00203B20339C1289A7306B6C78788D480A3C34584EF26","startup_urls":"64FCA2710508BD6548D853B92CE756841BC3A4CCB8A1A933E78B5CCAD27EDA57"},"software_reporter":{"prompt_reason":"71E29FFEAE698FFB33A36C1AA2B1D3D1BEC10EE87269A57812F3EDEBC1982BED","prompt_seed":"4175C8CE7479EA4B9FCCCBCCFE459BB2E1243783D50C17404D9D769A5C799B34","prompt_version":"2D3DEB68B2794A26883C81BFABA9C9B445769C2F27E6691C59EC7742BD7FE1F4"},"sync":{"remaining_rollback_tries":"38113EFEB41381D7B43116404499E48579E1F3E71DF40707867FD77555C61DD3"}},"super_mac":"47836BD4FF4FC23EC55666D9A8E0A177C8EE6ECB373855C499A879C4B7D4F852"},"session":{"restore_on_startup":5,"startup_urls":["hxxps://www.google.hr/","hxxp://isearch.avg.com/?cid={AEB1E108-3655-4A86-9E81-D4598C01AC42}&mid=187240a7c85047d0ac444dfe4b7b6ed3-7bc878c87588b2c535a176a529778cf0e86d1236&lang=en&ds=AVG&pr=fr&d=2013-01-23 18:27:14&v=14.2.0.1&pid=avg&sg=&sap=hp
[C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : 64FCA2710508BD6548D853B92CE756841BC3A4CCB8A1A933E78B5CCAD27EDA57"},"software_reporter":{"prompt_reason":"71E29FFEAE698FFB33A36C1AA2B1D3D1BEC10EE87269A57812F3EDEBC1982BED","prompt_seed":"4175C8CE7479EA4B9FCCCBCCFE459BB2E1243783D50C17404D9D769A5C799B34","prompt_version":"2D3DEB68B2794A26883C81BFABA9C9B445769C2F27E6691C59EC7742BD7FE1F4"},"sync":{"remaining_rollback_tries":"38113EFEB41381D7B43116404499E48579E1F3E71DF40707867FD77555C61DD3"}},"super_mac":"47836BD4FF4FC23EC55666D9A8E0A177C8EE6ECB373855C499A879C4B7D4F852"},"session":{"restore_on_startup":5,"startup_urls":["hxxps://www.google.hr/","hxxp://isearch.avg.com/?cid={AEB1E108-3655-4A86-9E81-D4598C01AC42}&mid=187240a7c85047d0ac444dfe4b7b6ed3-7bc878c87588b2c535a176a529778cf0e86d1236&lang=en&ds=AVG&pr=fr&d=2013-01-23 18:27:14&v=14.2.0.1&pid=avg&sg=&sap=hp
 
*************************
 
AdwCleaner[R0].txt - [8684 bytes] - [14/07/2015 08:58:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8743 bytes] ##########

  • 0

#8
djuka0220
Posted 14 July 2015 - 01:37 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
09:29:47.0180 0x11e0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:29:50.0173 0x11e0  ============================================================
09:29:50.0173 0x11e0  Current date / time: 2015/07/14 09:29:50.0173
09:29:50.0173 0x11e0  SystemInfo:
09:29:50.0173 0x11e0  
09:29:50.0173 0x11e0  OS Version: 6.1.7601 ServicePack: 1.0
09:29:50.0173 0x11e0  Product type: Workstation
09:29:50.0174 0x11e0  ComputerName: B-04854
09:29:50.0174 0x11e0  UserName: User 1
09:29:50.0174 0x11e0  Windows directory: C:\Windows
09:29:50.0174 0x11e0  System windows directory: C:\Windows
09:29:50.0174 0x11e0  Processor architecture: Intel x86
09:29:50.0174 0x11e0  Number of processors: 4
09:29:50.0174 0x11e0  Page size: 0x1000
09:29:50.0174 0x11e0  Boot type: Normal boot
09:29:50.0174 0x11e0  ============================================================
09:29:52.0486 0x11e0  KLMD registered as C:\Windows\system32\drivers\40244096.sys
09:29:53.0253 0x11e0  System UUID: {37562737-DA91-5568-4DED-57BDAE720894}
09:29:53.0955 0x11e0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:29:53.0996 0x11e0  ============================================================
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0:
09:29:53.0996 0x11e0  MBR partitions:
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800
09:29:53.0996 0x11e0  ============================================================
09:29:54.0022 0x11e0  C: <-> \Device\Harddisk0\DR0\Partition2
09:29:54.0022 0x11e0  ============================================================
09:29:54.0022 0x11e0  Initialize success
09:29:54.0022 0x11e0  ============================================================
09:30:28.0514 0x0c1c  ============================================================
09:30:28.0515 0x0c1c  Scan started
09:30:28.0515 0x0c1c  Mode: Manual; SigCheck; TDLFS; 
09:30:28.0515 0x0c1c  ============================================================
09:30:28.0515 0x0c1c  KSN ping started
09:30:30.0884 0x0c1c  KSN ping finished: true
09:30:31.0686 0x0c1c  ================ Scan system memory ========================
09:30:31.0686 0x0c1c  System memory - ok
09:30:31.0688 0x0c1c  ================ Scan services =============================
09:30:31.0817 0x0c1c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:30:31.0899 0x0c1c  1394ohci - ok
09:30:31.0952 0x0c1c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:30:31.0970 0x0c1c  ACPI - ok
09:30:31.0987 0x0c1c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:30:32.0055 0x0c1c  AcpiPmi - ok
09:30:32.0170 0x0c1c  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:30:32.0187 0x0c1c  AdobeARMservice - ok
09:30:32.0268 0x0c1c  [ 0C5C64AB1402F93013B4A24D09D2EC90, FF5E6D4CDCC0B29E0E7BD0A6271DAC6967A50292395DBF5F3CA63A27F26FE4FC ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:30:32.0297 0x0c1c  AdobeFlashPlayerUpdateSvc - ok
09:30:32.0331 0x0c1c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:30:32.0350 0x0c1c  adp94xx - ok
09:30:32.0375 0x0c1c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:30:32.0392 0x0c1c  adpahci - ok
09:30:32.0418 0x0c1c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:30:32.0440 0x0c1c  adpu320 - ok
09:30:32.0477 0x0c1c  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:30:32.0524 0x0c1c  AeLookupSvc - ok
09:30:32.0575 0x0c1c  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
09:30:32.0610 0x0c1c  AFD - ok
09:30:32.0631 0x0c1c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:30:32.0642 0x0c1c  agp440 - ok
09:30:32.0668 0x0c1c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:30:32.0680 0x0c1c  aic78xx - ok
09:30:32.0710 0x0c1c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:30:32.0747 0x0c1c  ALG - ok
09:30:32.0770 0x0c1c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:30:32.0781 0x0c1c  aliide - ok
09:30:32.0797 0x0c1c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:30:32.0810 0x0c1c  amdagp - ok
09:30:32.0822 0x0c1c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:30:32.0832 0x0c1c  amdide - ok
09:30:32.0853 0x0c1c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:30:32.0877 0x0c1c  AmdK8 - ok
09:30:32.0888 0x0c1c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:30:32.0916 0x0c1c  AmdPPM - ok
09:30:32.0927 0x0c1c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:30:32.0940 0x0c1c  amdsata - ok
09:30:32.0953 0x0c1c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:30:32.0966 0x0c1c  amdsbs - ok
09:30:32.0976 0x0c1c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:30:32.0987 0x0c1c  amdxata - ok
09:30:33.0021 0x0c1c  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
09:30:33.0063 0x0c1c  AppID - ok
09:30:33.0093 0x0c1c  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:30:33.0118 0x0c1c  AppIDSvc - ok
09:30:33.0144 0x0c1c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
09:30:33.0183 0x0c1c  Appinfo - ok
09:30:33.0222 0x0c1c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:30:33.0258 0x0c1c  AppMgmt - ok
09:30:33.0285 0x0c1c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
09:30:33.0295 0x0c1c  arc - ok
09:30:33.0309 0x0c1c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:30:33.0319 0x0c1c  arcsas - ok
09:30:33.0379 0x0c1c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:30:33.0443 0x0c1c  aspnet_state - ok
09:30:33.0472 0x0c1c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:30:33.0498 0x0c1c  AsyncMac - ok
09:30:33.0527 0x0c1c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:30:33.0536 0x0c1c  atapi - ok
09:30:33.0617 0x0c1c  [ 973732FECE8BD9F49015E6F71825EBA7, CD23DC1F98167CE34C90B80F38CCC954F854B0DAD42D5401EAC788C4F217772A ] athur           C:\Windows\system32\DRIVERS\athur.sys
09:30:33.0715 0x0c1c  athur - ok
09:30:33.0770 0x0c1c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:30:33.0807 0x0c1c  AudioEndpointBuilder - ok
09:30:33.0819 0x0c1c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:30:33.0840 0x0c1c  Audiosrv - ok
09:30:33.0873 0x0c1c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:30:33.0921 0x0c1c  AxInstSV - ok
09:30:33.0946 0x0c1c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
09:30:33.0984 0x0c1c  b06bdrv - ok
09:30:34.0003 0x0c1c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:30:34.0024 0x0c1c  b57nd60x - ok
09:30:34.0061 0x0c1c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:30:34.0095 0x0c1c  BDESVC - ok
09:30:34.0113 0x0c1c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:30:34.0144 0x0c1c  Beep - ok
09:30:34.0180 0x0c1c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:30:34.0220 0x0c1c  BFE - ok
09:30:34.0255 0x0c1c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:30:34.0308 0x0c1c  BITS - ok
09:30:34.0338 0x0c1c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:30:34.0350 0x0c1c  blbdrive - ok
09:30:34.0359 0x0c1c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:30:34.0397 0x0c1c  bowser - ok
09:30:34.0416 0x0c1c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:30:34.0435 0x0c1c  BrFiltLo - ok
09:30:34.0441 0x0c1c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:30:34.0460 0x0c1c  BrFiltUp - ok
09:30:34.0486 0x0c1c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:30:34.0521 0x0c1c  Browser - ok
09:30:34.0542 0x0c1c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:30:34.0569 0x0c1c  Brserid - ok
09:30:34.0583 0x0c1c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:30:34.0598 0x0c1c  BrSerWdm - ok
09:30:34.0610 0x0c1c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:30:34.0622 0x0c1c  BrUsbMdm - ok
09:30:34.0630 0x0c1c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:30:34.0644 0x0c1c  BrUsbSer - ok
09:30:34.0659 0x0c1c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:30:34.0676 0x0c1c  BTHMODEM - ok
09:30:34.0705 0x0c1c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:30:34.0726 0x0c1c  bthserv - ok
09:30:34.0752 0x0c1c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:30:34.0782 0x0c1c  cdfs - ok
09:30:34.0803 0x0c1c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:30:34.0824 0x0c1c  cdrom - ok
09:30:34.0843 0x0c1c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:30:34.0871 0x0c1c  CertPropSvc - ok
09:30:34.0894 0x0c1c  [ 5913652B38EBEC8A92B1412B9C3DD325, B428A0633D3F6896D8E21BF65648324497EEBAB3A07020CC56CCC3E28168039C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:30:34.0907 0x0c1c  cfwids - ok
09:30:34.0979 0x0c1c  [ 32673632DE0877CB81C7B5FCA3F57EA0, 8D30BA88EAAC089FAF89980A6246893039395EA528C12BA2CA8DDCC00780EC24 ] chromoting      C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
09:30:35.0002 0x0c1c  chromoting - ok
09:30:35.0019 0x0c1c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:30:35.0044 0x0c1c  circlass - ok
09:30:35.0071 0x0c1c  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
09:30:35.0087 0x0c1c  CLFS - ok
09:30:35.0126 0x0c1c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:30:35.0140 0x0c1c  clr_optimization_v2.0.50727_32 - ok
09:30:35.0178 0x0c1c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:30:35.0289 0x0c1c  clr_optimization_v4.0.30319_32 - ok
09:30:35.0299 0x0c1c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:30:35.0312 0x0c1c  CmBatt - ok
09:30:35.0321 0x0c1c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:30:35.0330 0x0c1c  cmdide - ok
09:30:35.0367 0x0c1c  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
09:30:35.0386 0x0c1c  CNG - ok
09:30:35.0400 0x0c1c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:30:35.0411 0x0c1c  Compbatt - ok
09:30:35.0429 0x0c1c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:30:35.0452 0x0c1c  CompositeBus - ok
09:30:35.0459 0x0c1c  COMSysApp - ok
09:30:35.0495 0x0c1c  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
09:30:35.0511 0x0c1c  cphs - ok
09:30:35.0526 0x0c1c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:30:35.0535 0x0c1c  crcdisk - ok
09:30:35.0569 0x0c1c  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:30:35.0591 0x0c1c  CryptSvc - ok
09:30:35.0614 0x0c1c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
09:30:35.0631 0x0c1c  CSC - ok
09:30:35.0666 0x0c1c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
09:30:35.0696 0x0c1c  CscService - ok
09:30:35.0727 0x0c1c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:30:35.0774 0x0c1c  DcomLaunch - ok
09:30:35.0793 0x0c1c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:30:35.0827 0x0c1c  defragsvc - ok
09:30:35.0850 0x0c1c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:30:35.0872 0x0c1c  DfsC - ok
09:30:35.0904 0x0c1c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:30:35.0942 0x0c1c  Dhcp - ok
09:30:36.0025 0x0c1c  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:30:36.0078 0x0c1c  DiagTrack - ok
09:30:36.0114 0x0c1c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:30:36.0150 0x0c1c  discache - ok
09:30:36.0178 0x0c1c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
09:30:36.0188 0x0c1c  Disk - ok
09:30:36.0199 0x0c1c  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:30:36.0230 0x0c1c  dmvsc - ok
09:30:36.0255 0x0c1c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:30:36.0282 0x0c1c  Dnscache - ok
09:30:36.0299 0x0c1c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:30:36.0332 0x0c1c  dot3svc - ok
09:30:36.0344 0x0c1c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:30:36.0376 0x0c1c  DPS - ok
09:30:36.0402 0x0c1c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:30:36.0422 0x0c1c  drmkaud - ok
09:30:36.0459 0x0c1c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:30:36.0491 0x0c1c  DXGKrnl - ok
09:30:36.0532 0x0c1c  [ 884870CD3BF7BA07E57605685AAC3785, 407419F6EC3EDBAEC853E9745EACFE0606377022F15DC1BE778BDD7B02A0CA1C ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
09:30:36.0547 0x0c1c  e1cexpress - ok
09:30:36.0574 0x0c1c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:30:36.0603 0x0c1c  EapHost - ok
09:30:36.0698 0x0c1c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
09:30:36.0827 0x0c1c  ebdrv - ok
09:30:36.0860 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS             C:\Windows\System32\lsass.exe
09:30:36.0880 0x0c1c  EFS - ok
09:30:36.0930 0x0c1c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:30:36.0976 0x0c1c  ehRecvr - ok
09:30:36.0989 0x0c1c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:30:37.0003 0x0c1c  ehSched - ok
09:30:37.0036 0x0c1c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:30:37.0064 0x0c1c  elxstor - ok
09:30:37.0109 0x0c1c  [ E9EFCB47B90FD5498695BB7FEFD36CAE, 453B956C99C4D3626B0B0BDB449E9F0283D01AD50C331E298D219B4710BD6870 ] EpsonScanSvc    C:\Windows\system32\EscSvc.exe
09:30:37.0120 0x0c1c  EpsonScanSvc - ok
09:30:37.0160 0x0c1c  [ CBC7E60715F54D8ABC5E577CCFF6B039, 0F2343CC9D6E5E9BC525AE86B23B64E1EA3AA75AE8F5DC36A5DD46EC15D16043 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
09:30:37.0170 0x0c1c  EPSON_PM_RPCV4_05 - ok
09:30:37.0184 0x0c1c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:30:37.0205 0x0c1c  ErrDev - ok
09:30:37.0241 0x0c1c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:30:37.0274 0x0c1c  EventSystem - ok
09:30:37.0300 0x0c1c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:30:37.0333 0x0c1c  exfat - ok
09:30:37.0358 0x0c1c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:30:37.0390 0x0c1c  fastfat - ok
09:30:37.0433 0x0c1c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:30:37.0476 0x0c1c  Fax - ok
09:30:37.0501 0x0c1c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
09:30:37.0514 0x0c1c  fdc - ok
09:30:37.0530 0x0c1c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:30:37.0559 0x0c1c  fdPHost - ok
09:30:37.0576 0x0c1c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:30:37.0596 0x0c1c  FDResPub - ok
09:30:37.0605 0x0c1c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:30:37.0615 0x0c1c  FileInfo - ok
09:30:37.0636 0x0c1c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:30:37.0666 0x0c1c  Filetrace - ok
09:30:37.0673 0x0c1c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:30:37.0685 0x0c1c  flpydisk - ok
09:30:37.0706 0x0c1c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:30:37.0718 0x0c1c  FltMgr - ok
09:30:37.0764 0x0c1c  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
09:30:37.0838 0x0c1c  FontCache - ok
09:30:37.0897 0x0c1c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:30:37.0914 0x0c1c  FontCache3.0.0.0 - ok
09:30:37.0935 0x0c1c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:30:37.0945 0x0c1c  FsDepends - ok
09:30:37.0952 0x0c1c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:30:37.0962 0x0c1c  Fs_Rec - ok
09:30:37.0981 0x0c1c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:30:38.0002 0x0c1c  fvevol - ok
09:30:38.0019 0x0c1c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:30:38.0029 0x0c1c  gagp30kx - ok
09:30:38.0065 0x0c1c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:30:38.0108 0x0c1c  gpsvc - ok
09:30:38.0176 0x0c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:30:38.0194 0x0c1c  gupdate - ok
09:30:38.0205 0x0c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:30:38.0214 0x0c1c  gupdatem - ok
09:30:38.0235 0x0c1c  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
09:30:38.0244 0x0c1c  hamachi - ok
09:30:38.0255 0x0c1c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:30:38.0289 0x0c1c  hcw85cir - ok
09:30:38.0306 0x0c1c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:30:38.0334 0x0c1c  HdAudAddService - ok
09:30:38.0354 0x0c1c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:30:38.0377 0x0c1c  HDAudBus - ok
09:30:38.0395 0x0c1c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:30:38.0407 0x0c1c  HidBatt - ok
09:30:38.0416 0x0c1c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:30:38.0430 0x0c1c  HidBth - ok
09:30:38.0443 0x0c1c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:30:38.0456 0x0c1c  HidIr - ok
09:30:38.0478 0x0c1c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
09:30:38.0501 0x0c1c  hidserv - ok
09:30:38.0521 0x0c1c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:30:38.0550 0x0c1c  HidUsb - ok
09:30:38.0573 0x0c1c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:30:38.0594 0x0c1c  hkmsvc - ok
09:30:38.0605 0x0c1c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:30:38.0638 0x0c1c  HomeGroupListener - ok
09:30:38.0671 0x0c1c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:30:38.0692 0x0c1c  HomeGroupProvider - ok
09:30:38.0796 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:38.0809 0x0c1c  HomeNetSvc - ok
09:30:38.0911 0x0c1c  [ 184C500CB9F69585F3FE85E1D2667CD8, 188452FC824305F24F2021432DB4A9170F1F0DEEDF2245A16D01EF27511FD365 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
09:30:38.0948 0x0c1c  hpqwmiex - ok
09:30:38.0968 0x0c1c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:30:38.0979 0x0c1c  HpSAMD - ok
09:30:39.0006 0x0c1c  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:30:39.0047 0x0c1c  HTTP - ok
09:30:39.0091 0x0c1c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:30:39.0100 0x0c1c  hwpolicy - ok
09:30:39.0124 0x0c1c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:30:39.0149 0x0c1c  i8042prt - ok
09:30:39.0171 0x0c1c  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
09:30:39.0184 0x0c1c  iaStor - ok
09:30:39.0206 0x0c1c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:30:39.0225 0x0c1c  iaStorV - ok
09:30:39.0310 0x0c1c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:30:39.0347 0x0c1c  idsvc - ok
09:30:39.0377 0x0c1c  IEEtwCollectorService - ok
09:30:39.0398 0x0c1c  [ 34953BB9336540D2C029DF4AF01A5240, 3F64BC88618DA7D027E32FB54A55AAB1939A3B79A91BA64862BC2C99F4E0843D ] IFCoEMP         C:\Windows\system32\drivers\ifM52x32.sys
09:30:39.0411 0x0c1c  IFCoEMP - ok
09:30:39.0435 0x0c1c  [ 16E1452FD825B6F0BDB7ECA83C73BD24, B16F32E06B9BDB5890F4886624DC5EAD1851CF1A6FC0BA414B2537F49E604466 ] IFCoEVB         C:\Windows\system32\drivers\ifP52X32.sys
09:30:39.0444 0x0c1c  IFCoEVB - ok
09:30:39.0556 0x0c1c  [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:30:39.0692 0x0c1c  igfx - ok
09:30:39.0708 0x0c1c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:30:39.0720 0x0c1c  iirsp - ok
09:30:39.0765 0x0c1c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:30:39.0794 0x0c1c  IKEEXT - ok
09:30:39.0811 0x0c1c  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\drivers\Impcd.sys
09:30:39.0865 0x0c1c  Impcd - ok
09:30:39.0963 0x0c1c  [ 29F8775BB2DEC2BB038FAB1A7AC05482, 132B74B46A02099786B4F0EE38F98F87822B6520AF71C0F3F0363655E5CDA6BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:30:40.0098 0x0c1c  IntcAzAudAddService - ok
09:30:40.0196 0x0c1c  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:30:40.0252 0x0c1c  IntcDAud - ok
09:30:40.0284 0x0c1c  [ F2C6FB081B707863A0A21D639F325475, 1C2C8729AB71AA0F67AFB431586CFAC077FE7067F00FDA9A62545724864F0F32 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
09:30:40.0295 0x0c1c  Intel® PROSet Monitoring Service - ok
09:30:40.0309 0x0c1c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:30:40.0319 0x0c1c  intelide - ok
09:30:40.0340 0x0c1c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:30:40.0363 0x0c1c  intelppm - ok
09:30:40.0376 0x0c1c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:30:40.0399 0x0c1c  IPBusEnum - ok
09:30:40.0417 0x0c1c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:30:40.0453 0x0c1c  IpFilterDriver - ok
09:30:40.0484 0x0c1c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:30:40.0523 0x0c1c  iphlpsvc - ok
09:30:40.0536 0x0c1c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:30:40.0559 0x0c1c  IPMIDRV - ok
09:30:40.0581 0x0c1c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:30:40.0604 0x0c1c  IPNAT - ok
09:30:40.0627 0x0c1c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:30:40.0641 0x0c1c  IRENUM - ok
09:30:40.0657 0x0c1c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:30:40.0666 0x0c1c  isapnp - ok
09:30:40.0698 0x0c1c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:30:40.0713 0x0c1c  iScsiPrt - ok
09:30:40.0774 0x0c1c  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:30:40.0784 0x0c1c  IviRegMgr - ok
09:30:40.0801 0x0c1c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:30:40.0812 0x0c1c  kbdclass - ok
09:30:40.0831 0x0c1c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:30:40.0854 0x0c1c  kbdhid - ok
09:30:40.0865 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso          C:\Windows\system32\lsass.exe
09:30:40.0877 0x0c1c  KeyIso - ok
09:30:40.0911 0x0c1c  [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:30:40.0922 0x0c1c  KSecDD - ok
09:30:40.0959 0x0c1c  [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:30:40.0987 0x0c1c  KSecPkg - ok
09:30:41.0021 0x0c1c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:30:41.0062 0x0c1c  KtmRm - ok
09:30:41.0146 0x0c1c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:30:41.0184 0x0c1c  LanmanServer - ok
09:30:41.0209 0x0c1c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:30:41.0236 0x0c1c  LanmanWorkstation - ok
09:30:41.0273 0x0c1c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:30:41.0295 0x0c1c  lltdio - ok
09:30:41.0321 0x0c1c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:30:41.0349 0x0c1c  lltdsvc - ok
09:30:41.0363 0x0c1c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:30:41.0388 0x0c1c  lmhosts - ok
09:30:41.0462 0x0c1c  [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:30:41.0477 0x0c1c  LMS - ok
09:30:41.0505 0x0c1c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:30:41.0518 0x0c1c  LSI_FC - ok
09:30:41.0540 0x0c1c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:30:41.0552 0x0c1c  LSI_SAS - ok
09:30:41.0565 0x0c1c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:30:41.0579 0x0c1c  LSI_SAS2 - ok
09:30:41.0590 0x0c1c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:30:41.0603 0x0c1c  LSI_SCSI - ok
09:30:41.0631 0x0c1c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:30:41.0666 0x0c1c  luafv - ok
09:30:41.0730 0x0c1c  [ D53F88363A5FCF8D9CB458E4A8A90A6B, D3553709339EABE63E149D4B2376CFABC71F23E5EF066B104813EC9323C943CB ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
09:30:41.0754 0x0c1c  McAfee SiteAdvisor Service - ok
09:30:41.0828 0x0c1c  [ A3F0CA55B9938FA478FDD8A1E1EC3CF5, 49F917A958B61B86EDED30D6083ED2A367AB053FB3A68FF9ECBCC27E527184A5 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
09:30:41.0861 0x0c1c  McAPExe - ok
09:30:41.0911 0x0c1c  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
09:30:41.0931 0x0c1c  McComponentHostService - ok
09:30:42.0087 0x0c1c  [ D3BAE19174BAAA2551ECA9B4DB391ECC, AA8EF9C0B9837055681EB3B2DDEE8CD752DED7AFDA3FA5B12FFDB6F2C172DAA6 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
09:30:42.0099 0x0c1c  mccspsvc - ok
09:30:42.0258 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:42.0314 0x0c1c  McNaiAnn - ok
09:30:42.0634 0x0c1c  [ BA5FC7C3551E6F107A5392E9B6DAEB42, 5161D736FE1FFCD16BFE89644BB33E030C64DEBCB1369209749419FFC9173758 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
09:30:42.0714 0x0c1c  McODS - ok
09:30:42.0772 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:42.0802 0x0c1c  mcpltsvc - ok
09:30:42.0991 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:43.0004 0x0c1c  McProxy - ok
09:30:43.0053 0x0c1c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:30:43.0066 0x0c1c  Mcx2Svc - ok
09:30:43.0140 0x0c1c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:30:43.0152 0x0c1c  megasas - ok
09:30:43.0228 0x0c1c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:30:43.0241 0x0c1c  MegaSR - ok
09:30:43.0273 0x0c1c  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\drivers\HECI.sys
09:30:43.0332 0x0c1c  MEI - ok
09:30:43.0382 0x0c1c  [ AAF01565969E11AD31AF7E311FDE4E71, 3BCFD3EE65F0E61280469FBAA70CB9ED74C35AFD9CFFE59FA2EC2BE822F486EC ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
09:30:43.0397 0x0c1c  mfeaack - ok
09:30:43.0480 0x0c1c  [ EF6DDC9D53B92134471E99B67F1FF2C2, 751FBD0D4282CF4E70F4C2103F215B9E6CA56CEF25A76971C370128023450DF9 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:30:43.0493 0x0c1c  mfeavfk - ok
09:30:43.0580 0x0c1c  [ F6864C57877B3B54B1018E2E472C65FA, 6CCA88DC66C5619E0664AE428F179E57F081F1F9C1FB6064DC75744AC27ADE6C ] mfedisk         C:\Windows\system32\DRIVERS\mfedisk.sys
09:30:43.0591 0x0c1c  mfedisk - ok
09:30:43.0630 0x0c1c  [ 805460E8989D62BB17DC482BAA614ABF, 59D5D5D429F572298C65317B0CBEEAE9CF1336D43196AECE6401F4170B403AE9 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:30:43.0641 0x0c1c  mfefire - ok
09:30:43.0662 0x0c1c  [ 626F942C4739830D7AB2DC75B3A4F01B, B240609971DB8E18208A2B7E9178CBF20EBC675DBBAB56627AC2C7CA99586812 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:30:43.0678 0x0c1c  mfefirek - ok
09:30:43.0718 0x0c1c  [ E7920472CBCC49BC15AAF5667EEECDF5, 7576C66CA077D6082F3F7D4B6CD1A603BC23D2B48DC0330D28DB656F7101798D ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:30:43.0739 0x0c1c  mfehidk - ok
09:30:43.0778 0x0c1c  [ 56C9225F112D8942D12EF03A282648D3, 82ACB3C928ED8D349B79496129EF785538A7EEBF39B5B8D837E2AEB0CE0BF869 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
09:30:43.0793 0x0c1c  mfemms - ok
09:30:43.0833 0x0c1c  [ 465256E538D72C7F64664AE07EEC5C29, 0296B80129109668C023B89E0B220149783CAD580C2165EC7E67650C3C5E1D0C ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
09:30:43.0848 0x0c1c  mfencbdc - ok
09:30:43.0866 0x0c1c  [ 5D9DE24748C9298B5828D7113E29FAE4, 1A2FCB4DD68EFA48B99225C9DA7A66DA61996D22CC07226B60DAA85B9CEDDC1E ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
09:30:43.0876 0x0c1c  mfencrk - ok
09:30:43.0902 0x0c1c  [ 3DFF51796390CADEC11D4DF739C2B6FF, 75C2C704DFF7FC34A4FBD0B796EB073DF43F066D1E79672A802B2DCD1AB018E3 ] mfevtp          C:\Windows\system32\mfevtps.exe
09:30:43.0915 0x0c1c  mfevtp - ok
09:30:43.0944 0x0c1c  [ FF1BEE0745AF98EE69A88DBA710E0538, 6D6B5821187884CA1D952D290C100DAD5740CDCDADDC922522EC51619B3CDF98 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:30:43.0956 0x0c1c  mfewfpk - ok
09:30:43.0974 0x0c1c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:30:43.0995 0x0c1c  MMCSS - ok
09:30:44.0009 0x0c1c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:30:44.0041 0x0c1c  Modem - ok
09:30:44.0080 0x0c1c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:30:44.0091 0x0c1c  monitor - ok
09:30:44.0148 0x0c1c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:30:44.0166 0x0c1c  mouclass - ok
09:30:44.0172 0x0c1c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:30:44.0193 0x0c1c  mouhid - ok
09:30:44.0215 0x0c1c  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:30:44.0225 0x0c1c  mountmgr - ok
09:30:44.0241 0x0c1c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:30:44.0252 0x0c1c  mpio - ok
09:30:44.0277 0x0c1c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:30:44.0307 0x0c1c  mpsdrv - ok
09:30:44.0338 0x0c1c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:30:44.0375 0x0c1c  MpsSvc - ok
09:30:44.0395 0x0c1c  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:30:44.0430 0x0c1c  MRxDAV - ok
09:30:44.0441 0x0c1c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:30:44.0474 0x0c1c  mrxsmb - ok
09:30:44.0491 0x0c1c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:30:44.0516 0x0c1c  mrxsmb10 - ok
09:30:44.0530 0x0c1c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:30:44.0545 0x0c1c  mrxsmb20 - ok
09:30:44.0563 0x0c1c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:30:44.0572 0x0c1c  msahci - ok
09:30:44.0588 0x0c1c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:30:44.0599 0x0c1c  msdsm - ok
09:30:44.0619 0x0c1c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:30:44.0636 0x0c1c  MSDTC - ok
09:30:44.0651 0x0c1c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:30:44.0678 0x0c1c  Msfs - ok
09:30:44.0688 0x0c1c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:30:44.0709 0x0c1c  mshidkmdf - ok
09:30:44.0714 0x0c1c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:30:44.0724 0x0c1c  msisadrv - ok
09:30:44.0738 0x0c1c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:30:44.0766 0x0c1c  MSiSCSI - ok
09:30:44.0770 0x0c1c  msiserver - ok
09:30:44.0805 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] MSK80Service    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:44.0819 0x0c1c  MSK80Service - ok
09:30:44.0833 0x0c1c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:30:44.0865 0x0c1c  MSKSSRV - ok
09:30:44.0869 0x0c1c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:30:44.0894 0x0c1c  MSPCLOCK - ok
09:30:44.0898 0x0c1c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:30:44.0918 0x0c1c  MSPQM - ok
09:30:44.0937 0x0c1c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:30:44.0948 0x0c1c  MsRPC - ok
09:30:44.0963 0x0c1c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:30:44.0971 0x0c1c  mssmbios - ok
09:30:44.0975 0x0c1c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:30:44.0995 0x0c1c  MSTEE - ok
09:30:45.0004 0x0c1c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:30:45.0016 0x0c1c  MTConfig - ok
09:30:45.0033 0x0c1c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:30:45.0044 0x0c1c  Mup - ok
09:30:45.0075 0x0c1c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:30:45.0115 0x0c1c  napagent - ok
09:30:45.0147 0x0c1c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:30:45.0172 0x0c1c  NativeWifiP - ok
09:30:45.0207 0x0c1c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:30:45.0229 0x0c1c  NDIS - ok
09:30:45.0244 0x0c1c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:30:45.0264 0x0c1c  NdisCap - ok
09:30:45.0274 0x0c1c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:30:45.0307 0x0c1c  NdisTapi - ok
09:30:45.0320 0x0c1c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:30:45.0340 0x0c1c  Ndisuio - ok
09:30:45.0351 0x0c1c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:30:45.0373 0x0c1c  NdisWan - ok
09:30:45.0383 0x0c1c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:30:45.0404 0x0c1c  NDProxy - ok
09:30:45.0414 0x0c1c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:30:45.0448 0x0c1c  NetBIOS - ok
09:30:45.0464 0x0c1c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:30:45.0487 0x0c1c  NetBT - ok
09:30:45.0493 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon        C:\Windows\system32\lsass.exe
09:30:45.0513 0x0c1c  Netlogon - ok
09:30:45.0538 0x0c1c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:30:45.0568 0x0c1c  Netman - ok
09:30:45.0618 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0674 0x0c1c  NetMsmqActivator - ok
09:30:45.0680 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0697 0x0c1c  NetPipeActivator - ok
09:30:45.0722 0x0c1c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:30:45.0761 0x0c1c  netprofm - ok
09:30:45.0768 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0782 0x0c1c  NetTcpActivator - ok
09:30:45.0787 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0799 0x0c1c  NetTcpPortSharing - ok
09:30:45.0830 0x0c1c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:30:45.0840 0x0c1c  nfrd960 - ok
09:30:45.0861 0x0c1c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:30:45.0894 0x0c1c  NlaSvc - ok
09:30:45.0904 0x0c1c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:30:45.0926 0x0c1c  Npfs - ok
09:30:45.0947 0x0c1c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:30:45.0980 0x0c1c  nsi - ok
09:30:45.0985 0x0c1c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:30:46.0008 0x0c1c  nsiproxy - ok
09:30:46.0064 0x0c1c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:30:46.0110 0x0c1c  Ntfs - ok
09:30:46.0125 0x0c1c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:30:46.0144 0x0c1c  Null - ok
09:30:46.0159 0x0c1c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:30:46.0170 0x0c1c  nvraid - ok
09:30:46.0181 0x0c1c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:30:46.0192 0x0c1c  nvstor - ok
09:30:46.0206 0x0c1c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:30:46.0217 0x0c1c  nv_agp - ok
09:30:46.0225 0x0c1c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:30:46.0238 0x0c1c  ohci1394 - ok
09:30:46.0318 0x0c1c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:30:46.0339 0x0c1c  ose - ok
09:30:46.0474 0x0c1c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:30:46.0617 0x0c1c  osppsvc - ok
09:30:46.0912 0x0c1c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:30:46.0954 0x0c1c  p2pimsvc - ok
09:30:46.0983 0x0c1c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:30:47.0001 0x0c1c  p2psvc - ok
09:30:47.0030 0x0c1c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
09:30:47.0051 0x0c1c  Parport - ok
09:30:47.0065 0x0c1c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:30:47.0075 0x0c1c  partmgr - ok
09:30:47.0089 0x0c1c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:30:47.0102 0x0c1c  Parvdm - ok
09:30:47.0138 0x0c1c  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:30:47.0161 0x0c1c  PcaSvc - ok
09:30:47.0177 0x0c1c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:30:47.0188 0x0c1c  pci - ok
09:30:47.0206 0x0c1c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:30:47.0215 0x0c1c  pciide - ok
09:30:47.0232 0x0c1c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:30:47.0245 0x0c1c  pcmcia - ok
09:30:47.0258 0x0c1c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:30:47.0268 0x0c1c  pcw - ok
09:30:47.0292 0x0c1c  pdfcDispatcher - ok
09:30:47.0347 0x0c1c  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:30:47.0378 0x0c1c  PEAUTH - ok
09:30:47.0417 0x0c1c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:30:47.0465 0x0c1c  PeerDistSvc - ok
09:30:47.0517 0x0c1c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:30:47.0607 0x0c1c  pla - ok
09:30:47.0642 0x0c1c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:30:47.0667 0x0c1c  PlugPlay - ok
09:30:47.0679 0x0c1c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:30:47.0691 0x0c1c  PNRPAutoReg - ok
09:30:47.0707 0x0c1c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:30:47.0722 0x0c1c  PNRPsvc - ok
09:30:47.0759 0x0c1c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:30:47.0799 0x0c1c  PolicyAgent - ok
09:30:47.0813 0x0c1c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:30:47.0836 0x0c1c  Power - ok
09:30:47.0857 0x0c1c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:30:47.0878 0x0c1c  PptpMiniport - ok
09:30:47.0890 0x0c1c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
09:30:47.0903 0x0c1c  Processor - ok
09:30:47.0934 0x0c1c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:30:47.0961 0x0c1c  ProfSvc - ok
09:30:47.0974 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:30:47.0985 0x0c1c  ProtectedStorage - ok
09:30:48.0003 0x0c1c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:30:48.0025 0x0c1c  Psched - ok
09:30:48.0102 0x0c1c  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:30:48.0122 0x0c1c  PSI_SVC_2 - ok
09:30:48.0173 0x0c1c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:30:48.0222 0x0c1c  ql2300 - ok
09:30:48.0240 0x0c1c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:30:48.0250 0x0c1c  ql40xx - ok
09:30:48.0282 0x0c1c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:30:48.0308 0x0c1c  QWAVE - ok
09:30:48.0324 0x0c1c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:30:48.0341 0x0c1c  QWAVEdrv - ok
09:30:48.0352 0x0c1c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:30:48.0379 0x0c1c  RasAcd - ok
09:30:48.0397 0x0c1c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:30:48.0418 0x0c1c  RasAgileVpn - ok
09:30:48.0433 0x0c1c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:30:48.0455 0x0c1c  RasAuto - ok
09:30:48.0469 0x0c1c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:30:48.0490 0x0c1c  Rasl2tp - ok
09:30:48.0512 0x0c1c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:30:48.0537 0x0c1c  RasMan - ok
09:30:48.0558 0x0c1c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:30:48.0590 0x0c1c  RasPppoe - ok
09:30:48.0601 0x0c1c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:30:48.0633 0x0c1c  RasSstp - ok
09:30:48.0647 0x0c1c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:30:48.0672 0x0c1c  rdbss - ok
09:30:48.0681 0x0c1c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:30:48.0708 0x0c1c  rdpbus - ok
09:30:48.0727 0x0c1c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:30:48.0753 0x0c1c  RDPCDD - ok
09:30:48.0766 0x0c1c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:30:48.0791 0x0c1c  RDPDR - ok
09:30:48.0808 0x0c1c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:30:48.0833 0x0c1c  RDPENCDD - ok
09:30:48.0848 0x0c1c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:30:48.0868 0x0c1c  RDPREFMP - ok
09:30:48.0944 0x0c1c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:30:49.0025 0x0c1c  RdpVideoMiniport - ok
09:30:49.0066 0x0c1c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:30:49.0106 0x0c1c  RDPWD - ok
09:30:49.0139 0x0c1c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:30:49.0151 0x0c1c  rdyboost - ok
09:30:49.0177 0x0c1c  [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi            C:\Windows\system32\drivers\regi.sys
09:30:49.0185 0x0c1c  regi - ok
09:30:49.0195 0x0c1c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:30:49.0227 0x0c1c  RemoteAccess - ok
09:30:49.0253 0x0c1c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:30:49.0282 0x0c1c  RemoteRegistry - ok
09:30:49.0297 0x0c1c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:30:49.0329 0x0c1c  RpcEptMapper - ok
09:30:49.0345 0x0c1c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:30:49.0356 0x0c1c  RpcLocator - ok
09:30:49.0410 0x0c1c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:30:49.0435 0x0c1c  RpcSs - ok
09:30:49.0509 0x0c1c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:30:49.0531 0x0c1c  rspndr - ok
09:30:49.0605 0x0c1c  [ D38DFE3B2B394AF3955A2B4665D4E74D, B243EA886C472D9305568C29792D9C6D498AFD1CB99437F96BE5A4F73B119AFF ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
09:30:49.0614 0x0c1c  RtkAudioService - ok
09:30:49.0624 0x0c1c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:30:49.0659 0x0c1c  s3cap - ok
09:30:49.0672 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs           C:\Windows\system32\lsass.exe
09:30:49.0694 0x0c1c  SamSs - ok
09:30:49.0717 0x0c1c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:30:49.0727 0x0c1c  sbp2port - ok
09:30:49.0753 0x0c1c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:30:49.0775 0x0c1c  SCardSvr - ok
09:30:49.0790 0x0c1c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:30:49.0809 0x0c1c  scfilter - ok
09:30:49.0843 0x0c1c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:30:49.0889 0x0c1c  Schedule - ok
09:30:49.0911 0x0c1c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:30:49.0930 0x0c1c  SCPolicySvc - ok
09:30:49.0953 0x0c1c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:30:49.0979 0x0c1c  SDRSVC - ok
09:30:49.0989 0x0c1c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:30:50.0009 0x0c1c  secdrv - ok
09:30:50.0018 0x0c1c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:30:50.0049 0x0c1c  seclogon - ok
09:30:50.0060 0x0c1c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
09:30:50.0084 0x0c1c  SENS - ok
09:30:50.0104 0x0c1c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:30:50.0134 0x0c1c  SensrSvc - ok
09:30:50.0173 0x0c1c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:30:50.0198 0x0c1c  Serenum - ok
09:30:50.0259 0x0c1c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:30:50.0302 0x0c1c  Serial - ok
09:30:50.0311 0x0c1c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:30:50.0323 0x0c1c  sermouse - ok
09:30:50.0342 0x0c1c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:30:50.0367 0x0c1c  SessionEnv - ok
09:30:50.0380 0x0c1c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:30:50.0394 0x0c1c  sffdisk - ok
09:30:50.0405 0x0c1c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:30:50.0418 0x0c1c  sffp_mmc - ok
09:30:50.0426 0x0c1c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:30:50.0439 0x0c1c  sffp_sd - ok
09:30:50.0463 0x0c1c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:30:50.0474 0x0c1c  sfloppy - ok
09:30:50.0510 0x0c1c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:30:50.0536 0x0c1c  SharedAccess - ok
09:30:50.0556 0x0c1c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:30:50.0583 0x0c1c  ShellHWDetection - ok
09:30:50.0596 0x0c1c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:30:50.0606 0x0c1c  sisagp - ok
09:30:50.0619 0x0c1c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:30:50.0629 0x0c1c  SiSRaid2 - ok
09:30:50.0644 0x0c1c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:30:50.0654 0x0c1c  SiSRaid4 - ok
09:30:50.0703 0x0c1c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:30:50.0719 0x0c1c  SkypeUpdate - ok
09:30:50.0739 0x0c1c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:30:50.0767 0x0c1c  Smb - ok
09:30:50.0788 0x0c1c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:30:50.0800 0x0c1c  SNMPTRAP - ok
09:30:50.0810 0x0c1c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:30:50.0819 0x0c1c  spldr - ok
09:30:50.0840 0x0c1c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:30:50.0881 0x0c1c  Spooler - ok
09:30:50.0960 0x0c1c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:30:51.0067 0x0c1c  sppsvc - ok
09:30:51.0089 0x0c1c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:30:51.0110 0x0c1c  sppuinotify - ok
09:30:51.0128 0x0c1c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:30:51.0143 0x0c1c  srv - ok
09:30:51.0161 0x0c1c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:30:51.0178 0x0c1c  srv2 - ok
09:30:51.0185 0x0c1c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:30:51.0202 0x0c1c  srvnet - ok
09:30:51.0218 0x0c1c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:30:51.0253 0x0c1c  SSDPSRV - ok
09:30:51.0270 0x0c1c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:30:51.0305 0x0c1c  SstpSvc - ok
09:30:51.0315 0x0c1c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:30:51.0325 0x0c1c  stexstor - ok
09:30:51.0360 0x0c1c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:30:51.0384 0x0c1c  StiSvc - ok
09:30:51.0397 0x0c1c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:30:51.0407 0x0c1c  storflt - ok
09:30:51.0414 0x0c1c  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
09:30:51.0444 0x0c1c  StorSvc - ok
09:30:51.0461 0x0c1c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:30:51.0471 0x0c1c  storvsc - ok
09:30:51.0483 0x0c1c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:30:51.0492 0x0c1c  swenum - ok
09:30:51.0506 0x0c1c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:30:51.0546 0x0c1c  swprv - ok
09:30:51.0580 0x0c1c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
09:30:51.0631 0x0c1c  SysMain - ok
09:30:51.0648 0x0c1c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:30:51.0664 0x0c1c  TabletInputService - ok
09:30:51.0689 0x0c1c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:30:51.0714 0x0c1c  TapiSrv - ok
09:30:51.0732 0x0c1c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:30:51.0764 0x0c1c  TBS - ok
09:30:51.0854 0x0c1c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:30:51.0903 0x0c1c  Tcpip - ok
09:30:51.0947 0x0c1c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:30:51.0978 0x0c1c  TCPIP6 - ok
09:30:52.0007 0x0c1c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:30:52.0018 0x0c1c  tcpipreg - ok
09:30:52.0097 0x0c1c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:30:52.0165 0x0c1c  TDPIPE - ok
09:30:52.0333 0x0c1c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:30:52.0371 0x0c1c  TDTCP - ok
09:30:52.0419 0x0c1c  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:30:52.0496 0x0c1c  tdx - ok
09:30:52.0864 0x0c1c  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
09:30:53.0031 0x0c1c  TeamViewer9 - ok
09:30:53.0050 0x0c1c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:30:53.0060 0x0c1c  TermDD - ok
09:30:53.0100 0x0c1c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
09:30:53.0154 0x0c1c  TermService - ok
09:30:53.0175 0x0c1c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:30:53.0196 0x0c1c  Themes - ok
09:30:53.0214 0x0c1c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:30:53.0234 0x0c1c  THREADORDER - ok
09:30:53.0260 0x0c1c  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:30:53.0272 0x0c1c  TPM - ok
09:30:53.0295 0x0c1c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:30:53.0329 0x0c1c  TrkWks - ok
09:30:53.0356 0x0c1c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:30:53.0380 0x0c1c  TrustedInstaller - ok
09:30:53.0410 0x0c1c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:30:53.0421 0x0c1c  tssecsrv - ok
09:30:53.0448 0x0c1c  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:30:53.0470 0x0c1c  TsUsbFlt - ok
09:30:53.0487 0x0c1c  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:30:53.0511 0x0c1c  TsUsbGD - ok
09:30:53.0548 0x0c1c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:30:53.0569 0x0c1c  tunnel - ok
09:30:53.0582 0x0c1c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:30:53.0593 0x0c1c  uagp35 - ok
09:30:53.0613 0x0c1c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:30:53.0636 0x0c1c  udfs - ok
09:30:53.0661 0x0c1c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:30:53.0673 0x0c1c  UI0Detect - ok
09:30:53.0687 0x0c1c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:30:53.0698 0x0c1c  uliagpkx - ok
09:30:53.0717 0x0c1c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:30:53.0735 0x0c1c  umbus - ok
09:30:53.0748 0x0c1c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:30:53.0768 0x0c1c  UmPass - ok
09:30:53.0788 0x0c1c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:30:53.0803 0x0c1c  UmRdpService - ok
09:30:53.0942 0x0c1c  [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:30:54.0022 0x0c1c  UNS - ok
09:30:54.0114 0x0c1c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:30:54.0176 0x0c1c  upnphost - ok
09:30:54.0225 0x0c1c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:30:54.0314 0x0c1c  usbccgp - ok
09:30:54.0381 0x0c1c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:30:54.0433 0x0c1c  usbcir - ok
09:30:54.0634 0x0c1c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:30:54.0664 0x0c1c  usbehci - ok
09:30:54.0775 0x0c1c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:30:54.0823 0x0c1c  usbhub - ok
09:30:54.0865 0x0c1c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:30:54.0905 0x0c1c  usbohci - ok
09:30:54.0946 0x0c1c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:30:54.0965 0x0c1c  usbprint - ok
09:30:54.0997 0x0c1c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:30:55.0083 0x0c1c  usbscan - ok
09:30:55.0100 0x0c1c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:30:55.0164 0x0c1c  USBSTOR - ok
09:30:55.0185 0x0c1c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:30:55.0197 0x0c1c  usbuhci - ok
09:30:55.0223 0x0c1c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:30:55.0246 0x0c1c  UxSms - ok
09:30:55.0267 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc        C:\Windows\system32\lsass.exe
09:30:55.0278 0x0c1c  VaultSvc - ok
09:30:55.0314 0x0c1c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:30:55.0329 0x0c1c  vdrvroot - ok
09:30:55.0382 0x0c1c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:30:55.0435 0x0c1c  vds - ok
09:30:55.0464 0x0c1c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:30:55.0477 0x0c1c  vga - ok
09:30:55.0488 0x0c1c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:30:55.0509 0x0c1c  VgaSave - ok
09:30:55.0530 0x0c1c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:30:55.0542 0x0c1c  vhdmp - ok
09:30:55.0564 0x0c1c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:30:55.0574 0x0c1c  viaagp - ok
09:30:55.0584 0x0c1c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:30:55.0607 0x0c1c  ViaC7 - ok
09:30:55.0622 0x0c1c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:30:55.0632 0x0c1c  viaide - ok
09:30:55.0647 0x0c1c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:30:55.0660 0x0c1c  vmbus - ok
09:30:55.0673 0x0c1c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:30:55.0694 0x0c1c  VMBusHID - ok
09:30:55.0705 0x0c1c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:30:55.0715 0x0c1c  volmgr - ok
09:30:55.0731 0x0c1c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:30:55.0745 0x0c1c  volmgrx - ok
09:30:55.0760 0x0c1c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:30:55.0775 0x0c1c  volsnap - ok
09:30:55.0796 0x0c1c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:30:55.0808 0x0c1c  vsmraid - ok
09:30:55.0847 0x0c1c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:30:55.0895 0x0c1c  VSS - ok
09:30:55.0927 0x0c1c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:30:55.0944 0x0c1c  vwifibus - ok
09:30:55.0958 0x0c1c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:30:55.0972 0x0c1c  vwififlt - ok
09:30:55.0987 0x0c1c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:30:56.0014 0x0c1c  W32Time - ok
09:30:56.0025 0x0c1c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:30:56.0037 0x0c1c  WacomPen - ok
09:30:56.0115 0x0c1c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:30:56.0148 0x0c1c  WANARP - ok
09:30:56.0152 0x0c1c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:30:56.0172 0x0c1c  Wanarpv6 - ok
09:30:56.0415 0x0c1c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:30:56.0474 0x0c1c  WatAdminSvc - ok
09:30:56.0625 0x0c1c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:30:56.0697 0x0c1c  wbengine - ok
09:30:56.0720 0x0c1c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:30:56.0744 0x0c1c  WbioSrvc - ok
09:30:56.0763 0x0c1c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:30:56.0793 0x0c1c  wcncsvc - ok
09:30:56.0806 0x0c1c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:30:56.0834 0x0c1c  WcsPlugInService - ok
09:30:56.0854 0x0c1c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:30:56.0863 0x0c1c  Wd - ok
09:30:56.0900 0x0c1c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:30:56.0921 0x0c1c  Wdf01000 - ok
09:30:56.0944 0x0c1c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:30:56.0966 0x0c1c  WdiServiceHost - ok
09:30:56.0972 0x0c1c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:30:56.0984 0x0c1c  WdiSystemHost - ok
09:30:56.0997 0x0c1c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
09:30:57.0037 0x0c1c  WebClient - ok
09:30:57.0070 0x0c1c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:30:57.0107 0x0c1c  Wecsvc - ok
09:30:57.0120 0x0c1c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:30:57.0141 0x0c1c  wercplsupport - ok
09:30:57.0149 0x0c1c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:30:57.0173 0x0c1c  WerSvc - ok
09:30:57.0202 0x0c1c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:30:57.0232 0x0c1c  WfpLwf - ok
09:30:57.0247 0x0c1c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:30:57.0256 0x0c1c  WIMMount - ok
09:30:57.0325 0x0c1c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:30:57.0363 0x0c1c  WinDefend - ok
09:30:57.0382 0x0c1c  WinHttpAutoProxySvc - ok
09:30:57.0422 0x0c1c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:30:57.0451 0x0c1c  Winmgmt - ok
09:30:57.0507 0x0c1c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:30:57.0575 0x0c1c  WinRM - ok
09:30:57.0607 0x0c1c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
09:30:57.0619 0x0c1c  WinUsb - ok
09:30:57.0651 0x0c1c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:30:57.0693 0x0c1c  Wlansvc - ok
09:30:57.0775 0x0c1c  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:30:57.0838 0x0c1c  wlidsvc - ok
09:30:57.0859 0x0c1c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:30:57.0870 0x0c1c  WmiAcpi - ok
09:30:57.0895 0x0c1c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:30:57.0908 0x0c1c  wmiApSrv - ok
09:30:57.0969 0x0c1c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:30:58.0021 0x0c1c  WMPNetworkSvc - ok
09:30:58.0055 0x0c1c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:30:58.0139 0x0c1c  WPCSvc - ok
09:30:58.0174 0x0c1c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:30:58.0214 0x0c1c  WPDBusEnum - ok
09:30:58.0237 0x0c1c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:30:58.0258 0x0c1c  ws2ifsl - ok
09:30:58.0275 0x0c1c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:30:58.0291 0x0c1c  wscsvc - ok
09:30:58.0326 0x0c1c  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:30:58.0339 0x0c1c  WSDPrintDevice - ok
09:30:58.0363 0x0c1c  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
09:30:58.0380 0x0c1c  WSDScan - ok
09:30:58.0384 0x0c1c  WSearch - ok
09:30:58.0456 0x0c1c  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\Windows\system32\wuaueng.dll
09:30:58.0532 0x0c1c  wuauserv - ok
09:30:58.0552 0x0c1c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:30:58.0584 0x0c1c  WudfPf - ok
09:30:58.0604 0x0c1c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
09:30:58.0622 0x0c1c  WUDFRd - ok
09:30:58.0649 0x0c1c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:30:58.0661 0x0c1c  wudfsvc - ok
09:30:58.0694 0x0c1c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:30:58.0716 0x0c1c  WwanSvc - ok
09:30:58.0729 0x0c1c  ================ Scan global ===============================
09:30:58.0747 0x0c1c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:30:58.0787 0x0c1c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:30:58.0805 0x0c1c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:30:58.0829 0x0c1c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:30:58.0866 0x0c1c  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:30:58.0872 0x0c1c  [ Global ] - ok
09:30:58.0873 0x0c1c  ================ Scan MBR ==================================
09:30:58.0877 0x0c1c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:30:59.0075 0x0c1c  \Device\Harddisk0\DR0 - ok
09:30:59.0075 0x0c1c  ================ Scan VBR ==================================
09:30:59.0100 0x0c1c  [ 428458C2B85CCB82BA194A733F8EBA0A ] \Device\Harddisk0\DR0\Partition1
09:30:59.0102 0x0c1c  \Device\Harddisk0\DR0\Partition1 - ok
09:30:59.0106 0x0c1c  [ A6D148DB25320481C3F66AC65347391F ] \Device\Harddisk0\DR0\Partition2
09:30:59.0109 0x0c1c  \Device\Harddisk0\DR0\Partition2 - ok
09:30:59.0109 0x0c1c  ================ Scan generic autorun ======================
09:30:59.0179 0x0c1c  [ D574CF0D3545199C4EC3F9FC1C3167B6, 4A459C58F79EFCB8024D19C8E473E58A44D05A5CCC7E6096030971DBF63F839F ] C:\Program Files\McAfee.com\Agent\mcagent.exe
09:30:59.0209 0x0c1c  mcui_exe - ok
09:30:59.0291 0x0c1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:30:59.0369 0x0c1c  Sidebar - ok
09:30:59.0406 0x0c1c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:30:59.0422 0x0c1c  mctadmin - ok
09:30:59.0459 0x0c1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:30:59.0505 0x0c1c  Sidebar - ok
09:30:59.0512 0x0c1c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:30:59.0527 0x0c1c  mctadmin - ok
09:30:59.0530 0x0c1c  UzhH - ok
09:30:59.0545 0x0c1c  Waiting for KSN requests completion. In queue: 129
09:31:00.0545 0x0c1c  Waiting for KSN requests completion. In queue: 81
09:31:01.0545 0x0c1c  Waiting for KSN requests completion. In queue: 53
09:31:02.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:03.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:04.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:05.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:06.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:07.0545 009:29:47.0180 0x11e0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:29:50.0173 0x11e0  ============================================================
09:29:50.0173 0x11e0  Current date / time: 2015/07/14 09:29:50.0173
09:29:50.0173 0x11e0  SystemInfo:
09:29:50.0173 0x11e0  
09:29:50.0173 0x11e0  OS Version: 6.1.7601 ServicePack: 1.0
09:29:50.0173 0x11e0  Product type: Workstation
09:29:50.0174 0x11e0  ComputerName: B-04854
09:29:50.0174 0x11e0  UserName: User 1
09:29:50.0174 0x11e0  Windows directory: C:\Windows
09:29:50.0174 0x11e0  System windows directory: C:\Windows
09:29:50.0174 0x11e0  Processor architecture: Intel x86
09:29:50.0174 0x11e0  Number of processors: 4
09:29:50.0174 0x11e0  Page size: 0x1000
09:29:50.0174 0x11e0  Boot type: Normal boot
09:29:50.0174 0x11e0  ============================================================
09:29:52.0486 0x11e0  KLMD registered as C:\Windows\system32\drivers\40244096.sys
09:29:53.0253 0x11e0  System UUID: {37562737-DA91-5568-4DED-57BDAE720894}
09:29:53.0955 0x11e0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:29:53.0996 0x11e0  ============================================================
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0:
09:29:53.0996 0x11e0  MBR partitions:
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:29:53.0996 0x11e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800
09:29:53.0996 0x11e0  ============================================================
09:29:54.0022 0x11e0  C: <-> \Device\Harddisk0\DR0\Partition2
09:29:54.0022 0x11e0  ============================================================
09:29:54.0022 0x11e0  Initialize success
09:29:54.0022 0x11e0  ============================================================
09:30:28.0514 0x0c1c  ============================================================
09:30:28.0515 0x0c1c  Scan started
09:30:28.0515 0x0c1c  Mode: Manual; SigCheck; TDLFS; 
09:30:28.0515 0x0c1c  ============================================================
09:30:28.0515 0x0c1c  KSN ping started
09:30:30.0884 0x0c1c  KSN ping finished: true
09:30:31.0686 0x0c1c  ================ Scan system memory ========================
09:30:31.0686 0x0c1c  System memory - ok
09:30:31.0688 0x0c1c  ================ Scan services =============================
09:30:31.0817 0x0c1c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:30:31.0899 0x0c1c  1394ohci - ok
09:30:31.0952 0x0c1c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:30:31.0970 0x0c1c  ACPI - ok
09:30:31.0987 0x0c1c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:30:32.0055 0x0c1c  AcpiPmi - ok
09:30:32.0170 0x0c1c  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:30:32.0187 0x0c1c  AdobeARMservice - ok
09:30:32.0268 0x0c1c  [ 0C5C64AB1402F93013B4A24D09D2EC90, FF5E6D4CDCC0B29E0E7BD0A6271DAC6967A50292395DBF5F3CA63A27F26FE4FC ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:30:32.0297 0x0c1c  AdobeFlashPlayerUpdateSvc - ok
09:30:32.0331 0x0c1c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:30:32.0350 0x0c1c  adp94xx - ok
09:30:32.0375 0x0c1c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:30:32.0392 0x0c1c  adpahci - ok
09:30:32.0418 0x0c1c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:30:32.0440 0x0c1c  adpu320 - ok
09:30:32.0477 0x0c1c  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:30:32.0524 0x0c1c  AeLookupSvc - ok
09:30:32.0575 0x0c1c  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
09:30:32.0610 0x0c1c  AFD - ok
09:30:32.0631 0x0c1c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:30:32.0642 0x0c1c  agp440 - ok
09:30:32.0668 0x0c1c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:30:32.0680 0x0c1c  aic78xx - ok
09:30:32.0710 0x0c1c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:30:32.0747 0x0c1c  ALG - ok
09:30:32.0770 0x0c1c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:30:32.0781 0x0c1c  aliide - ok
09:30:32.0797 0x0c1c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:30:32.0810 0x0c1c  amdagp - ok
09:30:32.0822 0x0c1c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:30:32.0832 0x0c1c  amdide - ok
09:30:32.0853 0x0c1c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:30:32.0877 0x0c1c  AmdK8 - ok
09:30:32.0888 0x0c1c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:30:32.0916 0x0c1c  AmdPPM - ok
09:30:32.0927 0x0c1c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:30:32.0940 0x0c1c  amdsata - ok
09:30:32.0953 0x0c1c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:30:32.0966 0x0c1c  amdsbs - ok
09:30:32.0976 0x0c1c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:30:32.0987 0x0c1c  amdxata - ok
09:30:33.0021 0x0c1c  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
09:30:33.0063 0x0c1c  AppID - ok
09:30:33.0093 0x0c1c  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:30:33.0118 0x0c1c  AppIDSvc - ok
09:30:33.0144 0x0c1c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
09:30:33.0183 0x0c1c  Appinfo - ok
09:30:33.0222 0x0c1c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:30:33.0258 0x0c1c  AppMgmt - ok
09:30:33.0285 0x0c1c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
09:30:33.0295 0x0c1c  arc - ok
09:30:33.0309 0x0c1c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:30:33.0319 0x0c1c  arcsas - ok
09:30:33.0379 0x0c1c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:30:33.0443 0x0c1c  aspnet_state - ok
09:30:33.0472 0x0c1c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:30:33.0498 0x0c1c  AsyncMac - ok
09:30:33.0527 0x0c1c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:30:33.0536 0x0c1c  atapi - ok
09:30:33.0617 0x0c1c  [ 973732FECE8BD9F49015E6F71825EBA7, CD23DC1F98167CE34C90B80F38CCC954F854B0DAD42D5401EAC788C4F217772A ] athur           C:\Windows\system32\DRIVERS\athur.sys
09:30:33.0715 0x0c1c  athur - ok
09:30:33.0770 0x0c1c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:30:33.0807 0x0c1c  AudioEndpointBuilder - ok
09:30:33.0819 0x0c1c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:30:33.0840 0x0c1c  Audiosrv - ok
09:30:33.0873 0x0c1c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:30:33.0921 0x0c1c  AxInstSV - ok
09:30:33.0946 0x0c1c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
09:30:33.0984 0x0c1c  b06bdrv - ok
09:30:34.0003 0x0c1c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:30:34.0024 0x0c1c  b57nd60x - ok
09:30:34.0061 0x0c1c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:30:34.0095 0x0c1c  BDESVC - ok
09:30:34.0113 0x0c1c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:30:34.0144 0x0c1c  Beep - ok
09:30:34.0180 0x0c1c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:30:34.0220 0x0c1c  BFE - ok
09:30:34.0255 0x0c1c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:30:34.0308 0x0c1c  BITS - ok
09:30:34.0338 0x0c1c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:30:34.0350 0x0c1c  blbdrive - ok
09:30:34.0359 0x0c1c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:30:34.0397 0x0c1c  bowser - ok
09:30:34.0416 0x0c1c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:30:34.0435 0x0c1c  BrFiltLo - ok
09:30:34.0441 0x0c1c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:30:34.0460 0x0c1c  BrFiltUp - ok
09:30:34.0486 0x0c1c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:30:34.0521 0x0c1c  Browser - ok
09:30:34.0542 0x0c1c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:30:34.0569 0x0c1c  Brserid - ok
09:30:34.0583 0x0c1c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:30:34.0598 0x0c1c  BrSerWdm - ok
09:30:34.0610 0x0c1c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:30:34.0622 0x0c1c  BrUsbMdm - ok
09:30:34.0630 0x0c1c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:30:34.0644 0x0c1c  BrUsbSer - ok
09:30:34.0659 0x0c1c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:30:34.0676 0x0c1c  BTHMODEM - ok
09:30:34.0705 0x0c1c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:30:34.0726 0x0c1c  bthserv - ok
09:30:34.0752 0x0c1c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:30:34.0782 0x0c1c  cdfs - ok
09:30:34.0803 0x0c1c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:30:34.0824 0x0c1c  cdrom - ok
09:30:34.0843 0x0c1c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:30:34.0871 0x0c1c  CertPropSvc - ok
09:30:34.0894 0x0c1c  [ 5913652B38EBEC8A92B1412B9C3DD325, B428A0633D3F6896D8E21BF65648324497EEBAB3A07020CC56CCC3E28168039C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:30:34.0907 0x0c1c  cfwids - ok
09:30:34.0979 0x0c1c  [ 32673632DE0877CB81C7B5FCA3F57EA0, 8D30BA88EAAC089FAF89980A6246893039395EA528C12BA2CA8DDCC00780EC24 ] chromoting      C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
09:30:35.0002 0x0c1c  chromoting - ok
09:30:35.0019 0x0c1c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:30:35.0044 0x0c1c  circlass - ok
09:30:35.0071 0x0c1c  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
09:30:35.0087 0x0c1c  CLFS - ok
09:30:35.0126 0x0c1c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:30:35.0140 0x0c1c  clr_optimization_v2.0.50727_32 - ok
09:30:35.0178 0x0c1c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:30:35.0289 0x0c1c  clr_optimization_v4.0.30319_32 - ok
09:30:35.0299 0x0c1c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:30:35.0312 0x0c1c  CmBatt - ok
09:30:35.0321 0x0c1c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:30:35.0330 0x0c1c  cmdide - ok
09:30:35.0367 0x0c1c  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
09:30:35.0386 0x0c1c  CNG - ok
09:30:35.0400 0x0c1c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:30:35.0411 0x0c1c  Compbatt - ok
09:30:35.0429 0x0c1c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:30:35.0452 0x0c1c  CompositeBus - ok
09:30:35.0459 0x0c1c  COMSysApp - ok
09:30:35.0495 0x0c1c  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
09:30:35.0511 0x0c1c  cphs - ok
09:30:35.0526 0x0c1c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:30:35.0535 0x0c1c  crcdisk - ok
09:30:35.0569 0x0c1c  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:30:35.0591 0x0c1c  CryptSvc - ok
09:30:35.0614 0x0c1c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
09:30:35.0631 0x0c1c  CSC - ok
09:30:35.0666 0x0c1c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
09:30:35.0696 0x0c1c  CscService - ok
09:30:35.0727 0x0c1c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:30:35.0774 0x0c1c  DcomLaunch - ok
09:30:35.0793 0x0c1c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:30:35.0827 0x0c1c  defragsvc - ok
09:30:35.0850 0x0c1c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:30:35.0872 0x0c1c  DfsC - ok
09:30:35.0904 0x0c1c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:30:35.0942 0x0c1c  Dhcp - ok
09:30:36.0025 0x0c1c  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:30:36.0078 0x0c1c  DiagTrack - ok
09:30:36.0114 0x0c1c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:30:36.0150 0x0c1c  discache - ok
09:30:36.0178 0x0c1c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
09:30:36.0188 0x0c1c  Disk - ok
09:30:36.0199 0x0c1c  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:30:36.0230 0x0c1c  dmvsc - ok
09:30:36.0255 0x0c1c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:30:36.0282 0x0c1c  Dnscache - ok
09:30:36.0299 0x0c1c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:30:36.0332 0x0c1c  dot3svc - ok
09:30:36.0344 0x0c1c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:30:36.0376 0x0c1c  DPS - ok
09:30:36.0402 0x0c1c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:30:36.0422 0x0c1c  drmkaud - ok
09:30:36.0459 0x0c1c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:30:36.0491 0x0c1c  DXGKrnl - ok
09:30:36.0532 0x0c1c  [ 884870CD3BF7BA07E57605685AAC3785, 407419F6EC3EDBAEC853E9745EACFE0606377022F15DC1BE778BDD7B02A0CA1C ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
09:30:36.0547 0x0c1c  e1cexpress - ok
09:30:36.0574 0x0c1c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:30:36.0603 0x0c1c  EapHost - ok
09:30:36.0698 0x0c1c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
09:30:36.0827 0x0c1c  ebdrv - ok
09:30:36.0860 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS             C:\Windows\System32\lsass.exe
09:30:36.0880 0x0c1c  EFS - ok
09:30:36.0930 0x0c1c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:30:36.0976 0x0c1c  ehRecvr - ok
09:30:36.0989 0x0c1c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:30:37.0003 0x0c1c  ehSched - ok
09:30:37.0036 0x0c1c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:30:37.0064 0x0c1c  elxstor - ok
09:30:37.0109 0x0c1c  [ E9EFCB47B90FD5498695BB7FEFD36CAE, 453B956C99C4D3626B0B0BDB449E9F0283D01AD50C331E298D219B4710BD6870 ] EpsonScanSvc    C:\Windows\system32\EscSvc.exe
09:30:37.0120 0x0c1c  EpsonScanSvc - ok
09:30:37.0160 0x0c1c  [ CBC7E60715F54D8ABC5E577CCFF6B039, 0F2343CC9D6E5E9BC525AE86B23B64E1EA3AA75AE8F5DC36A5DD46EC15D16043 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
09:30:37.0170 0x0c1c  EPSON_PM_RPCV4_05 - ok
09:30:37.0184 0x0c1c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:30:37.0205 0x0c1c  ErrDev - ok
09:30:37.0241 0x0c1c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:30:37.0274 0x0c1c  EventSystem - ok
09:30:37.0300 0x0c1c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:30:37.0333 0x0c1c  exfat - ok
09:30:37.0358 0x0c1c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:30:37.0390 0x0c1c  fastfat - ok
09:30:37.0433 0x0c1c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:30:37.0476 0x0c1c  Fax - ok
09:30:37.0501 0x0c1c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
09:30:37.0514 0x0c1c  fdc - ok
09:30:37.0530 0x0c1c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:30:37.0559 0x0c1c  fdPHost - ok
09:30:37.0576 0x0c1c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:30:37.0596 0x0c1c  FDResPub - ok
09:30:37.0605 0x0c1c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:30:37.0615 0x0c1c  FileInfo - ok
09:30:37.0636 0x0c1c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:30:37.0666 0x0c1c  Filetrace - ok
09:30:37.0673 0x0c1c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:30:37.0685 0x0c1c  flpydisk - ok
09:30:37.0706 0x0c1c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:30:37.0718 0x0c1c  FltMgr - ok
09:30:37.0764 0x0c1c  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
09:30:37.0838 0x0c1c  FontCache - ok
09:30:37.0897 0x0c1c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:30:37.0914 0x0c1c  FontCache3.0.0.0 - ok
09:30:37.0935 0x0c1c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:30:37.0945 0x0c1c  FsDepends - ok
09:30:37.0952 0x0c1c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:30:37.0962 0x0c1c  Fs_Rec - ok
09:30:37.0981 0x0c1c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:30:38.0002 0x0c1c  fvevol - ok
09:30:38.0019 0x0c1c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:30:38.0029 0x0c1c  gagp30kx - ok
09:30:38.0065 0x0c1c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:30:38.0108 0x0c1c  gpsvc - ok
09:30:38.0176 0x0c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:30:38.0194 0x0c1c  gupdate - ok
09:30:38.0205 0x0c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:30:38.0214 0x0c1c  gupdatem - ok
09:30:38.0235 0x0c1c  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
09:30:38.0244 0x0c1c  hamachi - ok
09:30:38.0255 0x0c1c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:30:38.0289 0x0c1c  hcw85cir - ok
09:30:38.0306 0x0c1c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:30:38.0334 0x0c1c  HdAudAddService - ok
09:30:38.0354 0x0c1c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:30:38.0377 0x0c1c  HDAudBus - ok
09:30:38.0395 0x0c1c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:30:38.0407 0x0c1c  HidBatt - ok
09:30:38.0416 0x0c1c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:30:38.0430 0x0c1c  HidBth - ok
09:30:38.0443 0x0c1c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:30:38.0456 0x0c1c  HidIr - ok
09:30:38.0478 0x0c1c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
09:30:38.0501 0x0c1c  hidserv - ok
09:30:38.0521 0x0c1c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:30:38.0550 0x0c1c  HidUsb - ok
09:30:38.0573 0x0c1c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:30:38.0594 0x0c1c  hkmsvc - ok
09:30:38.0605 0x0c1c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:30:38.0638 0x0c1c  HomeGroupListener - ok
09:30:38.0671 0x0c1c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:30:38.0692 0x0c1c  HomeGroupProvider - ok
09:30:38.0796 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:38.0809 0x0c1c  HomeNetSvc - ok
09:30:38.0911 0x0c1c  [ 184C500CB9F69585F3FE85E1D2667CD8, 188452FC824305F24F2021432DB4A9170F1F0DEEDF2245A16D01EF27511FD365 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
09:30:38.0948 0x0c1c  hpqwmiex - ok
09:30:38.0968 0x0c1c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:30:38.0979 0x0c1c  HpSAMD - ok
09:30:39.0006 0x0c1c  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:30:39.0047 0x0c1c  HTTP - ok
09:30:39.0091 0x0c1c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:30:39.0100 0x0c1c  hwpolicy - ok
09:30:39.0124 0x0c1c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:30:39.0149 0x0c1c  i8042prt - ok
09:30:39.0171 0x0c1c  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
09:30:39.0184 0x0c1c  iaStor - ok
09:30:39.0206 0x0c1c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:30:39.0225 0x0c1c  iaStorV - ok
09:30:39.0310 0x0c1c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:30:39.0347 0x0c1c  idsvc - ok
09:30:39.0377 0x0c1c  IEEtwCollectorService - ok
09:30:39.0398 0x0c1c  [ 34953BB9336540D2C029DF4AF01A5240, 3F64BC88618DA7D027E32FB54A55AAB1939A3B79A91BA64862BC2C99F4E0843D ] IFCoEMP         C:\Windows\system32\drivers\ifM52x32.sys
09:30:39.0411 0x0c1c  IFCoEMP - ok
09:30:39.0435 0x0c1c  [ 16E1452FD825B6F0BDB7ECA83C73BD24, B16F32E06B9BDB5890F4886624DC5EAD1851CF1A6FC0BA414B2537F49E604466 ] IFCoEVB         C:\Windows\system32\drivers\ifP52X32.sys
09:30:39.0444 0x0c1c  IFCoEVB - ok
09:30:39.0556 0x0c1c  [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:30:39.0692 0x0c1c  igfx - ok
09:30:39.0708 0x0c1c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:30:39.0720 0x0c1c  iirsp - ok
09:30:39.0765 0x0c1c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:30:39.0794 0x0c1c  IKEEXT - ok
09:30:39.0811 0x0c1c  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\drivers\Impcd.sys
09:30:39.0865 0x0c1c  Impcd - ok
09:30:39.0963 0x0c1c  [ 29F8775BB2DEC2BB038FAB1A7AC05482, 132B74B46A02099786B4F0EE38F98F87822B6520AF71C0F3F0363655E5CDA6BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:30:40.0098 0x0c1c  IntcAzAudAddService - ok
09:30:40.0196 0x0c1c  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:30:40.0252 0x0c1c  IntcDAud - ok
09:30:40.0284 0x0c1c  [ F2C6FB081B707863A0A21D639F325475, 1C2C8729AB71AA0F67AFB431586CFAC077FE7067F00FDA9A62545724864F0F32 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
09:30:40.0295 0x0c1c  Intel® PROSet Monitoring Service - ok
09:30:40.0309 0x0c1c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:30:40.0319 0x0c1c  intelide - ok
09:30:40.0340 0x0c1c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:30:40.0363 0x0c1c  intelppm - ok
09:30:40.0376 0x0c1c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:30:40.0399 0x0c1c  IPBusEnum - ok
09:30:40.0417 0x0c1c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:30:40.0453 0x0c1c  IpFilterDriver - ok
09:30:40.0484 0x0c1c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:30:40.0523 0x0c1c  iphlpsvc - ok
09:30:40.0536 0x0c1c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:30:40.0559 0x0c1c  IPMIDRV - ok
09:30:40.0581 0x0c1c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:30:40.0604 0x0c1c  IPNAT - ok
09:30:40.0627 0x0c1c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:30:40.0641 0x0c1c  IRENUM - ok
09:30:40.0657 0x0c1c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:30:40.0666 0x0c1c  isapnp - ok
09:30:40.0698 0x0c1c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:30:40.0713 0x0c1c  iScsiPrt - ok
09:30:40.0774 0x0c1c  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:30:40.0784 0x0c1c  IviRegMgr - ok
09:30:40.0801 0x0c1c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:30:40.0812 0x0c1c  kbdclass - ok
09:30:40.0831 0x0c1c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:30:40.0854 0x0c1c  kbdhid - ok
09:30:40.0865 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso          C:\Windows\system32\lsass.exe
09:30:40.0877 0x0c1c  KeyIso - ok
09:30:40.0911 0x0c1c  [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:30:40.0922 0x0c1c  KSecDD - ok
09:30:40.0959 0x0c1c  [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:30:40.0987 0x0c1c  KSecPkg - ok
09:30:41.0021 0x0c1c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:30:41.0062 0x0c1c  KtmRm - ok
09:30:41.0146 0x0c1c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:30:41.0184 0x0c1c  LanmanServer - ok
09:30:41.0209 0x0c1c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:30:41.0236 0x0c1c  LanmanWorkstation - ok
09:30:41.0273 0x0c1c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:30:41.0295 0x0c1c  lltdio - ok
09:30:41.0321 0x0c1c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:30:41.0349 0x0c1c  lltdsvc - ok
09:30:41.0363 0x0c1c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:30:41.0388 0x0c1c  lmhosts - ok
09:30:41.0462 0x0c1c  [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:30:41.0477 0x0c1c  LMS - ok
09:30:41.0505 0x0c1c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:30:41.0518 0x0c1c  LSI_FC - ok
09:30:41.0540 0x0c1c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:30:41.0552 0x0c1c  LSI_SAS - ok
09:30:41.0565 0x0c1c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:30:41.0579 0x0c1c  LSI_SAS2 - ok
09:30:41.0590 0x0c1c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:30:41.0603 0x0c1c  LSI_SCSI - ok
09:30:41.0631 0x0c1c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:30:41.0666 0x0c1c  luafv - ok
09:30:41.0730 0x0c1c  [ D53F88363A5FCF8D9CB458E4A8A90A6B, D3553709339EABE63E149D4B2376CFABC71F23E5EF066B104813EC9323C943CB ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
09:30:41.0754 0x0c1c  McAfee SiteAdvisor Service - ok
09:30:41.0828 0x0c1c  [ A3F0CA55B9938FA478FDD8A1E1EC3CF5, 49F917A958B61B86EDED30D6083ED2A367AB053FB3A68FF9ECBCC27E527184A5 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
09:30:41.0861 0x0c1c  McAPExe - ok
09:30:41.0911 0x0c1c  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
09:30:41.0931 0x0c1c  McComponentHostService - ok
09:30:42.0087 0x0c1c  [ D3BAE19174BAAA2551ECA9B4DB391ECC, AA8EF9C0B9837055681EB3B2DDEE8CD752DED7AFDA3FA5B12FFDB6F2C172DAA6 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
09:30:42.0099 0x0c1c  mccspsvc - ok
09:30:42.0258 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:42.0314 0x0c1c  McNaiAnn - ok
09:30:42.0634 0x0c1c  [ BA5FC7C3551E6F107A5392E9B6DAEB42, 5161D736FE1FFCD16BFE89644BB33E030C64DEBCB1369209749419FFC9173758 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
09:30:42.0714 0x0c1c  McODS - ok
09:30:42.0772 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:42.0802 0x0c1c  mcpltsvc - ok
09:30:42.0991 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:43.0004 0x0c1c  McProxy - ok
09:30:43.0053 0x0c1c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:30:43.0066 0x0c1c  Mcx2Svc - ok
09:30:43.0140 0x0c1c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:30:43.0152 0x0c1c  megasas - ok
09:30:43.0228 0x0c1c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:30:43.0241 0x0c1c  MegaSR - ok
09:30:43.0273 0x0c1c  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\drivers\HECI.sys
09:30:43.0332 0x0c1c  MEI - ok
09:30:43.0382 0x0c1c  [ AAF01565969E11AD31AF7E311FDE4E71, 3BCFD3EE65F0E61280469FBAA70CB9ED74C35AFD9CFFE59FA2EC2BE822F486EC ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
09:30:43.0397 0x0c1c  mfeaack - ok
09:30:43.0480 0x0c1c  [ EF6DDC9D53B92134471E99B67F1FF2C2, 751FBD0D4282CF4E70F4C2103F215B9E6CA56CEF25A76971C370128023450DF9 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:30:43.0493 0x0c1c  mfeavfk - ok
09:30:43.0580 0x0c1c  [ F6864C57877B3B54B1018E2E472C65FA, 6CCA88DC66C5619E0664AE428F179E57F081F1F9C1FB6064DC75744AC27ADE6C ] mfedisk         C:\Windows\system32\DRIVERS\mfedisk.sys
09:30:43.0591 0x0c1c  mfedisk - ok
09:30:43.0630 0x0c1c  [ 805460E8989D62BB17DC482BAA614ABF, 59D5D5D429F572298C65317B0CBEEAE9CF1336D43196AECE6401F4170B403AE9 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:30:43.0641 0x0c1c  mfefire - ok
09:30:43.0662 0x0c1c  [ 626F942C4739830D7AB2DC75B3A4F01B, B240609971DB8E18208A2B7E9178CBF20EBC675DBBAB56627AC2C7CA99586812 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:30:43.0678 0x0c1c  mfefirek - ok
09:30:43.0718 0x0c1c  [ E7920472CBCC49BC15AAF5667EEECDF5, 7576C66CA077D6082F3F7D4B6CD1A603BC23D2B48DC0330D28DB656F7101798D ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:30:43.0739 0x0c1c  mfehidk - ok
09:30:43.0778 0x0c1c  [ 56C9225F112D8942D12EF03A282648D3, 82ACB3C928ED8D349B79496129EF785538A7EEBF39B5B8D837E2AEB0CE0BF869 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
09:30:43.0793 0x0c1c  mfemms - ok
09:30:43.0833 0x0c1c  [ 465256E538D72C7F64664AE07EEC5C29, 0296B80129109668C023B89E0B220149783CAD580C2165EC7E67650C3C5E1D0C ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
09:30:43.0848 0x0c1c  mfencbdc - ok
09:30:43.0866 0x0c1c  [ 5D9DE24748C9298B5828D7113E29FAE4, 1A2FCB4DD68EFA48B99225C9DA7A66DA61996D22CC07226B60DAA85B9CEDDC1E ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
09:30:43.0876 0x0c1c  mfencrk - ok
09:30:43.0902 0x0c1c  [ 3DFF51796390CADEC11D4DF739C2B6FF, 75C2C704DFF7FC34A4FBD0B796EB073DF43F066D1E79672A802B2DCD1AB018E3 ] mfevtp          C:\Windows\system32\mfevtps.exe
09:30:43.0915 0x0c1c  mfevtp - ok
09:30:43.0944 0x0c1c  [ FF1BEE0745AF98EE69A88DBA710E0538, 6D6B5821187884CA1D952D290C100DAD5740CDCDADDC922522EC51619B3CDF98 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:30:43.0956 0x0c1c  mfewfpk - ok
09:30:43.0974 0x0c1c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:30:43.0995 0x0c1c  MMCSS - ok
09:30:44.0009 0x0c1c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:30:44.0041 0x0c1c  Modem - ok
09:30:44.0080 0x0c1c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:30:44.0091 0x0c1c  monitor - ok
09:30:44.0148 0x0c1c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:30:44.0166 0x0c1c  mouclass - ok
09:30:44.0172 0x0c1c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:30:44.0193 0x0c1c  mouhid - ok
09:30:44.0215 0x0c1c  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:30:44.0225 0x0c1c  mountmgr - ok
09:30:44.0241 0x0c1c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:30:44.0252 0x0c1c  mpio - ok
09:30:44.0277 0x0c1c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:30:44.0307 0x0c1c  mpsdrv - ok
09:30:44.0338 0x0c1c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:30:44.0375 0x0c1c  MpsSvc - ok
09:30:44.0395 0x0c1c  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:30:44.0430 0x0c1c  MRxDAV - ok
09:30:44.0441 0x0c1c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:30:44.0474 0x0c1c  mrxsmb - ok
09:30:44.0491 0x0c1c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:30:44.0516 0x0c1c  mrxsmb10 - ok
09:30:44.0530 0x0c1c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:30:44.0545 0x0c1c  mrxsmb20 - ok
09:30:44.0563 0x0c1c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:30:44.0572 0x0c1c  msahci - ok
09:30:44.0588 0x0c1c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:30:44.0599 0x0c1c  msdsm - ok
09:30:44.0619 0x0c1c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:30:44.0636 0x0c1c  MSDTC - ok
09:30:44.0651 0x0c1c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:30:44.0678 0x0c1c  Msfs - ok
09:30:44.0688 0x0c1c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:30:44.0709 0x0c1c  mshidkmdf - ok
09:30:44.0714 0x0c1c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:30:44.0724 0x0c1c  msisadrv - ok
09:30:44.0738 0x0c1c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:30:44.0766 0x0c1c  MSiSCSI - ok
09:30:44.0770 0x0c1c  msiserver - ok
09:30:44.0805 0x0c1c  [ 6A38499BD0FFC4A0CEE5296F58D2B00F, 7F2D068A7BDAFC8FF5FB18CF3C50F362FE40D20925C3793C6F6511F2D54B4D88 ] MSK80Service    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
09:30:44.0819 0x0c1c  MSK80Service - ok
09:30:44.0833 0x0c1c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:30:44.0865 0x0c1c  MSKSSRV - ok
09:30:44.0869 0x0c1c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:30:44.0894 0x0c1c  MSPCLOCK - ok
09:30:44.0898 0x0c1c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:30:44.0918 0x0c1c  MSPQM - ok
09:30:44.0937 0x0c1c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:30:44.0948 0x0c1c  MsRPC - ok
09:30:44.0963 0x0c1c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:30:44.0971 0x0c1c  mssmbios - ok
09:30:44.0975 0x0c1c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:30:44.0995 0x0c1c  MSTEE - ok
09:30:45.0004 0x0c1c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:30:45.0016 0x0c1c  MTConfig - ok
09:30:45.0033 0x0c1c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:30:45.0044 0x0c1c  Mup - ok
09:30:45.0075 0x0c1c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:30:45.0115 0x0c1c  napagent - ok
09:30:45.0147 0x0c1c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:30:45.0172 0x0c1c  NativeWifiP - ok
09:30:45.0207 0x0c1c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:30:45.0229 0x0c1c  NDIS - ok
09:30:45.0244 0x0c1c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:30:45.0264 0x0c1c  NdisCap - ok
09:30:45.0274 0x0c1c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:30:45.0307 0x0c1c  NdisTapi - ok
09:30:45.0320 0x0c1c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:30:45.0340 0x0c1c  Ndisuio - ok
09:30:45.0351 0x0c1c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:30:45.0373 0x0c1c  NdisWan - ok
09:30:45.0383 0x0c1c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:30:45.0404 0x0c1c  NDProxy - ok
09:30:45.0414 0x0c1c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:30:45.0448 0x0c1c  NetBIOS - ok
09:30:45.0464 0x0c1c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:30:45.0487 0x0c1c  NetBT - ok
09:30:45.0493 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon        C:\Windows\system32\lsass.exe
09:30:45.0513 0x0c1c  Netlogon - ok
09:30:45.0538 0x0c1c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:30:45.0568 0x0c1c  Netman - ok
09:30:45.0618 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0674 0x0c1c  NetMsmqActivator - ok
09:30:45.0680 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0697 0x0c1c  NetPipeActivator - ok
09:30:45.0722 0x0c1c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:30:45.0761 0x0c1c  netprofm - ok
09:30:45.0768 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0782 0x0c1c  NetTcpActivator - ok
09:30:45.0787 0x0c1c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:30:45.0799 0x0c1c  NetTcpPortSharing - ok
09:30:45.0830 0x0c1c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:30:45.0840 0x0c1c  nfrd960 - ok
09:30:45.0861 0x0c1c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:30:45.0894 0x0c1c  NlaSvc - ok
09:30:45.0904 0x0c1c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:30:45.0926 0x0c1c  Npfs - ok
09:30:45.0947 0x0c1c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:30:45.0980 0x0c1c  nsi - ok
09:30:45.0985 0x0c1c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:30:46.0008 0x0c1c  nsiproxy - ok
09:30:46.0064 0x0c1c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:30:46.0110 0x0c1c  Ntfs - ok
09:30:46.0125 0x0c1c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:30:46.0144 0x0c1c  Null - ok
09:30:46.0159 0x0c1c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:30:46.0170 0x0c1c  nvraid - ok
09:30:46.0181 0x0c1c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:30:46.0192 0x0c1c  nvstor - ok
09:30:46.0206 0x0c1c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:30:46.0217 0x0c1c  nv_agp - ok
09:30:46.0225 0x0c1c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:30:46.0238 0x0c1c  ohci1394 - ok
09:30:46.0318 0x0c1c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:30:46.0339 0x0c1c  ose - ok
09:30:46.0474 0x0c1c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:30:46.0617 0x0c1c  osppsvc - ok
09:30:46.0912 0x0c1c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:30:46.0954 0x0c1c  p2pimsvc - ok
09:30:46.0983 0x0c1c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:30:47.0001 0x0c1c  p2psvc - ok
09:30:47.0030 0x0c1c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
09:30:47.0051 0x0c1c  Parport - ok
09:30:47.0065 0x0c1c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:30:47.0075 0x0c1c  partmgr - ok
09:30:47.0089 0x0c1c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:30:47.0102 0x0c1c  Parvdm - ok
09:30:47.0138 0x0c1c  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:30:47.0161 0x0c1c  PcaSvc - ok
09:30:47.0177 0x0c1c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:30:47.0188 0x0c1c  pci - ok
09:30:47.0206 0x0c1c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:30:47.0215 0x0c1c  pciide - ok
09:30:47.0232 0x0c1c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:30:47.0245 0x0c1c  pcmcia - ok
09:30:47.0258 0x0c1c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:30:47.0268 0x0c1c  pcw - ok
09:30:47.0292 0x0c1c  pdfcDispatcher - ok
09:30:47.0347 0x0c1c  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:30:47.0378 0x0c1c  PEAUTH - ok
09:30:47.0417 0x0c1c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:30:47.0465 0x0c1c  PeerDistSvc - ok
09:30:47.0517 0x0c1c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:30:47.0607 0x0c1c  pla - ok
09:30:47.0642 0x0c1c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:30:47.0667 0x0c1c  PlugPlay - ok
09:30:47.0679 0x0c1c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:30:47.0691 0x0c1c  PNRPAutoReg - ok
09:30:47.0707 0x0c1c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:30:47.0722 0x0c1c  PNRPsvc - ok
09:30:47.0759 0x0c1c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:30:47.0799 0x0c1c  PolicyAgent - ok
09:30:47.0813 0x0c1c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:30:47.0836 0x0c1c  Power - ok
09:30:47.0857 0x0c1c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:30:47.0878 0x0c1c  PptpMiniport - ok
09:30:47.0890 0x0c1c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
09:30:47.0903 0x0c1c  Processor - ok
09:30:47.0934 0x0c1c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:30:47.0961 0x0c1c  ProfSvc - ok
09:30:47.0974 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:30:47.0985 0x0c1c  ProtectedStorage - ok
09:30:48.0003 0x0c1c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:30:48.0025 0x0c1c  Psched - ok
09:30:48.0102 0x0c1c  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:30:48.0122 0x0c1c  PSI_SVC_2 - ok
09:30:48.0173 0x0c1c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:30:48.0222 0x0c1c  ql2300 - ok
09:30:48.0240 0x0c1c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:30:48.0250 0x0c1c  ql40xx - ok
09:30:48.0282 0x0c1c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:30:48.0308 0x0c1c  QWAVE - ok
09:30:48.0324 0x0c1c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:30:48.0341 0x0c1c  QWAVEdrv - ok
09:30:48.0352 0x0c1c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:30:48.0379 0x0c1c  RasAcd - ok
09:30:48.0397 0x0c1c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:30:48.0418 0x0c1c  RasAgileVpn - ok
09:30:48.0433 0x0c1c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:30:48.0455 0x0c1c  RasAuto - ok
09:30:48.0469 0x0c1c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:30:48.0490 0x0c1c  Rasl2tp - ok
09:30:48.0512 0x0c1c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:30:48.0537 0x0c1c  RasMan - ok
09:30:48.0558 0x0c1c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:30:48.0590 0x0c1c  RasPppoe - ok
09:30:48.0601 0x0c1c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:30:48.0633 0x0c1c  RasSstp - ok
09:30:48.0647 0x0c1c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:30:48.0672 0x0c1c  rdbss - ok
09:30:48.0681 0x0c1c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:30:48.0708 0x0c1c  rdpbus - ok
09:30:48.0727 0x0c1c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:30:48.0753 0x0c1c  RDPCDD - ok
09:30:48.0766 0x0c1c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:30:48.0791 0x0c1c  RDPDR - ok
09:30:48.0808 0x0c1c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:30:48.0833 0x0c1c  RDPENCDD - ok
09:30:48.0848 0x0c1c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:30:48.0868 0x0c1c  RDPREFMP - ok
09:30:48.0944 0x0c1c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:30:49.0025 0x0c1c  RdpVideoMiniport - ok
09:30:49.0066 0x0c1c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:30:49.0106 0x0c1c  RDPWD - ok
09:30:49.0139 0x0c1c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:30:49.0151 0x0c1c  rdyboost - ok
09:30:49.0177 0x0c1c  [ 24D3B49DAB660A8B8AFA40240E735E24, 1CA5554C582ADB83476B989845509FD1A1E82DAC627847A7209F9B39E472D8A7 ] regi            C:\Windows\system32\drivers\regi.sys
09:30:49.0185 0x0c1c  regi - ok
09:30:49.0195 0x0c1c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:30:49.0227 0x0c1c  RemoteAccess - ok
09:30:49.0253 0x0c1c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:30:49.0282 0x0c1c  RemoteRegistry - ok
09:30:49.0297 0x0c1c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:30:49.0329 0x0c1c  RpcEptMapper - ok
09:30:49.0345 0x0c1c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:30:49.0356 0x0c1c  RpcLocator - ok
09:30:49.0410 0x0c1c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:30:49.0435 0x0c1c  RpcSs - ok
09:30:49.0509 0x0c1c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:30:49.0531 0x0c1c  rspndr - ok
09:30:49.0605 0x0c1c  [ D38DFE3B2B394AF3955A2B4665D4E74D, B243EA886C472D9305568C29792D9C6D498AFD1CB99437F96BE5A4F73B119AFF ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
09:30:49.0614 0x0c1c  RtkAudioService - ok
09:30:49.0624 0x0c1c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:30:49.0659 0x0c1c  s3cap - ok
09:30:49.0672 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs           C:\Windows\system32\lsass.exe
09:30:49.0694 0x0c1c  SamSs - ok
09:30:49.0717 0x0c1c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:30:49.0727 0x0c1c  sbp2port - ok
09:30:49.0753 0x0c1c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:30:49.0775 0x0c1c  SCardSvr - ok
09:30:49.0790 0x0c1c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:30:49.0809 0x0c1c  scfilter - ok
09:30:49.0843 0x0c1c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:30:49.0889 0x0c1c  Schedule - ok
09:30:49.0911 0x0c1c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:30:49.0930 0x0c1c  SCPolicySvc - ok
09:30:49.0953 0x0c1c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:30:49.0979 0x0c1c  SDRSVC - ok
09:30:49.0989 0x0c1c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:30:50.0009 0x0c1c  secdrv - ok
09:30:50.0018 0x0c1c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:30:50.0049 0x0c1c  seclogon - ok
09:30:50.0060 0x0c1c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
09:30:50.0084 0x0c1c  SENS - ok
09:30:50.0104 0x0c1c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:30:50.0134 0x0c1c  SensrSvc - ok
09:30:50.0173 0x0c1c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:30:50.0198 0x0c1c  Serenum - ok
09:30:50.0259 0x0c1c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:30:50.0302 0x0c1c  Serial - ok
09:30:50.0311 0x0c1c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:30:50.0323 0x0c1c  sermouse - ok
09:30:50.0342 0x0c1c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:30:50.0367 0x0c1c  SessionEnv - ok
09:30:50.0380 0x0c1c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:30:50.0394 0x0c1c  sffdisk - ok
09:30:50.0405 0x0c1c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:30:50.0418 0x0c1c  sffp_mmc - ok
09:30:50.0426 0x0c1c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:30:50.0439 0x0c1c  sffp_sd - ok
09:30:50.0463 0x0c1c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:30:50.0474 0x0c1c  sfloppy - ok
09:30:50.0510 0x0c1c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:30:50.0536 0x0c1c  SharedAccess - ok
09:30:50.0556 0x0c1c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:30:50.0583 0x0c1c  ShellHWDetection - ok
09:30:50.0596 0x0c1c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:30:50.0606 0x0c1c  sisagp - ok
09:30:50.0619 0x0c1c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:30:50.0629 0x0c1c  SiSRaid2 - ok
09:30:50.0644 0x0c1c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:30:50.0654 0x0c1c  SiSRaid4 - ok
09:30:50.0703 0x0c1c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:30:50.0719 0x0c1c  SkypeUpdate - ok
09:30:50.0739 0x0c1c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:30:50.0767 0x0c1c  Smb - ok
09:30:50.0788 0x0c1c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:30:50.0800 0x0c1c  SNMPTRAP - ok
09:30:50.0810 0x0c1c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:30:50.0819 0x0c1c  spldr - ok
09:30:50.0840 0x0c1c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:30:50.0881 0x0c1c  Spooler - ok
09:30:50.0960 0x0c1c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:30:51.0067 0x0c1c  sppsvc - ok
09:30:51.0089 0x0c1c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:30:51.0110 0x0c1c  sppuinotify - ok
09:30:51.0128 0x0c1c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:30:51.0143 0x0c1c  srv - ok
09:30:51.0161 0x0c1c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:30:51.0178 0x0c1c  srv2 - ok
09:30:51.0185 0x0c1c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:30:51.0202 0x0c1c  srvnet - ok
09:30:51.0218 0x0c1c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:30:51.0253 0x0c1c  SSDPSRV - ok
09:30:51.0270 0x0c1c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:30:51.0305 0x0c1c  SstpSvc - ok
09:30:51.0315 0x0c1c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:30:51.0325 0x0c1c  stexstor - ok
09:30:51.0360 0x0c1c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:30:51.0384 0x0c1c  StiSvc - ok
09:30:51.0397 0x0c1c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:30:51.0407 0x0c1c  storflt - ok
09:30:51.0414 0x0c1c  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
09:30:51.0444 0x0c1c  StorSvc - ok
09:30:51.0461 0x0c1c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:30:51.0471 0x0c1c  storvsc - ok
09:30:51.0483 0x0c1c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:30:51.0492 0x0c1c  swenum - ok
09:30:51.0506 0x0c1c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:30:51.0546 0x0c1c  swprv - ok
09:30:51.0580 0x0c1c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
09:30:51.0631 0x0c1c  SysMain - ok
09:30:51.0648 0x0c1c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:30:51.0664 0x0c1c  TabletInputService - ok
09:30:51.0689 0x0c1c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:30:51.0714 0x0c1c  TapiSrv - ok
09:30:51.0732 0x0c1c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:30:51.0764 0x0c1c  TBS - ok
09:30:51.0854 0x0c1c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:30:51.0903 0x0c1c  Tcpip - ok
09:30:51.0947 0x0c1c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:30:51.0978 0x0c1c  TCPIP6 - ok
09:30:52.0007 0x0c1c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:30:52.0018 0x0c1c  tcpipreg - ok
09:30:52.0097 0x0c1c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:30:52.0165 0x0c1c  TDPIPE - ok
09:30:52.0333 0x0c1c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:30:52.0371 0x0c1c  TDTCP - ok
09:30:52.0419 0x0c1c  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:30:52.0496 0x0c1c  tdx - ok
09:30:52.0864 0x0c1c  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
09:30:53.0031 0x0c1c  TeamViewer9 - ok
09:30:53.0050 0x0c1c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:30:53.0060 0x0c1c  TermDD - ok
09:30:53.0100 0x0c1c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
09:30:53.0154 0x0c1c  TermService - ok
09:30:53.0175 0x0c1c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:30:53.0196 0x0c1c  Themes - ok
09:30:53.0214 0x0c1c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:30:53.0234 0x0c1c  THREADORDER - ok
09:30:53.0260 0x0c1c  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:30:53.0272 0x0c1c  TPM - ok
09:30:53.0295 0x0c1c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:30:53.0329 0x0c1c  TrkWks - ok
09:30:53.0356 0x0c1c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:30:53.0380 0x0c1c  TrustedInstaller - ok
09:30:53.0410 0x0c1c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:30:53.0421 0x0c1c  tssecsrv - ok
09:30:53.0448 0x0c1c  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:30:53.0470 0x0c1c  TsUsbFlt - ok
09:30:53.0487 0x0c1c  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:30:53.0511 0x0c1c  TsUsbGD - ok
09:30:53.0548 0x0c1c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:30:53.0569 0x0c1c  tunnel - ok
09:30:53.0582 0x0c1c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:30:53.0593 0x0c1c  uagp35 - ok
09:30:53.0613 0x0c1c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:30:53.0636 0x0c1c  udfs - ok
09:30:53.0661 0x0c1c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:30:53.0673 0x0c1c  UI0Detect - ok
09:30:53.0687 0x0c1c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:30:53.0698 0x0c1c  uliagpkx - ok
09:30:53.0717 0x0c1c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:30:53.0735 0x0c1c  umbus - ok
09:30:53.0748 0x0c1c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:30:53.0768 0x0c1c  UmPass - ok
09:30:53.0788 0x0c1c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:30:53.0803 0x0c1c  UmRdpService - ok
09:30:53.0942 0x0c1c  [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:30:54.0022 0x0c1c  UNS - ok
09:30:54.0114 0x0c1c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:30:54.0176 0x0c1c  upnphost - ok
09:30:54.0225 0x0c1c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:30:54.0314 0x0c1c  usbccgp - ok
09:30:54.0381 0x0c1c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:30:54.0433 0x0c1c  usbcir - ok
09:30:54.0634 0x0c1c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:30:54.0664 0x0c1c  usbehci - ok
09:30:54.0775 0x0c1c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:30:54.0823 0x0c1c  usbhub - ok
09:30:54.0865 0x0c1c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:30:54.0905 0x0c1c  usbohci - ok
09:30:54.0946 0x0c1c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:30:54.0965 0x0c1c  usbprint - ok
09:30:54.0997 0x0c1c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:30:55.0083 0x0c1c  usbscan - ok
09:30:55.0100 0x0c1c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:30:55.0164 0x0c1c  USBSTOR - ok
09:30:55.0185 0x0c1c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:30:55.0197 0x0c1c  usbuhci - ok
09:30:55.0223 0x0c1c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:30:55.0246 0x0c1c  UxSms - ok
09:30:55.0267 0x0c1c  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc        C:\Windows\system32\lsass.exe
09:30:55.0278 0x0c1c  VaultSvc - ok
09:30:55.0314 0x0c1c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:30:55.0329 0x0c1c  vdrvroot - ok
09:30:55.0382 0x0c1c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:30:55.0435 0x0c1c  vds - ok
09:30:55.0464 0x0c1c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:30:55.0477 0x0c1c  vga - ok
09:30:55.0488 0x0c1c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:30:55.0509 0x0c1c  VgaSave - ok
09:30:55.0530 0x0c1c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:30:55.0542 0x0c1c  vhdmp - ok
09:30:55.0564 0x0c1c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:30:55.0574 0x0c1c  viaagp - ok
09:30:55.0584 0x0c1c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:30:55.0607 0x0c1c  ViaC7 - ok
09:30:55.0622 0x0c1c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:30:55.0632 0x0c1c  viaide - ok
09:30:55.0647 0x0c1c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:30:55.0660 0x0c1c  vmbus - ok
09:30:55.0673 0x0c1c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:30:55.0694 0x0c1c  VMBusHID - ok
09:30:55.0705 0x0c1c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:30:55.0715 0x0c1c  volmgr - ok
09:30:55.0731 0x0c1c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:30:55.0745 0x0c1c  volmgrx - ok
09:30:55.0760 0x0c1c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:30:55.0775 0x0c1c  volsnap - ok
09:30:55.0796 0x0c1c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:30:55.0808 0x0c1c  vsmraid - ok
09:30:55.0847 0x0c1c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:30:55.0895 0x0c1c  VSS - ok
09:30:55.0927 0x0c1c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:30:55.0944 0x0c1c  vwifibus - ok
09:30:55.0958 0x0c1c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:30:55.0972 0x0c1c  vwififlt - ok
09:30:55.0987 0x0c1c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:30:56.0014 0x0c1c  W32Time - ok
09:30:56.0025 0x0c1c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:30:56.0037 0x0c1c  WacomPen - ok
09:30:56.0115 0x0c1c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:30:56.0148 0x0c1c  WANARP - ok
09:30:56.0152 0x0c1c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:30:56.0172 0x0c1c  Wanarpv6 - ok
09:30:56.0415 0x0c1c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:30:56.0474 0x0c1c  WatAdminSvc - ok
09:30:56.0625 0x0c1c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:30:56.0697 0x0c1c  wbengine - ok
09:30:56.0720 0x0c1c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:30:56.0744 0x0c1c  WbioSrvc - ok
09:30:56.0763 0x0c1c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:30:56.0793 0x0c1c  wcncsvc - ok
09:30:56.0806 0x0c1c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:30:56.0834 0x0c1c  WcsPlugInService - ok
09:30:56.0854 0x0c1c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:30:56.0863 0x0c1c  Wd - ok
09:30:56.0900 0x0c1c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:30:56.0921 0x0c1c  Wdf01000 - ok
09:30:56.0944 0x0c1c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:30:56.0966 0x0c1c  WdiServiceHost - ok
09:30:56.0972 0x0c1c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:30:56.0984 0x0c1c  WdiSystemHost - ok
09:30:56.0997 0x0c1c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
09:30:57.0037 0x0c1c  WebClient - ok
09:30:57.0070 0x0c1c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:30:57.0107 0x0c1c  Wecsvc - ok
09:30:57.0120 0x0c1c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:30:57.0141 0x0c1c  wercplsupport - ok
09:30:57.0149 0x0c1c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:30:57.0173 0x0c1c  WerSvc - ok
09:30:57.0202 0x0c1c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:30:57.0232 0x0c1c  WfpLwf - ok
09:30:57.0247 0x0c1c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:30:57.0256 0x0c1c  WIMMount - ok
09:30:57.0325 0x0c1c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:30:57.0363 0x0c1c  WinDefend - ok
09:30:57.0382 0x0c1c  WinHttpAutoProxySvc - ok
09:30:57.0422 0x0c1c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:30:57.0451 0x0c1c  Winmgmt - ok
09:30:57.0507 0x0c1c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:30:57.0575 0x0c1c  WinRM - ok
09:30:57.0607 0x0c1c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
09:30:57.0619 0x0c1c  WinUsb - ok
09:30:57.0651 0x0c1c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:30:57.0693 0x0c1c  Wlansvc - ok
09:30:57.0775 0x0c1c  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:30:57.0838 0x0c1c  wlidsvc - ok
09:30:57.0859 0x0c1c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:30:57.0870 0x0c1c  WmiAcpi - ok
09:30:57.0895 0x0c1c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:30:57.0908 0x0c1c  wmiApSrv - ok
09:30:57.0969 0x0c1c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:30:58.0021 0x0c1c  WMPNetworkSvc - ok
09:30:58.0055 0x0c1c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:30:58.0139 0x0c1c  WPCSvc - ok
09:30:58.0174 0x0c1c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:30:58.0214 0x0c1c  WPDBusEnum - ok
09:30:58.0237 0x0c1c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:30:58.0258 0x0c1c  ws2ifsl - ok
09:30:58.0275 0x0c1c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:30:58.0291 0x0c1c  wscsvc - ok
09:30:58.0326 0x0c1c  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:30:58.0339 0x0c1c  WSDPrintDevice - ok
09:30:58.0363 0x0c1c  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
09:30:58.0380 0x0c1c  WSDScan - ok
09:30:58.0384 0x0c1c  WSearch - ok
09:30:58.0456 0x0c1c  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\Windows\system32\wuaueng.dll
09:30:58.0532 0x0c1c  wuauserv - ok
09:30:58.0552 0x0c1c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:30:58.0584 0x0c1c  WudfPf - ok
09:30:58.0604 0x0c1c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
09:30:58.0622 0x0c1c  WUDFRd - ok
09:30:58.0649 0x0c1c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:30:58.0661 0x0c1c  wudfsvc - ok
09:30:58.0694 0x0c1c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:30:58.0716 0x0c1c  WwanSvc - ok
09:30:58.0729 0x0c1c  ================ Scan global ===============================
09:30:58.0747 0x0c1c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:30:58.0787 0x0c1c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:30:58.0805 0x0c1c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:30:58.0829 0x0c1c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:30:58.0866 0x0c1c  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:30:58.0872 0x0c1c  [ Global ] - ok
09:30:58.0873 0x0c1c  ================ Scan MBR ==================================
09:30:58.0877 0x0c1c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:30:59.0075 0x0c1c  \Device\Harddisk0\DR0 - ok
09:30:59.0075 0x0c1c  ================ Scan VBR ==================================
09:30:59.0100 0x0c1c  [ 428458C2B85CCB82BA194A733F8EBA0A ] \Device\Harddisk0\DR0\Partition1
09:30:59.0102 0x0c1c  \Device\Harddisk0\DR0\Partition1 - ok
09:30:59.0106 0x0c1c  [ A6D148DB25320481C3F66AC65347391F ] \Device\Harddisk0\DR0\Partition2
09:30:59.0109 0x0c1c  \Device\Harddisk0\DR0\Partition2 - ok
09:30:59.0109 0x0c1c  ================ Scan generic autorun ======================
09:30:59.0179 0x0c1c  [ D574CF0D3545199C4EC3F9FC1C3167B6, 4A459C58F79EFCB8024D19C8E473E58A44D05A5CCC7E6096030971DBF63F839F ] C:\Program Files\McAfee.com\Agent\mcagent.exe
09:30:59.0209 0x0c1c  mcui_exe - ok
09:30:59.0291 0x0c1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:30:59.0369 0x0c1c  Sidebar - ok
09:30:59.0406 0x0c1c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:30:59.0422 0x0c1c  mctadmin - ok
09:30:59.0459 0x0c1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:30:59.0505 0x0c1c  Sidebar - ok
09:30:59.0512 0x0c1c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:30:59.0527 0x0c1c  mctadmin - ok
09:30:59.0530 0x0c1c  UzhH - ok
09:30:59.0545 0x0c1c  Waiting for KSN requests completion. In queue: 129
09:31:00.0545 0x0c1c  Waiting for KSN requests completion. In queue: 81
09:31:01.0545 0x0c1c  Waiting for KSN requests completion. In queue: 53
09:31:02.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:03.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:04.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:05.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:06.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:07.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:08.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:09.0634 0x0c1c  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
09:31:09.0645 0x0c1c  Win FW state via NFP2: enabled
09:31:12.0051 0x0c1c  ============================================================
09:31:12.0051 0x0c1c  Scan finished
09:31:12.0051 0x0c1c  ============================================================
09:31:12.0060 0x1488  Detected object count: 0
09:31:12.0060 0x1488  Actual detected object count: 0
 
x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:08.0545 0x0c1c  Waiting for KSN requests completion. In queue: 46
09:31:09.0634 0x0c1c  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
09:31:09.0645 0x0c1c  Win FW state via NFP2: enabled
09:31:12.0051 0x0c1c  ============================================================
09:31:12.0051 0x0c1c  Scan finished
09:31:12.0051 0x0c1c  ============================================================
09:31:12.0060 0x1488  Detected object count: 0
09:31:12.0060 0x1488  Actual detected object count: 0

  • 0

#9
djuka0220
Posted 14 July 2015 - 01:46 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

i keep geting runDLL  there was problem starting C:\users\user1~1appdata\roaming\98a1.tmp  the specified module could not be foundn


  • 0

#10
pystryker
Posted 14 July 2015 - 04:44 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)
 

i keep geting runDLL there was problem starting C:\users\user1~1appdata\roaming\98a1.tmp the specified module could not be foundn


Ok, thank you. We'll going to run a small FRST fix as well as run AdwCleaner again to clean out what it found. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Re-Run AdwCleaner
  • Please start AdwCleaner and press the Scan button.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
  • This report is also saved at C:\AdwCleaner[R0].txt
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\Run: [UzhH] => rundll32.exe C:\Users\USER1~1\AppData\Roaming\98A1.tmp eYlYRpkQBc2JPs
Reboot:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

AdwCleaner Log

Fixlog.txt Log
  • 0

Advertisements

#11
djuka0220
Posted 15 July 2015 - 01:11 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
# AdwCleaner v4.208 - Logfile created 15/07/2015 at 09:05:03
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : User 1 - B-04854
# Running from : C:\Users\User 1\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.134
 
[C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://google.com/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C48BFF78A569E987E5C1CE652A6F448828246FF0B066888ACE04F04DE6668AE9"},"default_search_provider":{"keyword":"85E9CFA406F2A9D6A3B5EE200428CA3969487AD2BC7BD43CF249D8BEEBA1F024","name":"EA83A41C11DE84EC57798CDB87423DB62B5EF00B76A78ACCC44DDF2D96F0EAB0","search_url":"3721B0E4F3A7C8A13E28B69D1FD105709F6D02ECDB12D606BD611C8234AFEAA1"},"default_search_provider_data":{"template_url_data":"6B54250C2FBA345782B96D44ED5A0CC478A2FEBD21E558D99B94AC556DB196E3"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"3051CDCE319159B4C6249A3EEA4BA668428A712EF4E96DD73C8C50E848571F61","ahfgeienlihckogmohjhadlkjgocpleb":"55A43F090D4DC2FECF8399F44DB56D37B907D8C6FF79B119B8543CFB10A9DE68","ahjaciijnoiaklcomgnblndopackapon":"C7F9098C63F46FFBD71A9966FFD3EC27F8CE2A6DEB815EF392827C7E35852ECD","aohghmighlieiainnegkcijnfilokake":"3200363B6537F1F4877F83E72D401222D218D7A2260218F3C278C06559F253D1","apdfllckaahabafndbhieahigkjlhalf":"C0FB8E955093CFD5BD24BA605BC6125F9DCCB9FA87EDBDB4F17E611DF84EDA59","bepbmhgboaologfdajaanbcjmnhjmhfn":"C0073F7C8838491325B4AAC1EC29921B9502B38DA2813E80B12CE2552E08A912","blpcfgokakmgnkcojhhkbfbldkacnbeo":"9B36F2FD773D418336C1D0CB89305F960523D12148BCA2327744F33BF8AEB85E","coobgpohoikkiipiblmjeljniedjpjpf":"1F1665382D0DA3340169C5922DBCFCCA81E9099F4C60DF88CF4C46763FDA32A0","eemcgdkfndhakfknompkggombfjjjeno":"73C26066B98F90C4CB6E820E16733F60FE385F665E216EE3840A9C3F3DE5001A","ennkphjdgehloodpbhlhldgbnhmacadg":"D05D453427C305C6C0750AED0D66D78C6B5AF583DE9DD6DD0A4B78BFB5F81E24","felcaaldnbdncclmgdcncolpebgiejap":"C2A73C28808DA18A0DEA94C073EE5D4C471DB4D06ACDDF968CCAE77E6C5BE82E","fheoggkfdfchfphceeifdbepaooicaho":"F2897F052B757DEBF0573056E9B508B7BF49D0233BC83ADCDE4A56BCDD3D9090","gbchcmhmhahfdphkhkmpfmihenigjmpp":"6C97BB7B4BD7A8C557C48D5005E7F42DBE3CF23B3FAF281BD8ED89CB8864B820","gfdkimpbcpahaombhbimeihdjnejgicl":"203B39F45630E38326FD0252119887F08B13CBF4FC0DADC2D9796DD9544C1EB3","ghbeeblbbjhelodgakgednnpcchkeifl":"C8479D050BD3DFF9EB626864CA0D1D88DE893B6522020C77BB9153AA877F234C","gighmmpiobklfepjocnamgkkbiglidom":"88E22030C9FCB1F4703C86CA6D5F87C8F7D8D68E972CE4DF37F357214AD21442","ihpplppigijgifgajmlmndhpjmggbgij":"B191865A4F089D37917E348EAC2A4497D243D2BF340042B6F8C4D61A5D7D5D6F","kmendfapggjehodndflmmgagdbamhnfd":"CA344E4CA6088BC2BB92ECE32B8C4C68849A9C06F57D9F906D9CD9F6A32FC261","lccekmodgklaepjeofjdjpbminllajkg":"CAB8FB8A413B1D583E11934EF378F283953B8385A6C72FB6A5A8490928ED0C37","mfehgcgbbipciphmccgaenjidiccnmng":"21A8B46CADC9C70FF560B854D18DD7E5F57F481790FB6FE0766285BBDBDA154E","mfffpogegjflfpflabcdkioaeobkgjik":"635708DCE5753522A73A297A2AE2EF42D2714069CAD45E1D7D335B18958E9CB5","mgndgikekgjfcpckkfioiadnlibdjbkf":"08C6C386BB8190CC46D795D74785A1EC6CA02A930807F45A312256B4E8F187DE","mhjfbmdgcfjbbpaeojofohoefgiehjai":"4BB50296FD7F713BDD1B256F9F46DFD95CAB8F9370B3B4BF580C543B859E8CB7","nbpagnldghgfoolbancepceaanlmhfmd":"121D34124AA99D54E46C47DB96A05BAB406B7904BD95C214AEA6814429C05C50","neajdppkdcdipfabeoofebfddakdcjhd":"15F366704BC3C5D2ED806EBADB23A671B8FA1D0898D09632F15E94BA140968AC","nkeimhogjdpnpccoofpliimaahmaaome":"074FDFAFC8D6D65768CC67388941B53DA67A20AEE47EF6BA834FF00AC1D98C8C","nmmhkkegccagdldgiimedpiccmgmieda":"FC050E959A7AD9CDB6A3E1AB55F06348880FC0A8A41F52B12F31DCB0FB5593CE","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A60CD5263DF22CFA6A54343424BF697D0C77F7F31042898E7D547F453DEC8EFB","pjkljhegncpnkpknbcohdijeoejaedia":"A098C71B43AF2F0ABB75AA05EB9F45FB780C64E9A7AC895E7878698BBF975E98"}},"google":{"services":{"last_username":"D80434ABE4524A8768690EFF2E19824A65FE11081ACED72CD53BABA621C51076","username":"A22F06DD73A50EC2796EDCF323FBA7B0357142990EE23A7B8996A3614FA72E83"}},"homepage":"241FF6D66CAB5C1374F02D19A5B3B0EF23EF0CDB0D64FB36CE89C10A880F4E49","homepage_is_newtabpage":"8E00CD9BCA61EF6541A9F491CDE3959B875957867BA651BFD77CB7F7573D629F","pinned_tabs":"8EC8E3FB293C2221A4086D4CC8116363F42E992A392898CE9AE23C96608607D5","prefs":{"preference_reset_time":"2223C89A9B672AEF82CE7CD44625AD7DC3B0BC42F71D550F8670D44EDC303F88"},"profile":{"reset_prompt_memento":"C96A455F3244682031D1E42C53CEC57F772EF55F221D4FD09CDCDB1E9C0BA0FC"},"safebrowsing":{"incidents_sent":"9FD4EBB69BF0D4D715B0B360B361BD76775F44C20130D448B14EABAD98E5EA75"},"search_provider_overrides":"2F6394BB34829F52AE6447B0541A8DA0B3FCCD728EEB2AEA218E561202C00741","session":{"restore_on_startup":"C7C7CE2E1C26AC2BA0D00203B20339C1289A7306B6C78788D480A3C34584EF26","startup_urls":"64FCA2710508BD6548D853B92CE756841BC3A4CCB8A1A933E78B5CCAD27EDA57"},"software_reporter":{"prompt_reason":"71E29FFEAE698FFB33A36C1AA2B1D3D1BEC10EE87269A57812F3EDEBC1982BED","prompt_seed":"4175C8CE7479EA4B9FCCCBCCFE459BB2E1243783D50C17404D9D769A5C799B34","prompt_version":"2D3DEB68B2794A26883C81BFABA9C9B445769C2F27E6691C59EC7742BD7FE1F4"},"sync":{"remaining_rollback_tries":"38113EFEB41381D7B43116404499E48579E1F3E71DF40707867FD77555C61DD3"}},"super_mac":"EA703700EADF068A3CD331211AF83A38783AD3500D1F76377A184C339E536CC8"},"session":{"restore_on_startup":5,"startup_urls":["hxxps://www.google.hr/","hxxp://isearch.avg.com/?cid={AEB1E108-3655-4A86-9E81-D4598C01AC42}&mid=187240a7c85047d0ac444dfe4b7b6ed3-7bc878c87588b2c535a176a529778cf0e86d1236&lang=en&ds=AVG&pr=fr&d=2013-01-23 18:27:14&v=14.2.0.1&pid=avg&sg=&sap=hp
[C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : 64FCA2710508BD6548D853B92CE756841BC3A4CCB8A1A933E78B5CCAD27EDA57"},"software_reporter":{"prompt_reason":"71E29FFEAE698FFB33A36C1AA2B1D3D1BEC10EE87269A57812F3EDEBC1982BED","prompt_seed":"4175C8CE7479EA4B9FCCCBCCFE459BB2E1243783D50C17404D9D769A5C799B34","prompt_version":"2D3DEB68B2794A26883C81BFABA9C9B445769C2F27E6691C59EC7742BD7FE1F4"},"sync":{"remaining_rollback_tries":"38113EFEB41381D7B43116404499E48579E1F3E71DF40707867FD77555C61DD3"}},"super_mac":"EA703700EADF068A3CD331211AF83A38783AD3500D1F76377A184C339E536CC8"},"session":{"restore_on_startup":5,"startup_urls":["hxxps://www.google.hr/","hxxp://isearch.avg.com/?cid={AEB1E108-3655-4A86-9E81-D4598C01AC42}&mid=187240a7c85047d0ac444dfe4b7b6ed3-7bc878c87588b2c535a176a529778cf0e86d1236&lang=en&ds=AVG&pr=fr&d=2013-01-23 18:27:14&v=14.2.0.1&pid=avg&sg=&sap=hp
 
*************************
 
AdwCleaner[R0].txt - [8822 bytes] - [14/07/2015 08:58:27]
AdwCleaner[R1].txt - [7054 bytes] - [15/07/2015 09:05:03]
AdwCleaner[S0].txt - [3617 bytes] - [14/07/2015 09:06:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [7172 bytes] ##########

  • 0

#12
djuka0220
Posted 15 July 2015 - 01:24 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by User 1 at 2015-07-15 09:14:10 Run:2
Running from C:\Users\User 1\Desktop
Loaded Profiles: User 1 (Available Profiles: User 1)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Start
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\...\Run: [UzhH] => rundll32.exe C:\Users\USER1~1\AppData\Roaming\98A1.tmp eYlYRpkQBc2JPs
Reboot:
End
*****************
 
HKU\S-1-5-21-2103307149-622382959-3800831923-1000\Software\Microsoft\Windows\CurrentVersion\Run\\UzhH => value removed successfully.
 
 
The system needed a reboot.
 
==== End of Fixlog 09:14:10 ====

  • 0

#13
pystryker
Posted 15 July 2015 - 04:39 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)

You have posted a log in which AdwCleaner scanned the computer, but you did not hit the Cleaning button upon completion of the scan. Please run AdwCleaner again and when the scan is complete, hit the Cleaning button.

AdwCleaner will remove the selected items and then require a reboot. Please reboot the machine and post the log for my review. :thumbsup:

Also, has the rundll error stopped?

Things I need to see in your next post

AdwCleaner Log
  • 0

#14
djuka0220
Posted 15 July 2015 - 07:34 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
# AdwCleaner v4.208 - Logfile created 15/07/2015 at 15:31:01     # Updated 09/07/2015 by Xplode         # Database : 2015-07-15.1 [Server]         # Operating system : Windows 7 Professional Service Pack 1 (x86)   # Username : User 1 - B-04854           # Running from : C:\Users\User 1\Downloads\AdwCleaner.exe   # Option : Cleaning                             ***** [ Services ] *****                                           ***** [ Files / Folders ] *****                                           ***** [ Scheduled tasks ] *****                                         ***** [ Shortcuts ] *****                                           ***** [ Registry ] *****                                           ***** [ Web browsers ] *****                           #NAME?                                               #NAME?                                               *************************                           AdwCleaner[R0].txt - [8822 bytes] - [14/07/2015 08:58:27]     AdwCleaner[R1].txt - [7251 bytes] - [15/07/2015 09:05:03]     AdwCleaner[R2].txt - [985 bytes] - [15/07/2015 15:21:35]     AdwCleaner[S0].txt - [3617 bytes] - [14/07/2015 09:06:42]     AdwCleaner[S1].txt - [2004 bytes] - [15/07/2015 09:06:31]     AdwCleaner[S2].txt - [911 bytes] - [15/07/2015 15:31:01]                     ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [969  bytes] ##########
  • 0

#15
djuka0220
Posted 15 July 2015 - 07:34 AM

djuka0220

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
# AdwCleaner v4.208 - Logfile created 15/07/2015 at 15:31:01
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : User 1 - B-04854
# Running from : C:\Users\User 1\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.134
 
 
*************************
 
AdwCleaner[R0].txt - [8822 bytes] - [14/07/2015 08:58:27]
AdwCleaner[R1].txt - [7251 bytes] - [15/07/2015 09:05:03]
AdwCleaner[R2].txt - [985 bytes] - [15/07/2015 15:21:35]
AdwCleaner[S0].txt - [3617 bytes] - [14/07/2015 09:06:42]
AdwCleaner[S1].txt - [2004 bytes] - [15/07/2015 09:06:31]
AdwCleaner[S2].txt - [911 bytes] - [15/07/2015 15:31:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [969  bytes] ##########

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP