Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Checking for malware - Please help, THANKS! [Closed]


  • This topic is locked This topic is locked

#1
L3Nerd

L3Nerd

    Member

  • Member
  • PipPip
  • 16 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Owner (administrator) on COMPUTER (14-01-2016 14:52:50)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [Windstream Service Agent.exe] => C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe [10204472 2011-10-13] (Windstream)
HKLM-x32\...\Run: [DiagnosticTools.exe] => C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe [2037048 2011-04-25] (Windstream)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-14] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc.)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [HideSCAHealth] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-14] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-01] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{770317D9-EA8E-4F6C-B8B1-5C05798825FA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {44A47394-945F-4754-83FA-80E8156E364B} URL = hxxp://websearch.shopathome.com?user_id=%guid&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {76C8D7FA-6557-4D8E-B626-C9813FFA1706} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=8FA7F38B-30A6-4319-8383-BE8DD78B7BF2&apn_sauid=8A2ABBEC-9288-4A1D-B44D-CFCF4690EE57
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-01] (Yahoo! Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-01] (Yahoo! Inc)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-01] (Yahoo! Inc.)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2010-10-26] (Best Buy)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-14]
 
Chrome: 
=======
CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Unity Player) - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Toolbar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2016-01-14] [UpdateUrl: hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manifest.php] <==== ATTENTION
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-14]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Owner\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-14]
StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
S2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-14] (AVAST Software)
R2 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
S2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
S2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-14] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-14] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-14] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-14] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2016-01-14] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2016-01-14] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-14] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-14] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-19] ()
S1 jiucecvv; \??\C:\Windows\system32\drivers\jiucecvv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-14 14:50 - 2016-01-14 14:52 - 00017381 _____ C:\Users\Owner\Downloads\FRST.txt
2016-01-14 13:26 - 2016-01-14 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-01-14 08:15 - 2016-01-14 08:10 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-01-14 08:11 - 2016-01-14 08:11 - 00001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-14 08:10 - 2016-01-14 08:16 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-14 08:10 - 2016-01-14 08:11 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-01-14 08:10 - 2016-01-14 08:11 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-01-14 08:10 - 2016-01-14 08:10 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-14 07:26 - 2016-01-14 13:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 07:26 - 2016-01-14 07:26 - 05065856 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2016-01-14 07:25 - 2016-01-14 07:25 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-14 00:30 - 2016-01-14 00:32 - 22908888 _____ (Malwarebytes ) C:\Users\Owner\Downloads\mbam-setup-majorgeeks-2.2.0.1024.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-14 00:26 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-14 00:26 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-14 00:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-14 00:14 - 2016-01-14 00:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Owner\Downloads\procexp.exe
2016-01-14 00:00 - 2016-01-14 00:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-13 23:59 - 2016-01-14 14:50 - 00000000 ____D C:\FRST
2016-01-13 23:59 - 2016-01-13 23:59 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-01-13 18:17 - 2016-01-14 14:52 - 01228638 _____ C:\Windows\ntbtlog.txt
2016-01-13 16:50 - 2016-01-13 16:50 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\My Documents
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2016-01-13 16:49 - 2011-08-01 19:42 - 00000000 ____D C:\Users\Administrator
2016-01-13 16:49 - 2011-05-29 21:32 - 00000000 ____D C:\Users\Administrator\AppData\Local\Power2Go
2016-01-13 16:49 - 2010-12-13 14:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2016-01-13 16:49 - 2009-07-14 02:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-14 14:51 - 2009-07-14 00:13 - 00757204 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-14 14:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-01-14 14:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-14 14:46 - 2012-07-17 15:23 - 00000000 ____D C:\ProgramData\Radialpoint
2016-01-14 14:46 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-14 14:46 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-14 14:45 - 2010-12-13 15:13 - 00002104 _____ C:\Windows\system32\AutoRunFilter.ini
2016-01-14 14:45 - 2010-12-13 15:13 - 00001311 _____ C:\Windows\system32\ServiceFilter.ini
2016-01-14 14:42 - 2012-03-03 23:10 - 00000402 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2016-01-14 14:42 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-14 13:14 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ServiceProfiles
2016-01-14 13:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2016-01-14 12:33 - 2012-07-28 15:54 - 00000000 ____D C:\Program Files (x86)\Conduit
2016-01-14 10:55 - 2013-04-12 19:05 - 00000000 ____D C:\Program Files (x86)\Ask.com
2016-01-14 10:55 - 2012-07-17 16:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-14 10:55 - 2012-05-24 10:27 - 00001407 _____ C:\Users\Owner\Desktop\Internet Explorer.lnk
2016-01-14 10:05 - 2012-07-28 21:31 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA.job
2016-01-14 09:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 08:07 - 2013-02-27 18:44 - 00001945 _____ C:\Windows\epplauncher.mif
2016-01-14 08:06 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-14 01:56 - 2012-07-17 16:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-14 01:56 - 2012-07-17 16:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-14 01:56 - 2012-03-04 13:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-14 01:37 - 2012-02-03 20:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Facebook
2016-01-14 00:05 - 2012-07-28 21:31 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core.job
2016-01-14 00:00 - 2012-07-28 21:31 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA
2016-01-14 00:00 - 2012-07-28 21:31 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core
2016-01-13 22:16 - 2009-07-29 00:20 - 00000000 ____D C:\Windows\Log
 
==================== Files in the root of some directories =======
 
2007-06-12 12:34 - 2007-06-12 12:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 11:35 - 2008-05-22 11:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 13:31 - 2009-04-08 13:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 00:45 - 2008-08-12 00:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2012-06-16 13:11 - 2013-02-23 18:01 - 0001130 _____ () C:\Users\Owner\AppData\Roaming\result.db
2013-06-21 07:39 - 2013-06-21 07:39 - 0000153 _____ () C:\ProgramData\birz6of.reg
2013-06-21 07:39 - 2015-04-04 20:50 - 0000000 _____ () C:\ProgramData\g252qs.txt
2013-06-21 07:40 - 2013-06-21 07:40 - 0044544 _____ (Microsoft Corporation) C:\ProgramData\sdaksda.txt
2010-12-13 14:52 - 2010-12-13 14:53 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-13 14:52 - 2010-12-13 14:52 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\birz6of.reg
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-14 08:58
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#2
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

I clean the system myself with MalwareBytes, Adware Removal, & avast.

 

I am coming to you'll, for a 2nd opinion, to verify/ recommend, in case i missed anything.

 

Thanks for your support.


  • 0

#3
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Hello??


  • 0

#4
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

Hi L3Nerd,

Welcome to  :welcome:. My name is Jr0x and I'll be helping you with your problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

Before we get started, there are a few things I need you to take note of.

  • Please read through the instructions before attempting to follow those procedures. I would recommend printing them out as some of the instructions would requires you to be in safe mode / offline.
  • If there is anything you are unclear of, please ask before you start the fix.
  • Do not run any scripts / tools on your own, unsupervised usage may cause more harm than good.
  • Please stay with me on this thread, do not start another thread in here (Geeks To Go) or any other forum until I've declared you clean and good to go.
  • There may be delayed response to you as we may live in different timezone.
  • Inform me of anything that happens unexpectedly during the fix at any point of time.
  • As much as we like to make this a easy process for you. Malware removal is a complex multi-step process, and things may happen such as data loss or render your machine unbootable. I would recommend that you backup your personal data before we proceed.
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

Let's get started.
 
FRST
 
I noticed that you're running FRST from Safe mode, is there any specific reason such as not being able to run it in normal mode? Also, you did not run FRST from Desktop, instead from Downloads folder. Please note that any programs unless specified, please download and run from your Desktop.
 
Since that it has been some time from your last log, I would require a fresh FRST log for review. If there is no specific reason to run in safe mode, please follow the below instruction to download a new copy and run.

FRST.gif Scan with Farbar's Recovery Scan Tool (FRST)

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 


  • 0

#5
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
mouse pad is working but not mouse left/ right button, i can't run from desktop.
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Owner (administrator) on COMPUTER (26-01-2016 23:43:16)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =========a========
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Windstream) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [Windstream Service Agent.exe] => C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe [10204472 2011-10-13] (Windstream)
HKLM-x32\...\Run: [DiagnosticTools.exe] => C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe [2037048 2011-04-25] (Windstream)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-14] (AVAST Software)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc.)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Run: [Inspector] => C:\Users\Owner\AppData\Roaming\Protector-xklf.exe
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [HideSCAHealth] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-14] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-01] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-12-13]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2011-02-13]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{770317D9-EA8E-4F6C-B8B1-5C05798825FA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-01] (Yahoo! Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-01] (Yahoo! Inc)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-26] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-14]
 
Chrome: 
=======
CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll => No File
CHR Plugin: (Unity Player) - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-14]
StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-14] (AVAST Software)
R2 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-14] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-19] ()
S1 jiucecvv; \??\C:\Windows\system32\drivers\jiucecvv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-26 21:51 - 2016-01-26 21:51 - 00028190 _____ C:\Users\Owner\Downloads\Addition.txt
2016-01-26 21:47 - 2016-01-26 21:47 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2016-01-26 20:27 - 2016-01-26 20:27 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2016-01-26 19:49 - 2016-01-26 19:49 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Sun
2016-01-26 19:48 - 2016-01-26 19:48 - 00058016 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-26 19:48 - 2016-01-26 19:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Yahoo!
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Yahoo! Companion
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Yahoo!
2016-01-26 19:44 - 2016-01-26 19:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Windstream
2016-01-26 19:44 - 2016-01-26 19:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Radialpoint
2016-01-26 19:43 - 2016-01-26 19:43 - 00001415 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-24 19:59 - 2016-01-24 19:58 - 00003832 _____ C:\Users\Owner\Desktop\JRT.txt
2016-01-24 19:35 - 2016-01-24 19:39 - 01600184 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe
2016-01-24 19:26 - 2016-01-24 19:35 - 00198084 _____ C:\TDSSKiller.3.1.0.9_24.01.2016_19.26.21_log.txt
2016-01-14 22:34 - 2016-01-23 20:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 22:34 - 2016-01-23 20:45 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 22:34 - 2016-01-23 20:44 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-14 22:34 - 2016-01-23 20:44 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-14 15:15 - 2016-01-14 15:16 - 00196248 _____ C:\TDSSKiller.3.1.0.9_14.01.2016_15.15.18_log.txt
2016-01-14 15:14 - 2016-01-14 15:14 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe
2016-01-14 14:50 - 2016-01-26 23:43 - 00020979 _____ C:\Users\Owner\Downloads\FRST.txt
2016-01-14 13:26 - 2016-01-14 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-01-14 08:15 - 2016-01-14 08:10 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-01-14 08:11 - 2016-01-23 20:45 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-14 08:10 - 2016-01-26 19:57 - 01065208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-01-14 08:10 - 2016-01-26 19:57 - 00464256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-01-14 08:10 - 2016-01-26 19:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-14 08:10 - 2016-01-14 08:11 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-01-14 08:10 - 2016-01-14 08:10 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-14 07:26 - 2016-01-24 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 07:26 - 2016-01-14 07:26 - 05065856 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2016-01-14 07:25 - 2016-01-14 07:25 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-14 00:30 - 2016-01-14 00:32 - 22908888 _____ (Malwarebytes ) C:\Users\Owner\Downloads\mbam-setup-majorgeeks-2.2.0.1024.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-14 00:26 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-14 00:26 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-14 00:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-14 00:14 - 2016-01-14 00:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Owner\Downloads\procexp.exe
2016-01-14 00:00 - 2016-01-14 00:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-13 23:59 - 2016-01-26 23:43 - 00000000 ____D C:\FRST
2016-01-13 23:59 - 2016-01-13 23:59 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-01-13 18:17 - 2016-01-26 20:08 - 01322902 _____ C:\Windows\ntbtlog.txt
2016-01-13 16:50 - 2016-01-13 16:50 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\My Documents
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2016-01-13 16:49 - 2016-01-26 19:43 - 00000000 ____D C:\Users\Administrator
2016-01-13 16:49 - 2011-05-29 21:32 - 00000000 ____D C:\Users\Administrator\AppData\Local\Power2Go
2016-01-13 16:49 - 2010-12-13 14:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2016-01-13 16:49 - 2009-07-14 02:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-26 23:16 - 2012-07-17 15:23 - 00000000 ____D C:\ProgramData\Radialpoint
2016-01-26 23:07 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 23:07 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 23:06 - 2009-07-14 00:13 - 00757204 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-26 23:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-01-26 23:05 - 2012-07-28 21:31 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA.job
2016-01-26 23:02 - 2012-07-17 16:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-26 23:02 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-26 23:00 - 2012-07-17 15:21 - 00000000 ____D C:\Windows\pss
2016-01-26 21:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-26 20:32 - 2012-03-03 23:09 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2016-01-26 19:56 - 2012-07-17 16:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-26 19:56 - 2012-07-17 16:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-26 19:56 - 2012-03-04 13:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-26 19:44 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-24 19:49 - 2012-07-28 15:54 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Conduit
2016-01-24 19:48 - 2013-02-27 16:10 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Raxco
2016-01-23 20:51 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-01-23 20:51 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-01-23 20:46 - 2011-03-24 13:20 - 00000000 ____D C:\Users\Owner
2016-01-23 20:46 - 2010-12-13 15:11 - 00000000 ____D C:\ProgramData\P4G
2016-01-23 20:46 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-01-23 20:46 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-01-23 20:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-01-23 20:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2016-01-23 20:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-01-23 20:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-01-23 20:45 - 2013-03-14 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-23 20:45 - 2013-03-14 14:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-23 20:45 - 2013-03-14 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-23 20:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-01-23 20:41 - 2011-05-11 19:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Microsoft Games
2016-01-23 20:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2016-01-17 15:58 - 2012-07-17 15:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Radialpoint
2016-01-14 23:00 - 2013-04-22 18:30 - 00000000 ____D C:\Users\Owner\AppData\Local\Windows Live
2016-01-14 22:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2016-01-14 14:55 - 2011-12-26 17:20 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-01-14 14:45 - 2010-12-13 15:13 - 00002104 _____ C:\Windows\system32\AutoRunFilter.ini
2016-01-14 14:45 - 2010-12-13 15:13 - 00001311 _____ C:\Windows\system32\ServiceFilter.ini
2016-01-14 13:14 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ServiceProfiles
2016-01-14 10:55 - 2012-05-24 10:27 - 00001407 _____ C:\Users\Owner\Desktop\Internet Explorer.lnk
2016-01-14 09:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 08:07 - 2013-02-27 18:44 - 00001945 _____ C:\Windows\epplauncher.mif
2016-01-14 08:06 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-14 01:37 - 2012-02-03 20:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Facebook
2016-01-14 00:05 - 2012-07-28 21:31 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core.job
2016-01-14 00:00 - 2012-07-28 21:31 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA
2016-01-14 00:00 - 2012-07-28 21:31 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core
2016-01-13 22:16 - 2009-07-29 00:20 - 00000000 ____D C:\Windows\Log
 
==================== Files in the root of some directories =======
 
2007-06-12 12:34 - 2007-06-12 12:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 11:35 - 2008-05-22 11:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 13:31 - 2009-04-08 13:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 00:45 - 2008-08-12 00:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2012-06-16 13:11 - 2013-02-23 18:01 - 0001130 _____ () C:\Users\Owner\AppData\Roaming\result.db
2013-06-21 07:39 - 2013-06-21 07:39 - 0000153 _____ () C:\ProgramData\birz6of.reg
2013-06-21 07:39 - 2015-04-04 20:50 - 0000000 _____ () C:\ProgramData\g252qs.txt
2013-06-21 07:40 - 2013-06-21 07:40 - 0044544 _____ (Microsoft Corporation) C:\ProgramData\sdaksda.txt
2010-12-13 14:52 - 2010-12-13 14:53 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-13 14:52 - 2010-12-13 14:52 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\birz6of.reg
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
a
 
LastRegBack: 2016-01-26 23:37
 
==================== End of FRST.txt ============================

 


  • 0

#6
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

 

 

mouse pad is working but not mouse left/ right button, i can't run from desktop.

 

Hi L3Nerd,

 

Have you tried to change to another mouse?

 

Is there any error message while trying to run from Desktop?

 

You also have missed out another log (Additional.txt) where it is located at the same directory as FRST.txt. Please post that log too. 


  • 0

#7
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

I also noticed that you have ran JRT and TDSSKiller tool on your own previously which not recommended as it may cause more harm than good if not supervised.

 

However, seeing that the logs are already exist, please also do post the content of the following log in your next reply as it may help me understand the situation better.

 

  • JRT log - Located at C:\Users\Owner\Desktop\JRT.txt
  • TDSSKiller log - Located at C:\TDSSKiller.3.1.0.9_24.01.2016_19.26.21_log.txt
  • FRST Addition log - Located at C:\Users\Owner\Downloads\Addition.txt

  • 0

#8
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by Owner (administrator) on COMPUTER (30-01-2016 15:58:15)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner & Administrator (Available Profiles: Owner & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Windstream) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
(Windstream) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\Owner\AppData\Local\Google\Update\Install\{675179AD-B1A1-470D-B1A8-1EF4F55025BA}\48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Temp\CR_0FCF4.tmp\setup.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service AgentComHandler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [Windstream Service Agent.exe] => C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe [10204472 2011-10-13] (Windstream)
HKLM-x32\...\Run: [DiagnosticTools.exe] => C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe [2037048 2011-04-25] (Windstream)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-14] (AVAST Software)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc.)
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Run: [Inspector] => C:\Users\Owner\AppData\Roaming\Protector-xklf.exe
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2057531234-2367892702-2072951418-500\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-14] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-01] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-12-13]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2011-02-13]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-02-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{770317D9-EA8E-4F6C-B8B1-5C05798825FA}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057531234-2367892702-2072951418-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-01] (Yahoo! Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-12] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-01] (Yahoo! Inc)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-26] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-04-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @radialpoint.com/SPA,version=1 -> C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll [2011-10-13] (Windstream)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2057531234-2367892702-2072951418-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-14]
 
Chrome: 
=======
CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\47.0.2526.111\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll => No File
CHR Plugin: (Unity Player) - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-14]
StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-14] (AVAST Software)
R2 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 DiagTrack; %SystemRoot%\system32\diagtrack.dll [X]
S3 IEEtwCollectorService; %SystemRoot%\system32\IEEtwCollector.exe /V [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-14] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-19] ()
S1 jiucecvv; \??\C:\Windows\system32\drivers\jiucecvv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-29 23:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-01-29 18:53 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-01-29 18:53 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-01-29 18:53 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-01-29 18:53 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-01-29 18:53 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-01-29 18:53 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-01-29 18:52 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-01-29 18:52 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-01-29 18:46 - 2016-01-29 18:46 - 00000000 ____D C:\Users\Administrator\Documents\ASUS
2016-01-29 18:46 - 2016-01-29 18:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\ASUS
2016-01-29 18:46 - 2016-01-29 18:46 - 00000000 ____D C:\ProgramData\ASUS
2016-01-29 18:38 - 2016-01-29 18:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2016-01-29 18:38 - 2016-01-29 18:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\SRS Labs
2016-01-27 06:40 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-01-27 06:40 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-01-27 06:40 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-01-26 21:51 - 2016-01-26 21:51 - 00028190 _____ C:\Users\Owner\Downloads\Addition.txt
2016-01-26 21:47 - 2016-01-26 21:47 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2016-01-26 20:27 - 2016-01-26 20:27 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2016-01-26 19:49 - 2016-01-26 19:49 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Sun
2016-01-26 19:48 - 2016-01-26 19:48 - 00058016 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-26 19:48 - 2016-01-26 19:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Yahoo!
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Yahoo! Companion
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Yahoo!
2016-01-26 19:44 - 2016-01-26 19:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Windstream
2016-01-26 19:44 - 2016-01-26 19:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Radialpoint
2016-01-26 19:43 - 2016-01-30 15:49 - 00001415 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-24 19:59 - 2016-01-24 19:58 - 00003832 _____ C:\Users\Owner\Desktop\JRT.txt
2016-01-24 19:35 - 2016-01-24 19:39 - 01600184 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe
2016-01-24 19:26 - 2016-01-24 19:35 - 00198084 _____ C:\TDSSKiller.3.1.0.9_24.01.2016_19.26.21_log.txt
2016-01-14 22:34 - 2016-01-30 00:30 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-14 22:34 - 2016-01-30 00:30 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-14 22:34 - 2016-01-30 00:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 22:34 - 2016-01-30 00:30 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 15:15 - 2016-01-14 15:16 - 00196248 _____ C:\TDSSKiller.3.1.0.9_14.01.2016_15.15.18_log.txt
2016-01-14 15:14 - 2016-01-14 15:14 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe
2016-01-14 14:50 - 2016-01-30 15:58 - 00023119 _____ C:\Users\Owner\Downloads\FRST.txt
2016-01-14 13:26 - 2016-01-14 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2016-01-14 11:58 - 2016-01-14 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-01-14 08:15 - 2016-01-14 08:10 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-01-14 08:11 - 2016-01-23 20:45 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-14 08:11 - 2016-01-14 08:11 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-14 08:10 - 2016-01-30 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-14 08:10 - 2016-01-26 19:57 - 01065208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-01-14 08:10 - 2016-01-26 19:57 - 00464256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-01-14 08:10 - 2016-01-14 08:11 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-01-14 08:10 - 2016-01-14 08:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-01-14 08:10 - 2016-01-14 08:10 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-14 08:07 - 2016-01-14 08:07 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-14 07:26 - 2016-01-24 20:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 07:26 - 2016-01-14 07:26 - 05065856 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2016-01-14 07:25 - 2016-01-14 07:25 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-14 07:25 - 2016-01-14 07:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-14 07:25 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-14 07:25 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-14 00:30 - 2016-01-14 00:32 - 22908888 _____ (Malwarebytes ) C:\Users\Owner\Downloads\mbam-setup-majorgeeks-2.2.0.1024.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-14 00:26 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-14 00:26 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-14 00:26 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-14 00:25 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-14 00:25 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-14 00:14 - 2016-01-14 00:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Owner\Downloads\procexp.exe
2016-01-14 00:00 - 2016-01-14 00:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-13 23:59 - 2016-01-30 15:58 - 00000000 ____D C:\FRST
2016-01-13 23:59 - 2016-01-13 23:59 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-01-13 18:17 - 2016-01-28 20:28 - 01416470 _____ C:\Windows\ntbtlog.txt
2016-01-13 16:50 - 2016-01-13 16:50 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\My Documents
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2016-01-13 16:50 - 2016-01-13 16:50 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2016-01-13 16:49 - 2016-01-26 19:43 - 00000000 ____D C:\Users\Administrator
2016-01-13 16:49 - 2011-05-29 21:32 - 00000000 ____D C:\Users\Administrator\AppData\Local\Power2Go
2016-01-13 16:49 - 2010-12-13 14:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2016-01-13 16:49 - 2009-07-14 02:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-30 16:00 - 2012-07-17 15:23 - 00000000 ____D C:\ProgramData\Radialpoint
2016-01-30 15:55 - 2012-07-17 16:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-30 15:53 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-01-30 15:52 - 2011-03-24 13:21 - 00001419 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-30 15:50 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-30 15:49 - 2012-07-28 21:31 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA.job
2016-01-30 00:49 - 2009-07-14 00:13 - 00813270 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-30 00:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-01-30 00:47 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-30 00:47 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-30 00:42 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-30 00:35 - 2013-03-14 14:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-30 00:35 - 2013-03-14 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-30 00:31 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-01-30 00:31 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-01-30 00:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-01-30 00:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2016-01-30 00:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-01-30 00:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-01-30 00:30 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-01-30 00:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-30 00:05 - 2012-07-28 21:31 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core.job
2016-01-29 23:18 - 2013-03-14 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-29 21:16 - 2013-02-27 18:08 - 00802340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-28 00:05 - 2012-07-17 15:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Radialpoint
2016-01-26 23:00 - 2012-07-17 15:21 - 00000000 ____D C:\Windows\pss
2016-01-26 20:32 - 2012-03-03 23:09 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2016-01-26 19:56 - 2012-07-17 16:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-26 19:56 - 2012-07-17 16:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-26 19:56 - 2012-03-04 13:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-24 19:49 - 2012-07-28 15:54 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Conduit
2016-01-24 19:48 - 2013-02-27 16:10 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Raxco
2016-01-23 20:51 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-01-23 20:46 - 2011-03-24 13:20 - 00000000 ____D C:\Users\Owner
2016-01-23 20:46 - 2010-12-13 15:11 - 00000000 ____D C:\ProgramData\P4G
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2016-01-23 20:45 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-23 20:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-01-23 20:41 - 2011-05-11 19:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Microsoft Games
2016-01-23 20:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2016-01-14 23:00 - 2013-04-22 18:30 - 00000000 ____D C:\Users\Owner\AppData\Local\Windows Live
2016-01-14 22:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2016-01-14 14:55 - 2011-12-26 17:20 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-01-14 14:45 - 2010-12-13 15:13 - 00002104 _____ C:\Windows\system32\AutoRunFilter.ini
2016-01-14 14:45 - 2010-12-13 15:13 - 00001311 _____ C:\Windows\system32\ServiceFilter.ini
2016-01-14 13:14 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ServiceProfiles
2016-01-14 10:55 - 2012-05-24 10:27 - 00001407 _____ C:\Users\Owner\Desktop\Internet Explorer.lnk
2016-01-14 09:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 08:07 - 2013-02-27 18:44 - 00001945 _____ C:\Windows\epplauncher.mif
2016-01-14 08:06 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-14 01:37 - 2012-02-03 20:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Facebook
2016-01-14 00:00 - 2012-07-28 21:31 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA
2016-01-14 00:00 - 2012-07-28 21:31 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core
2016-01-13 22:16 - 2009-07-29 00:20 - 00000000 ____D C:\Windows\Log
 
==================== Files in the root of some directories =======
 
2007-06-12 12:34 - 2007-06-12 12:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 11:35 - 2008-05-22 11:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 13:31 - 2009-04-08 13:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 00:45 - 2008-08-12 00:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2012-06-16 13:11 - 2013-02-23 18:01 - 0001130 _____ () C:\Users\Owner\AppData\Roaming\result.db
2013-06-21 07:39 - 2013-06-21 07:39 - 0000153 _____ () C:\ProgramData\birz6of.reg
2013-06-21 07:39 - 2015-04-04 20:50 - 0000000 _____ () C:\ProgramData\g252qs.txt
2013-06-21 07:40 - 2013-06-21 07:40 - 0044544 _____ (Microsoft Corporation) C:\ProgramData\sdaksda.txt
2010-12-13 14:52 - 2010-12-13 14:53 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-13 14:52 - 2010-12-13 14:52 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\birz6of.reg
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-26 23:37
 
==================== End of FRST.txt ============================

  • 0

#9
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Owner (Administrator) on Sat 01/30/2016 at 16:09:06.96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 4 
 
Successfully deleted: C:\Users\Owner\Appdata\LocalLow\conduit (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1G6KIOZQ (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCR5FK9V (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4E9X4X7 (Folder) 
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/30/2016 at 16:17:06.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#10
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

16:24:51.0154 0x1be8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12

16:25:04.0756 0x1be8  ============================================================
16:25:04.0756 0x1be8  Current date / time: 2016/01/30 16:25:04.0756
16:25:04.0756 0x1be8  SystemInfo:
16:25:04.0756 0x1be8  
16:25:04.0756 0x1be8  OS Version: 6.1.7601 ServicePack: 1.0
16:25:04.0756 0x1be8  Product type: Workstation
16:25:04.0756 0x1be8  ComputerName: COMPUTER
16:25:04.0756 0x1be8  UserName: Owner
16:25:04.0756 0x1be8  Windows directory: C:\Windows
16:25:04.0756 0x1be8  System windows directory: C:\Windows
16:25:04.0756 0x1be8  Running under WOW64
16:25:04.0756 0x1be8  Processor architecture: Intel x64
16:25:04.0756 0x1be8  Number of processors: 2
16:25:04.0756 0x1be8  Page size: 0x1000
16:25:04.0756 0x1be8  Boot type: Normal boot
16:25:04.0756 0x1be8  ============================================================
16:25:05.0583 0x1be8  KLMD registered as C:\Windows\system32\drivers\15807568.sys
16:25:06.0659 0x1be8  System UUID: {37CB9D29-9287-628E-D454-7F0DE4E43231}
16:25:08.0477 0x1be8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:25:08.0493 0x1be8  ============================================================
16:25:08.0493 0x1be8  \Device\Harddisk0\DR0:
16:25:08.0493 0x1be8  MBR partitions:
16:25:08.0493 0x1be8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x19000000
16:25:08.0493 0x1be8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C200800, BlocksNum 0x1E185800
16:25:08.0493 0x1be8  ============================================================
16:25:08.0493 0x1be8  C: <-> \Device\Harddisk0\DR0\Partition1
16:25:08.0493 0x1be8  D: <-> \Device\Harddisk0\DR0\Partition2
16:25:08.0493 0x1be8  ============================================================
16:25:08.0493 0x1be8  Initialize success
16:25:08.0493 0x1be8  ============================================================
16:25:45.0511 0x0d20  ============================================================
16:25:45.0511 0x0d20  Scan started
16:25:45.0511 0x0d20  Mode: Manual; 
16:25:45.0511 0x0d20  ============================================================
16:25:45.0511 0x0d20  KSN ping started
16:26:08.0814 0x0d20  KSN ping finished: true
16:26:09.0485 0x0d20  ================ Scan system memory ========================
16:26:09.0485 0x0d20  System memory - ok
16:26:09.0485 0x0d20  ================ Scan services =============================
16:26:09.0610 0x0d20  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:26:09.0625 0x0d20  1394ohci - ok
16:26:09.0736 0x0d20  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:26:09.0751 0x0d20  ACPI - ok
16:26:09.0767 0x0d20  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:26:09.0767 0x0d20  AcpiPmi - ok
16:26:09.0860 0x0d20  [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:26:09.0876 0x0d20  AdobeFlashPlayerUpdateSvc - ok
16:26:10.0001 0x0d20  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:26:10.0048 0x0d20  adp94xx - ok
16:26:10.0188 0x0d20  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:26:10.0235 0x0d20  adpahci - ok
16:26:10.0266 0x0d20  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:26:10.0282 0x0d20  adpu320 - ok
16:26:10.0297 0x0d20  [ C0BF554D2277F7A4C735D475ADE2E3B2, 58ED620CD73239A6AB8F993492494AB0F09705B25E671A842D5163B13F452B15 ] ADSMService     C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
16:26:10.0313 0x0d20  ADSMService - ok
16:26:10.0344 0x0d20  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:26:10.0344 0x0d20  AeLookupSvc - ok
16:26:10.0391 0x0d20  [ 17AA5993C61425F8428F2FEC491C3E67, 2C869B8459C4CD82433E665981D0117CA0C55AFBCF234BC2AAFE22A02EFEC31E ] AFBAgent        C:\Windows\system32\FBAgent.exe
16:26:10.0422 0x0d20  AFBAgent - ok
16:26:10.0469 0x0d20  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
16:26:10.0516 0x0d20  AFD - ok
16:26:10.0547 0x0d20  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:26:10.0547 0x0d20  agp440 - ok
16:26:10.0562 0x0d20  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:26:10.0578 0x0d20  ALG - ok
16:26:10.0610 0x0d20  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:26:10.0610 0x0d20  aliide - ok
16:26:10.0626 0x0d20  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:26:10.0626 0x0d20  amdide - ok
16:26:10.0641 0x0d20  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:26:10.0657 0x0d20  AmdK8 - ok
16:26:10.0673 0x0d20  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:26:10.0688 0x0d20  AmdPPM - ok
16:26:10.0704 0x0d20  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:26:10.0719 0x0d20  amdsata - ok
16:26:10.0751 0x0d20  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:26:10.0766 0x0d20  amdsbs - ok
16:26:10.0782 0x0d20  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:26:10.0782 0x0d20  amdxata - ok
16:26:10.0813 0x0d20  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:26:10.0813 0x0d20  AppID - ok
16:26:10.0829 0x0d20  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:26:10.0844 0x0d20  AppIDSvc - ok
16:26:10.0875 0x0d20  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:26:10.0891 0x0d20  Appinfo - ok
16:26:10.0907 0x0d20  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:26:10.0922 0x0d20  Apple Mobile Device - ok
16:26:10.0938 0x0d20  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:26:10.0953 0x0d20  arc - ok
16:26:10.0969 0x0d20  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:26:10.0985 0x0d20  arcsas - ok
16:26:11.0000 0x0d20  [ 88FBC8BEBFD38566235EAA5E4DBC4E05, E714D913BA9786BD536F9D99E3510C489CA32F646044718394CEE65247941288 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
16:26:11.0000 0x0d20  AsDsm - ok
16:26:11.0031 0x0d20  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:26:11.0031 0x0d20  ASLDRService - ok
16:26:11.0047 0x0d20  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:26:11.0063 0x0d20  ASMMAP64 - ok
16:26:11.0109 0x0d20  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:26:11.0109 0x0d20  aspnet_state - ok
16:26:11.0141 0x0d20  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
16:26:11.0141 0x0d20  aswHwid - ok
16:26:11.0187 0x0d20  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:26:11.0187 0x0d20  aswMonFlt - ok
16:26:11.0234 0x0d20  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
16:26:11.0234 0x0d20  aswRdr - ok
16:26:11.0281 0x0d20  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:26:11.0281 0x0d20  aswRvrt - ok
16:26:11.0359 0x0d20  [ 0BCDF7DF06B4407A7EB0443AADB3DD27, 3D33FFBECFE4766FE66B1269B7B218D03D7ED9E58A9C27E8D8B84474F30DBB19 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:26:11.0437 0x0d20  aswSnx - ok
16:26:11.0515 0x0d20  [ 619CA9F210F0F36F8162E5B7BFDDA5CD, D0D87549BD32F575E518B510085F86D434C3B948733391A6F7959918D761F29B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:26:11.0546 0x0d20  aswSP - ok
16:26:11.0577 0x0d20  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
16:26:11.0593 0x0d20  aswStm - ok
16:26:11.0641 0x0d20  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:26:11.0656 0x0d20  aswVmm - ok
16:26:11.0672 0x0d20  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:26:11.0672 0x0d20  AsyncMac - ok
16:26:11.0688 0x0d20  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:26:11.0688 0x0d20  atapi - ok
16:26:11.0812 0x0d20  [ F8633CDD09647A64EE8DB550630427FF, 565F32E6B1E8451B2DD866E4997336A47B8DC6669392BDAAF252C35C0383E8A3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:26:11.0922 0x0d20  athr - ok
16:26:11.0968 0x0d20  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:26:11.0984 0x0d20  ATKGFNEXSrv - ok
16:26:12.0078 0x0d20  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:26:12.0124 0x0d20  AudioEndpointBuilder - ok
16:26:12.0177 0x0d20  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:26:12.0223 0x0d20  AudioSrv - ok
16:26:12.0270 0x0d20  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:26:12.0286 0x0d20  avast! Antivirus - ok
16:26:12.0317 0x0d20  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:26:12.0333 0x0d20  AxInstSV - ok
16:26:12.0395 0x0d20  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:26:12.0426 0x0d20  b06bdrv - ok
16:26:12.0473 0x0d20  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:26:12.0489 0x0d20  b57nd60a - ok
16:26:12.0520 0x0d20  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:26:12.0535 0x0d20  BDESVC - ok
16:26:12.0551 0x0d20  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:26:12.0551 0x0d20  Beep - ok
16:26:12.0629 0x0d20  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:26:12.0691 0x0d20  BFE - ok
16:26:12.0801 0x0d20  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:26:12.0863 0x0d20  BITS - ok
16:26:12.0879 0x0d20  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:26:12.0894 0x0d20  blbdrive - ok
16:26:12.0941 0x0d20  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:26:12.0972 0x0d20  Bonjour Service - ok
16:26:13.0019 0x0d20  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:26:13.0035 0x0d20  bowser - ok
16:26:13.0050 0x0d20  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:26:13.0050 0x0d20  BrFiltLo - ok
16:26:13.0066 0x0d20  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:26:13.0066 0x0d20  BrFiltUp - ok
16:26:13.0097 0x0d20  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:26:13.0113 0x0d20  Browser - ok
16:26:13.0144 0x0d20  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:26:13.0159 0x0d20  Brserid - ok
16:26:13.0175 0x0d20  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:26:13.0191 0x0d20  BrSerWdm - ok
16:26:13.0206 0x0d20  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:26:13.0206 0x0d20  BrUsbMdm - ok
16:26:13.0222 0x0d20  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:26:13.0222 0x0d20  BrUsbSer - ok
16:26:13.0253 0x0d20  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:26:13.0253 0x0d20  BTHMODEM - ok
16:26:13.0284 0x0d20  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:26:13.0284 0x0d20  bthserv - ok
16:26:13.0315 0x0d20  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:26:13.0331 0x0d20  cdfs - ok
16:26:13.0347 0x0d20  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:26:13.0362 0x0d20  cdrom - ok
16:26:13.0393 0x0d20  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:26:13.0409 0x0d20  CertPropSvc - ok
16:26:13.0425 0x0d20  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:26:13.0425 0x0d20  circlass - ok
16:26:13.0471 0x0d20  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:26:13.0503 0x0d20  CLFS - ok
16:26:13.0534 0x0d20  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:26:13.0534 0x0d20  clr_optimization_v2.0.50727_32 - ok
16:26:13.0565 0x0d20  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:26:13.0581 0x0d20  clr_optimization_v2.0.50727_64 - ok
16:26:13.0643 0x0d20  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:26:13.0659 0x0d20  clr_optimization_v4.0.30319_32 - ok
16:26:13.0674 0x0d20  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:26:13.0690 0x0d20  clr_optimization_v4.0.30319_64 - ok
16:26:13.0705 0x0d20  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:26:13.0705 0x0d20  CmBatt - ok
16:26:13.0721 0x0d20  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:26:13.0737 0x0d20  cmdide - ok
16:26:13.0799 0x0d20  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
16:26:13.0830 0x0d20  CNG - ok
16:26:13.0908 0x0d20  [ 7247A4D0875F5F28919E0787E11B7B57, 9F79077619E626A8DAE74D9EF819BF1D061455CBCAD23C491EC595A2F6C21DED ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
16:26:13.0986 0x0d20  CnxtHdAudService - ok
16:26:14.0043 0x0d20  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:26:14.0046 0x0d20  Compbatt - ok
16:26:14.0067 0x0d20  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:26:14.0067 0x0d20  CompositeBus - ok
16:26:14.0067 0x0df0  Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
16:26:14.0083 0x0d20  COMSysApp - ok
16:26:14.0098 0x0d20  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:26:14.0098 0x0d20  crcdisk - ok
16:26:14.0129 0x0d20  [ D8129C49798CBBFB2E4351D4B7B8EF9C, 7C125DBA3F88E7C6D98AE0869EDB7995360904A913923528ABD0429B2608C313 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:26:14.0176 0x0d20  CryptSvc - ok
16:26:14.0239 0x0d20  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:26:14.0285 0x0d20  DcomLaunch - ok
16:26:14.0332 0x0d20  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:26:14.0348 0x0d20  defragsvc - ok
16:26:14.0379 0x0d20  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:26:14.0395 0x0d20  DfsC - ok
16:26:14.0441 0x0d20  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:26:14.0473 0x0d20  Dhcp - ok
16:26:14.0473 0x0d20  DiagTrack - ok
16:26:14.0488 0x0d20  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:26:14.0504 0x0d20  discache - ok
16:26:14.0504 0x0d20  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:26:14.0519 0x0d20  Disk - ok
16:26:14.0535 0x0d20  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:26:14.0551 0x0d20  Dnscache - ok
16:26:14.0582 0x0d20  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:26:14.0613 0x0d20  dot3svc - ok
16:26:14.0644 0x0d20  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:26:14.0660 0x0d20  DPS - ok
16:26:14.0660 0x0d20  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:26:14.0675 0x0d20  drmkaud - ok
16:26:14.0753 0x0d20  [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:26:14.0816 0x0d20  DXGKrnl - ok
16:26:14.0878 0x0d20  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:26:14.0894 0x0d20  EapHost - ok
16:26:15.0128 0x0d20  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:26:15.0502 0x0d20  ebdrv - ok
16:26:15.0549 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
16:26:15.0565 0x0d20  EFS - ok
16:26:15.0643 0x0d20  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:26:15.0689 0x0d20  ehRecvr - ok
16:26:15.0705 0x0d20  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:26:15.0705 0x0d20  ehSched - ok
16:26:15.0783 0x0d20  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:26:15.0830 0x0d20  elxstor - ok
16:26:15.0845 0x0d20  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:26:15.0845 0x0d20  ErrDev - ok
16:26:15.0892 0x0d20  [ 05B0DCDA418E297A1B4CD8D7B8ADE403, 100F8093B3772563AD42F4C167E2A7C6ED65603FBB610804DBA0CAFAA7658520 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
16:26:15.0892 0x0d20  ETD - ok
16:26:15.0955 0x0d20  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:26:15.0986 0x0d20  EventSystem - ok
16:26:16.0017 0x0d20  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:26:16.0033 0x0d20  exfat - ok
16:26:16.0064 0x0d20  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:26:16.0079 0x0d20  fastfat - ok
16:26:16.0142 0x0d20  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:26:16.0189 0x0d20  Fax - ok
16:26:16.0189 0x0d20  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:26:16.0189 0x0d20  fdc - ok
16:26:16.0204 0x0d20  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:26:16.0220 0x0d20  fdPHost - ok
16:26:16.0235 0x0d20  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:26:16.0235 0x0d20  FDResPub - ok
16:26:16.0251 0x0d20  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:26:16.0251 0x0d20  FileInfo - ok
16:26:16.0267 0x0d20  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:26:16.0267 0x0d20  Filetrace - ok
16:26:16.0282 0x0d20  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:26:16.0282 0x0d20  flpydisk - ok
16:26:16.0313 0x0d20  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:26:16.0345 0x0d20  FltMgr - ok
16:26:16.0438 0x0d20  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:26:16.0501 0x0d20  FontCache - ok
16:26:16.0532 0x0d20  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:26:16.0547 0x0d20  FontCache3.0.0.0 - ok
16:26:16.0547 0x0d20  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:26:16.0563 0x0d20  FsDepends - ok
16:26:16.0563 0x0d20  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:26:16.0579 0x0d20  fssfltr - ok
16:26:16.0672 0x0d20  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:26:16.0797 0x0d20  fsssvc - ok
16:26:16.0813 0x0d20  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:26:16.0813 0x0d20  Fs_Rec - ok
16:26:16.0844 0x0d20  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:26:16.0859 0x0d20  fvevol - ok
16:26:16.0875 0x0d20  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:26:16.0875 0x0d20  gagp30kx - ok
16:26:16.0891 0x0d20  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:26:16.0891 0x0d20  GEARAspiWDM - ok
16:26:16.0984 0x0d20  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:26:17.0031 0x0d20  gpsvc - ok
16:26:17.0047 0x0d20  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:26:17.0047 0x0d20  hcw85cir - ok
16:26:17.0093 0x0d20  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:26:17.0125 0x0d20  HdAudAddService - ok
16:26:17.0140 0x0d20  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:26:17.0140 0x0d20  HDAudBus - ok
16:26:17.0171 0x0d20  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
16:26:17.0171 0x0d20  HECIx64 - ok
16:26:17.0187 0x0d20  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:26:17.0187 0x0d20  HidBatt - ok
16:26:17.0203 0x0d20  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:26:17.0203 0x0d20  HidBth - ok
16:26:17.0218 0x0d20  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:26:17.0234 0x0d20  HidIr - ok
16:26:17.0234 0x0d20  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:26:17.0249 0x0d20  hidserv - ok
16:26:17.0265 0x0d20  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:26:17.0265 0x0d20  HidUsb - ok
16:26:17.0296 0x0d20  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:26:17.0312 0x0df0  Object send P2P result: true
16:26:17.0312 0x0d20  hkmsvc - ok
16:26:17.0343 0x0d20  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:26:17.0374 0x0d20  HomeGroupListener - ok
16:26:17.0405 0x0d20  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:26:17.0437 0x0d20  HomeGroupProvider - ok
16:26:17.0437 0x0d20  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:26:17.0452 0x0d20  HpSAMD - ok
16:26:17.0561 0x0d20  [ E82871D75565219A7E28C6B14572EF63, CDE94165591FC52A2CB0475072F4F6C44065F34B816CCB8F92C5E5F40011DA45 ] HsdService      C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
16:26:17.0655 0x0d20  HsdService - ok
16:26:17.0749 0x0d20  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:26:17.0795 0x0d20  HTTP - ok
16:26:17.0811 0x0d20  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:26:17.0811 0x0d20  hwpolicy - ok
16:26:17.0827 0x0d20  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:26:17.0842 0x0d20  i8042prt - ok
16:26:17.0873 0x0d20  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:26:17.0889 0x0d20  iaStor - ok
16:26:17.0951 0x0d20  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:26:17.0983 0x0d20  iaStorV - ok
16:26:18.0045 0x0d20  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:26:18.0123 0x0d20  idsvc - ok
16:26:18.0139 0x0d20  IEEtwCollectorService - ok
16:26:18.0934 0x0d20  [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:26:19.0527 0x0d20  igfx - ok
16:26:19.0574 0x0d20  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:26:19.0574 0x0d20  iirsp - ok
16:26:19.0652 0x0d20  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:26:19.0714 0x0d20  IKEEXT - ok
16:26:19.0745 0x0d20  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
16:26:19.0745 0x0d20  Impcd - ok
16:26:19.0777 0x0d20  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:26:19.0808 0x0d20  IntcDAud - ok
16:26:19.0823 0x0d20  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:26:19.0823 0x0d20  intelide - ok
16:26:19.0855 0x0d20  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:26:19.0855 0x0d20  intelppm - ok
16:26:19.0886 0x0d20  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:26:19.0886 0x0d20  IPBusEnum - ok
16:26:19.0901 0x0d20  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:26:19.0917 0x0d20  IpFilterDriver - ok
16:26:19.0964 0x0d20  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:26:20.0011 0x0d20  iphlpsvc - ok
16:26:20.0026 0x0d20  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:26:20.0057 0x0d20  IPMIDRV - ok
16:26:20.0089 0x0d20  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:26:20.0089 0x0d20  IPNAT - ok
16:26:20.0167 0x0d20  [ EE4C2A137C7088911A8919EFFC9812E7, B93DE083B872FAA44D37C1EBC5C7F408FC6105F4324240796BF4F42951868117 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:26:20.0245 0x0d20  iPod Service - ok
16:26:20.0260 0x0d20  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:26:20.0276 0x0d20  IRENUM - ok
16:26:20.0276 0x0d20  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:26:20.0276 0x0d20  isapnp - ok
16:26:20.0323 0x0d20  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:26:20.0338 0x0d20  iScsiPrt - ok
16:26:20.0354 0x0d20  jiucecvv - ok
16:26:20.0385 0x0d20  [ DB917B998CBC15A153C00DD6EFC34C13, 5FF4DA2C2D567AAD435730EA910016F2E9DE8BDF0A414A477B72248D16A47115 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
16:26:20.0401 0x0d20  JMCR - ok
16:26:20.0416 0x0d20  [ 8ADAAFCD2B8C259DEBF6C8DFD9727889, 52378F1FBB3669DB3E1E9AEF65FCA009B0DC652D021CB1461163E008CB673F04 ] JME             C:\Windows\system32\DRIVERS\JME.sys
16:26:20.0432 0x0d20  JME - ok
16:26:20.0447 0x0d20  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:26:20.0447 0x0d20  kbdclass - ok
16:26:20.0463 0x0d20  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:26:20.0463 0x0d20  kbdhid - ok
16:26:20.0479 0x0d20  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
16:26:20.0479 0x0d20  kbfiltr - ok
16:26:20.0494 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
16:26:20.0525 0x0d20  KeyIso - ok
16:26:20.0541 0x0d20  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:26:20.0557 0x0d20  KSecDD - ok
16:26:20.0572 0x0d20  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:26:20.0588 0x0d20  KSecPkg - ok
16:26:20.0697 0x0d20  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:26:20.0697 0x0d20  ksthunk - ok
16:26:20.0759 0x0d20  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:26:20.0806 0x0d20  KtmRm - ok
16:26:20.0837 0x0d20  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:26:20.0869 0x0d20  LanmanServer - ok
16:26:20.0884 0x0d20  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:26:20.0915 0x0d20  LanmanWorkstation - ok
16:26:20.0947 0x0d20  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:26:20.0947 0x0d20  lltdio - ok
16:26:20.0978 0x0d20  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:26:21.0025 0x0d20  lltdsvc - ok
16:26:21.0040 0x0d20  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:26:21.0040 0x0d20  lmhosts - ok
16:26:21.0071 0x0d20  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:26:21.0087 0x0d20  LMS - ok
16:26:21.0118 0x0d20  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:26:21.0134 0x0d20  LSI_FC - ok
16:26:21.0134 0x0d20  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:26:21.0149 0x0d20  LSI_SAS - ok
16:26:21.0165 0x0d20  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:26:21.0165 0x0d20  LSI_SAS2 - ok
16:26:21.0196 0x0d20  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:26:21.0196 0x0d20  LSI_SCSI - ok
16:26:21.0212 0x0d20  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:26:21.0227 0x0d20  luafv - ok
16:26:21.0227 0x0d20  [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
16:26:21.0227 0x0d20  lullaby - ok
16:26:21.0243 0x0d20  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:26:21.0243 0x0d20  MBAMProtector - ok
16:26:21.0337 0x0d20  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:26:21.0415 0x0d20  MBAMService - ok
16:26:21.0461 0x0d20  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:26:21.0477 0x0d20  MBAMSwissArmy - ok
16:26:21.0493 0x0d20  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:26:21.0493 0x0d20  MBAMWebAccessControl - ok
16:26:21.0508 0x0d20  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:26:21.0524 0x0d20  Mcx2Svc - ok
16:26:21.0539 0x0d20  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:26:21.0539 0x0d20  megasas - ok
16:26:21.0571 0x0d20  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:26:21.0602 0x0d20  MegaSR - ok
16:26:21.0617 0x0d20  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:26:21.0633 0x0d20  MMCSS - ok
16:26:21.0649 0x0d20  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:26:21.0649 0x0d20  Modem - ok
16:26:21.0649 0x0d20  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:26:21.0664 0x0d20  monitor - ok
16:26:21.0664 0x0d20  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:26:21.0680 0x0d20  mouclass - ok
16:26:21.0680 0x0d20  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:26:21.0695 0x0d20  mouhid - ok
16:26:21.0695 0x0d20  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:26:21.0711 0x0d20  mountmgr - ok
16:26:21.0727 0x0d20  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:26:21.0742 0x0d20  mpio - ok
16:26:21.0759 0x0d20  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:26:21.0759 0x0d20  mpsdrv - ok
16:26:21.0821 0x0d20  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:26:21.0884 0x0d20  MpsSvc - ok
16:26:21.0915 0x0d20  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:26:21.0930 0x0d20  MRxDAV - ok
16:26:21.0946 0x0d20  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:26:21.0962 0x0d20  mrxsmb - ok
16:26:21.0977 0x0d20  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:26:21.0993 0x0d20  mrxsmb10 - ok
16:26:22.0024 0x0d20  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:26:22.0024 0x0d20  mrxsmb20 - ok
16:26:22.0040 0x0d20  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:26:22.0040 0x0d20  msahci - ok
16:26:22.0071 0x0d20  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:26:22.0071 0x0d20  msdsm - ok
16:26:22.0086 0x0d20  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:26:22.0102 0x0d20  MSDTC - ok
16:26:22.0133 0x0d20  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:26:22.0133 0x0d20  Msfs - ok
16:26:22.0149 0x0d20  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:26:22.0164 0x0d20  mshidkmdf - ok
16:26:22.0164 0x0d20  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:26:22.0164 0x0d20  msisadrv - ok
16:26:22.0196 0x0d20  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:26:22.0211 0x0d20  MSiSCSI - ok
16:26:22.0211 0x0d20  msiserver - ok
16:26:22.0227 0x0d20  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:26:22.0227 0x0d20  MSKSSRV - ok
16:26:22.0242 0x0d20  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:26:22.0242 0x0d20  MSPCLOCK - ok
16:26:22.0258 0x0d20  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:26:22.0258 0x0d20  MSPQM - ok
16:26:22.0305 0x0d20  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:26:22.0352 0x0d20  MsRPC - ok
16:26:22.0367 0x0d20  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:26:22.0367 0x0d20  mssmbios - ok
16:26:22.0383 0x0d20  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:26:22.0383 0x0d20  MSTEE - ok
16:26:22.0398 0x0d20  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:26:22.0398 0x0d20  MTConfig - ok
16:26:22.0398 0x0d20  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:26:22.0414 0x0d20  MTsensor - ok
16:26:22.0414 0x0d20  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:26:22.0430 0x0d20  Mup - ok
16:26:22.0492 0x0d20  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:26:22.0539 0x0d20  napagent - ok
16:26:22.0570 0x0d20  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:26:22.0601 0x0d20  NativeWifiP - ok
16:26:22.0664 0x0d20  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:26:22.0742 0x0d20  NDIS - ok
16:26:22.0757 0x0d20  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:26:22.0757 0x0d20  NdisCap - ok
16:26:22.0774 0x0d20  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:26:22.0774 0x0d20  NdisTapi - ok
16:26:22.0789 0x0d20  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:26:22.0789 0x0d20  Ndisuio - ok
16:26:22.0805 0x0d20  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:26:22.0821 0x0d20  NdisWan - ok
16:26:22.0836 0x0d20  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:26:22.0836 0x0d20  NDProxy - ok
16:26:22.0852 0x0d20  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:26:22.0852 0x0d20  NetBIOS - ok
16:26:22.0883 0x0d20  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:26:22.0899 0x0d20  NetBT - ok
16:26:22.0914 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
16:26:22.0930 0x0d20  Netlogon - ok
16:26:22.0961 0x0d20  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:26:23.0023 0x0d20  Netman - ok
16:26:23.0039 0x0d20  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:23.0039 0x0d20  NetMsmqActivator - ok
16:26:23.0055 0x0d20  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:23.0070 0x0d20  NetPipeActivator - ok
16:26:23.0133 0x0d20  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:26:23.0164 0x0d20  netprofm - ok
16:26:23.0179 0x0d20  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:23.0195 0x0d20  NetTcpActivator - ok
16:26:23.0211 0x0d20  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:23.0211 0x0d20  NetTcpPortSharing - ok
16:26:23.0226 0x0d20  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:26:23.0226 0x0d20  nfrd960 - ok
16:26:23.0273 0x0d20  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:26:23.0304 0x0d20  NlaSvc - ok
16:26:23.0320 0x0d20  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:26:23.0320 0x0d20  Npfs - ok
16:26:23.0335 0x0d20  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:26:23.0351 0x0d20  nsi - ok
16:26:23.0367 0x0d20  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:26:23.0367 0x0d20  nsiproxy - ok
16:26:23.0491 0x0d20  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:26:23.0601 0x0d20  Ntfs - ok
16:26:23.0616 0x0d20  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:26:23.0616 0x0d20  Null - ok
16:26:23.0647 0x0d20  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:26:23.0647 0x0d20  nvraid - ok
16:26:23.0679 0x0d20  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:26:23.0694 0x0d20  nvstor - ok
16:26:23.0710 0x0d20  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:26:23.0725 0x0d20  nv_agp - ok
16:26:23.0725 0x0d20  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:26:23.0741 0x0d20  ohci1394 - ok
16:26:23.0772 0x0d20  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:26:23.0835 0x0d20  p2pimsvc - ok
16:26:23.0866 0x0d20  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:26:23.0928 0x0d20  p2psvc - ok
16:26:23.0944 0x0d20  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:26:23.0959 0x0d20  Parport - ok
16:26:23.0975 0x0d20  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:26:23.0975 0x0d20  partmgr - ok
16:26:23.0991 0x0d20  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:26:24.0022 0x0d20  PcaSvc - ok
16:26:24.0037 0x0d20  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:26:24.0053 0x0d20  pci - ok
16:26:24.0053 0x0d20  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:26:24.0069 0x0d20  pciide - ok
16:26:24.0084 0x0d20  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:26:24.0100 0x0d20  pcmcia - ok
16:26:24.0115 0x0d20  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:26:24.0115 0x0d20  pcw - ok
16:26:24.0162 0x0d20  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:26:24.0193 0x0d20  PEAUTH - ok
16:26:24.0271 0x0d20  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:26:24.0271 0x0d20  PerfHost - ok
16:26:24.0412 0x0d20  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:26:24.0521 0x0d20  pla - ok
16:26:24.0583 0x0d20  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:26:24.0630 0x0d20  PlugPlay - ok
16:26:24.0630 0x0d20  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:26:24.0646 0x0d20  PNRPAutoReg - ok
16:26:24.0693 0x0d20  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:26:24.0724 0x0d20  PNRPsvc - ok
16:26:24.0771 0x0d20  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:26:24.0833 0x0d20  PolicyAgent - ok
16:26:24.0864 0x0d20  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:26:24.0895 0x0d20  Power - ok
16:26:24.0911 0x0d20  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:26:24.0927 0x0d20  PptpMiniport - ok
16:26:24.0942 0x0d20  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:26:24.0958 0x0d20  Processor - ok
16:26:24.0973 0x0d20  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:26:25.0020 0x0d20  ProfSvc - ok
16:26:25.0020 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:26:25.0036 0x0d20  ProtectedStorage - ok
16:26:25.0067 0x0d20  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:26:25.0067 0x0d20  Psched - ok
16:26:25.0192 0x0d20  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:26:25.0285 0x0d20  ql2300 - ok
16:26:25.0301 0x0d20  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:26:25.0317 0x0d20  ql40xx - ok
16:26:25.0332 0x0d20  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:26:25.0363 0x0d20  QWAVE - ok
16:26:25.0379 0x0d20  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:26:25.0379 0x0d20  QWAVEdrv - ok
16:26:25.0395 0x0d20  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:26:25.0395 0x0d20  RasAcd - ok
16:26:25.0410 0x0d20  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:26:25.0410 0x0d20  RasAgileVpn - ok
16:26:25.0441 0x0d20  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:26:25.0473 0x0d20  RasAuto - ok
16:26:25.0488 0x0d20  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:26:25.0488 0x0d20  Rasl2tp - ok
16:26:25.0535 0x0d20  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:26:25.0566 0x0d20  RasMan - ok
16:26:25.0582 0x0d20  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:26:25.0582 0x0d20  RasPppoe - ok
16:26:25.0613 0x0d20  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:26:25.0613 0x0d20  RasSstp - ok
16:26:25.0644 0x0d20  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:26:25.0675 0x0d20  rdbss - ok
16:26:25.0675 0x0d20  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:26:25.0691 0x0d20  rdpbus - ok
16:26:25.0691 0x0d20  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:26:25.0691 0x0d20  RDPCDD - ok
16:26:25.0738 0x0d20  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:26:25.0738 0x0d20  RDPENCDD - ok
16:26:25.0753 0x0d20  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:26:25.0753 0x0d20  RDPREFMP - ok
16:26:25.0800 0x0d20  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:26:25.0800 0x0d20  RDPWD - ok
16:26:25.0847 0x0d20  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:26:25.0878 0x0d20  rdyboost - ok
16:26:25.0909 0x0d20  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:26:25.0941 0x0d20  RemoteAccess - ok
16:26:25.0972 0x0d20  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:26:26.0003 0x0d20  RemoteRegistry - ok
16:26:26.0034 0x0d20  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:26:26.0065 0x0d20  RpcEptMapper - ok
16:26:26.0081 0x0d20  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:26:26.0097 0x0d20  RpcLocator - ok
16:26:26.0159 0x0d20  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:26:26.0206 0x0d20  RpcSs - ok
16:26:26.0221 0x0d20  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:26:26.0237 0x0d20  rspndr - ok
16:26:26.0237 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
16:26:26.0253 0x0d20  SamSs - ok
16:26:26.0268 0x0d20  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:26:26.0268 0x0d20  sbp2port - ok
16:26:26.0315 0x0d20  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:26:26.0346 0x0d20  SCardSvr - ok
16:26:26.0377 0x0d20  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:26:26.0377 0x0d20  scfilter - ok
16:26:26.0455 0x0d20  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:26:26.0549 0x0d20  Schedule - ok
16:26:26.0565 0x0d20  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:26:26.0565 0x0d20  SCPolicySvc - ok
16:26:26.0580 0x0d20  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:26:26.0596 0x0d20  sdbus - ok
16:26:26.0627 0x0d20  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:26:26.0724 0x0d20  SDRSVC - ok
16:26:26.0759 0x0d20  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:26:26.0763 0x0d20  secdrv - ok
16:26:26.0782 0x0d20  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:26:26.0800 0x0d20  seclogon - ok
16:26:26.0805 0x0d20  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:26:26.0836 0x0d20  SENS - ok
16:26:26.0836 0x0d20  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:26:26.0851 0x0d20  SensrSvc - ok
16:26:26.0867 0x0d20  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:26:26.0867 0x0d20  Serenum - ok
16:26:26.0883 0x0d20  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:26:26.0898 0x0d20  Serial - ok
16:26:26.0914 0x0d20  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:26:26.0914 0x0d20  sermouse - ok
16:26:27.0600 0x0d20  [ 9910F4097EECBF561B257D614ADEF09A, A0F80F28634DC5709B003CFB4F2F29C032C02D2E3E422A6D916B711E31D18B9B ] ServicepointService C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
16:26:28.0194 0x0d20  ServicepointService - ok
16:26:28.0256 0x0d20  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:26:28.0272 0x0d20  SessionEnv - ok
16:26:28.0272 0x0d20  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:26:28.0288 0x0d20  sffdisk - ok
16:26:28.0288 0x0d20  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:26:28.0303 0x0d20  sffp_mmc - ok
16:26:28.0303 0x0d20  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:26:28.0319 0x0d20  sffp_sd - ok
16:26:28.0319 0x0d20  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:26:28.0319 0x0d20  sfloppy - ok
16:26:28.0553 0x0d20  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:26:28.0584 0x0d20  SharedAccess - ok
16:26:28.0615 0x0d20  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:26:28.0646 0x0d20  ShellHWDetection - ok
16:26:28.0678 0x0d20  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
16:26:28.0678 0x0d20  SiSGbeLH - ok
16:26:28.0693 0x0d20  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:26:28.0693 0x0d20  SiSRaid2 - ok
16:26:28.0709 0x0d20  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:26:28.0724 0x0d20  SiSRaid4 - ok
16:26:28.0740 0x0d20  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:26:28.0756 0x0d20  Smb - ok
16:26:28.0771 0x0d20  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:26:28.0787 0x0d20  SNMPTRAP - ok
16:26:28.0927 0x0d20  [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
16:26:29.0036 0x0d20  SNP2UVC - ok
16:26:29.0052 0x0d20  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:26:29.0052 0x0d20  spldr - ok
16:26:29.0099 0x0d20  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:26:29.0146 0x0d20  Spooler - ok
16:26:29.0395 0x0d20  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:26:29.0614 0x0d20  sppsvc - ok
16:26:29.0629 0x0d20  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:26:29.0660 0x0d20  sppuinotify - ok
16:26:29.0707 0x0d20  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:26:29.0738 0x0d20  srv - ok
16:26:29.0770 0x0d20  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:26:29.0801 0x0d20  srv2 - ok
16:26:29.0832 0x0d20  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:26:29.0848 0x0d20  srvnet - ok
16:26:29.0863 0x0d20  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:26:29.0910 0x0d20  SSDPSRV - ok
16:26:29.0926 0x0d20  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:26:29.0941 0x0d20  SstpSvc - ok
16:26:29.0941 0x0d20  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:26:29.0957 0x0d20  stexstor - ok
16:26:30.0004 0x0d20  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:26:30.0082 0x0d20  stisvc - ok
16:26:30.0082 0x0d20  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:26:30.0082 0x0d20  swenum - ok
16:26:30.0128 0x0d20  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:26:30.0191 0x0d20  swprv - ok
16:26:30.0316 0x0d20  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:26:30.0440 0x0d20  SysMain - ok
16:26:30.0456 0x0d20  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:26:30.0472 0x0d20  TabletInputService - ok
16:26:30.0518 0x0d20  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:26:30.0565 0x0d20  TapiSrv - ok
16:26:30.0581 0x0d20  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:26:30.0596 0x0d20  TBS - ok
16:26:30.0721 0x0d20  [ 9849EA3843A2ADBDD1497E97A85D8CAE, 71984DB2555989A0934E158281EA5F966109EC925B064B2045469A0E77971A7C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:26:30.0846 0x0d20  Tcpip - ok
16:26:30.0971 0x0d20  [ 9849EA3843A2ADBDD1497E97A85D8CAE, 71984DB2555989A0934E158281EA5F966109EC925B064B2045469A0E77971A7C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:26:31.0064 0x0d20  TCPIP6 - ok
16:26:31.0080 0x0d20  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:26:31.0080 0x0d20  tcpipreg - ok
16:26:31.0127 0x0d20  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:26:31.0127 0x0d20  TDPIPE - ok
16:26:31.0142 0x0d20  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:26:31.0142 0x0d20  TDTCP - ok
16:26:31.0174 0x0d20  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:26:31.0174 0x0d20  tdx - ok
16:26:31.0205 0x0d20  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:26:31.0205 0x0d20  TermDD - ok
16:26:31.0283 0x0d20  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:26:31.0423 0x0d20  TermService - ok
16:26:31.0454 0x0d20  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:26:31.0470 0x0d20  Themes - ok
16:26:31.0486 0x0d20  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:26:31.0501 0x0d20  THREADORDER - ok
16:26:31.0532 0x0d20  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:26:31.0548 0x0d20  TrkWks - ok
16:26:31.0579 0x0d20  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:26:31.0595 0x0d20  TrustedInstaller - ok
16:26:31.0626 0x0d20  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:26:31.0626 0x0d20  tssecsrv - ok
16:26:31.0642 0x0d20  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:26:31.0657 0x0d20  TsUsbFlt - ok
16:26:31.0688 0x0d20  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:26:31.0688 0x0d20  tunnel - ok
16:26:31.0704 0x0d20  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:26:31.0704 0x0d20  uagp35 - ok
16:26:31.0751 0x0d20  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:26:31.0766 0x0d20  udfs - ok
16:26:31.0782 0x0d20  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:26:31.0813 0x0d20  UI0Detect - ok
16:26:31.0829 0x0d20  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:26:31.0829 0x0d20  uliagpkx - ok
16:26:31.0844 0x0d20  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:26:31.0844 0x0d20  umbus - ok
16:26:31.0860 0x0d20  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:26:31.0860 0x0d20  UmPass - ok
16:26:32.0016 0x0d20  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:26:32.0125 0x0d20  UNS - ok
16:26:32.0156 0x0d20  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:26:32.0203 0x0d20  upnphost - ok
16:26:32.0203 0x0d20  [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:26:32.0219 0x0d20  USBAAPL64 - ok
16:26:32.0234 0x0d20  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:26:32.0234 0x0d20  usbccgp - ok
16:26:32.0250 0x0d20  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:26:32.0266 0x0d20  usbcir - ok
16:26:32.0281 0x0d20  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:26:32.0281 0x0d20  usbehci - ok
16:26:32.0328 0x0d20  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:26:32.0344 0x0d20  usbhub - ok
16:26:32.0359 0x0d20  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:26:32.0359 0x0d20  usbohci - ok
16:26:32.0375 0x0d20  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:26:32.0375 0x0d20  usbprint - ok
16:26:32.0390 0x0d20  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:26:32.0390 0x0d20  USBSTOR - ok
16:26:32.0406 0x0d20  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:26:32.0406 0x0d20  usbuhci - ok
16:26:32.0437 0x0d20  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:26:32.0437 0x0d20  usbvideo - ok
16:26:32.0453 0x0d20  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:26:32.0468 0x0d20  UxSms - ok
16:26:32.0484 0x0d20  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
16:26:32.0500 0x0d20  VaultSvc - ok
16:26:32.0500 0x0d20  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:26:32.0515 0x0d20  vdrvroot - ok
16:26:32.0562 0x0d20  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:26:32.0624 0x0d20  vds - ok
16:26:32.0656 0x0d20  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:26:32.0656 0x0d20  vga - ok
16:26:32.0671 0x0d20  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:26:32.0671 0x0d20  VgaSave - ok
16:26:32.0702 0x0d20  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:26:32.0718 0x0d20  vhdmp - ok
16:26:32.0718 0x0d20  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:26:32.0718 0x0d20  viaide - ok
16:26:32.0734 0x0d20  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:26:32.0749 0x0d20  volmgr - ok
16:26:32.0780 0x0d20  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:26:32.0812 0x0d20  volmgrx - ok
16:26:32.0843 0x0d20  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:26:32.0874 0x0d20  volsnap - ok
16:26:32.0890 0x0d20  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:26:32.0905 0x0d20  vsmraid - ok
16:26:33.0014 0x0d20  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:26:33.0124 0x0d20  VSS - ok
16:26:33.0139 0x0d20  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:26:33.0139 0x0d20  vwifibus - ok
16:26:33.0155 0x0d20  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:26:33.0155 0x0d20  vwififlt - ok
16:26:33.0217 0x0d20  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:26:33.0264 0x0d20  W32Time - ok
16:26:33.0280 0x0d20  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:26:33.0280 0x0d20  WacomPen - ok
16:26:33.0311 0x0d20  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:26:33.0311 0x0d20  WANARP - ok
16:26:33.0326 0x0d20  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:26:33.0326 0x0d20  Wanarpv6 - ok
16:26:33.0420 0x0d20  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:26:33.0498 0x0d20  WatAdminSvc - ok
16:26:33.0607 0x0d20  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:26:33.0716 0x0d20  wbengine - ok
16:26:33.0748 0x0d20  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:26:33.0779 0x0d20  WbioSrvc - ok
16:26:33.0826 0x0d20  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:26:33.0857 0x0d20  wcncsvc - ok
16:26:33.0872 0x0d20  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:26:33.0888 0x0d20  WcsPlugInService - ok
16:26:33.0904 0x0d20  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:26:33.0904 0x0d20  Wd - ok
16:26:33.0966 0x0d20  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:26:34.0013 0x0d20  Wdf01000 - ok
16:26:34.0044 0x0d20  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:26:34.0060 0x0d20  WdiServiceHost - ok
16:26:34.0075 0x0d20  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:26:34.0091 0x0d20  WdiSystemHost - ok
16:26:34.0153 0x0d20  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:26:34.0184 0x0d20  WebClient - ok
16:26:34.0216 0x0d20  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:26:34.0247 0x0d20  Wecsvc - ok
16:26:34.0278 0x0d20  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:26:34.0309 0x0d20  wercplsupport - ok
16:26:34.0325 0x0d20  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:26:34.0340 0x0d20  WerSvc - ok
16:26:34.0356 0x0d20  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:26:34.0356 0x0d20  WfpLwf - ok
16:26:34.0387 0x0d20  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:26:34.0403 0x0d20  WimFltr - ok
16:26:34.0403 0x0d20  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:26:34.0418 0x0d20  WIMMount - ok
16:26:34.0418 0x0d20  WinDefend - ok
16:26:34.0434 0x0d20  WinHttpAutoProxySvc - ok
16:26:34.0465 0x0d20  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:26:34.0512 0x0d20  Winmgmt - ok
16:26:34.0637 0x0d20  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:26:34.0808 0x0d20  WinRM - ok
16:26:34.0840 0x0d20  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:26:34.0840 0x0d20  WinUsb - ok
16:26:34.0902 0x0d20  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:26:34.0996 0x0d20  Wlansvc - ok
16:26:35.0011 0x0d20  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:26:35.0011 0x0d20  wlcrasvc - ok
16:26:35.0167 0x0d20  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:26:35.0354 0x0d20  wlidsvc - ok
16:26:35.0354 0x0d20  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:26:35.0370 0x0d20  WmiAcpi - ok
16:26:35.0401 0x0d20  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:26:35.0417 0x0d20  wmiApSrv - ok
16:26:35.0417 0x0d20  WMPNetworkSvc - ok
16:26:35.0432 0x0d20  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:26:35.0448 0x0d20  WPCSvc - ok
16:26:35.0464 0x0d20  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:26:35.0495 0x0d20  WPDBusEnum - ok
16:26:35.0510 0x0d20  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:26:35.0510 0x0d20  ws2ifsl - ok
16:26:35.0526 0x0d20  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
16:26:35.0542 0x0d20  wscsvc - ok
16:26:35.0557 0x0d20  WSearch - ok
16:26:35.0729 0x0d20  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:26:35.0900 0x0d20  wuauserv - ok
16:26:35.0932 0x0d20  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:26:35.0932 0x0d20  WudfPf - ok
16:26:35.0963 0x0d20  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:26:35.0978 0x0d20  WUDFRd - ok
16:26:35.0994 0x0d20  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:26:36.0010 0x0d20  wudfsvc - ok
16:26:36.0056 0x0d20  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:26:36.0103 0x0d20  WwanSvc - ok
16:26:36.0119 0x0d20  ================ Scan global ===============================
16:26:36.0119 0x0d20  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:26:36.0150 0x0d20  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
16:26:36.0197 0x0d20  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
16:26:36.0228 0x0d20  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:26:36.0275 0x0d20  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:26:36.0306 0x0d20  [ Global ] - ok
16:26:36.0306 0x0d20  ================ Scan MBR ==================================
16:26:36.0337 0x0d20  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:26:36.0712 0x0d20  \Device\Harddisk0\DR0 - ok
16:26:36.0712 0x0d20  ================ Scan VBR ==================================
16:26:36.0727 0x0d20  [ 7109AE87D960B45FABA4598A0705296A ] \Device\Harddisk0\DR0\Partition1
16:26:36.0727 0x0d20  \Device\Harddisk0\DR0\Partition1 - ok
16:26:36.0743 0x0d20  [ EA09F1935C568D65E5B529C26E238815 ] \Device\Harddisk0\DR0\Partition2
16:26:36.0743 0x0d20  \Device\Harddisk0\DR0\Partition2 - ok
16:26:36.0743 0x0d20  ================ Scan generic autorun ======================
16:26:36.0774 0x0d20  [ 5B3719BDBF1F035558F2D73BA166A99C, AA0A6B2C7B504637A77C31A1680245CEAE993417050B9A0D8595E3424BC2D57A ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
16:26:36.0805 0x0d20  SmartAudio - ok
16:26:36.0852 0x0d20  [ B69A01794D44C769C2575AE75E2EB31F, CE19EEA3F738A5F2A2C43EB6699AACB21D798B9649D744FB983868FB3E58E7C1 ] C:\Windows\system32\igfxpers.exe
16:26:36.0914 0x0d20  Persistence - ok
16:26:36.0946 0x0d20  [ 0BBFE08ECCE8A209D07C3B68D63FC293, 0374316F3586D191437F5A54F9A322B3F68002652920477DBCFD48EF049E6F21 ] C:\Windows\system32\igfxtray.exe
16:26:36.0961 0x0d20  IgfxTray - ok
16:26:36.0992 0x0d20  [ 2F16207A65B62001FC73E6798D0B8F2A, 44B3B7E0ED654480EE6CB238976FCDC745BE3EFD7CDC71B262146A4CE63731CD ] C:\Windows\system32\hkcmd.exe
16:26:37.0024 0x0d20  HotKeysCmds - ok
16:26:37.0039 0x0d20  ETDWare - ok
16:26:37.0694 0x0d20  [ A65D3054EC15EF918F6072CC042EEF7A, 232536009B398C5F8D162864D9374C2789667BCAC7C39D3DCBD3A3A37D794AA7 ] C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
16:26:38.0178 0x0d20  Windstream Service Agent.exe - ok
16:26:38.0428 0x0d20  [ 4753A3BA6324677E1DB205DCC7509549, CA404DDFB63BDC1A81DAD96F0C8D16CCCE015BE93CC8D30EEF4C485567E55C21 ] C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
16:26:38.0552 0x0d20  DiagnosticTools.exe - ok
16:26:38.0584 0x0d20  [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:26:38.0599 0x0d20  SunJavaUpdateSched - ok
16:26:38.0693 0x0d20  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:26:38.0755 0x0d20  Sidebar - ok
16:26:38.0771 0x0d20  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:26:38.0786 0x0d20  mctadmin - ok
16:26:38.0880 0x0d20  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:26:38.0942 0x0d20  Sidebar - ok
16:26:38.0958 0x0d20  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:26:38.0958 0x0d20  mctadmin - ok
16:26:39.0020 0x0d20  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
16:26:39.0020 0x0d20  Google Update - ok
16:26:39.0036 0x0d20  Inspector - ok
16:26:39.0145 0x0d20  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:26:39.0239 0x0d20  Sidebar - ok
16:26:39.0239 0x0d20  Waiting for KSN requests completion. In queue: 39
16:26:40.0253 0x0d20  Waiting for KSN requests completion. In queue: 39
16:26:41.0267 0x0d20  Waiting for KSN requests completion. In queue: 39
16:26:42.0439 0x0d20  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
16:26:42.0439 0x0d20  Win FW state via NFP2: enabled ( trusted )
16:26:45.0434 0x0d20  ============================================================
16:26:45.0434 0x0d20  Scan finished
16:26:45.0434 0x0d20  ============================================================
16:26:45.0450 0x0f30  Detected object count: 0
16:26:45.0450 0x0f30  Actual detected object count: 0
16:29:29.0866 0x1054  ============================================================
16:29:29.0866 0x1054  Scan started
16:29:29.0866 0x1054  Mode: Manual; 
16:29:29.0866 0x1054  ============================================================
16:29:29.0866 0x1054  KSN ping started
16:29:32.0721 0x1054  KSN ping finished: true
16:29:33.0127 0x1054  ================ Scan system memory ========================
16:29:33.0127 0x1054  System memory - ok
16:29:33.0127 0x1054  ================ Scan services =============================
16:29:33.0236 0x1054  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:29:33.0251 0x1054  1394ohci - ok
16:29:33.0283 0x1054  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:29:33.0314 0x1054  ACPI - ok
16:29:33.0314 0x1054  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:29:33.0329 0x1054  AcpiPmi - ok
16:29:33.0376 0x1054  [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:29:33.0392 0x1054  AdobeFlashPlayerUpdateSvc - ok
16:29:33.0392 0x1054  Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
16:29:38.0041 0x1054  Object send P2P result: true
16:29:38.0212 0x1054  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:29:38.0243 0x1054  adp94xx - ok
16:29:38.0290 0x1054  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:29:38.0306 0x1054  adpahci - ok
16:29:38.0321 0x1054  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:29:38.0337 0x1054  adpu320 - ok
16:29:38.0368 0x1054  [ C0BF554D2277F7A4C735D475ADE2E3B2, 58ED620CD73239A6AB8F993492494AB0F09705B25E671A842D5163B13F452B15 ] ADSMService     C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
16:29:38.0384 0x1054  ADSMService - ok
16:29:38.0399 0x1054  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:29:38.0399 0x1054  AeLookupSvc - ok
16:29:38.0431 0x1054  [ 17AA5993C61425F8428F2FEC491C3E67, 2C869B8459C4CD82433E665981D0117CA0C55AFBCF234BC2AAFE22A02EFEC31E ] AFBAgent        C:\Windows\system32\FBAgent.exe
16:29:38.0462 0x1054  AFBAgent - ok
16:29:38.0524 0x1054  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
16:29:38.0540 0x1054  AFD - ok
16:29:38.0555 0x1054  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:29:38.0571 0x1054  agp440 - ok
16:29:38.0587 0x1054  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:29:38.0587 0x1054  ALG - ok
16:29:38.0602 0x1054  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:29:38.0602 0x1054  aliide - ok
16:29:38.0618 0x1054  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:29:38.0618 0x1054  amdide - ok
16:29:38.0633 0x1054  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:29:38.0633 0x1054  AmdK8 - ok
16:29:38.0649 0x1054  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:29:38.0649 0x1054  AmdPPM - ok
16:29:38.0680 0x1054  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:29:38.0696 0x1054  amdsata - ok
16:29:38.0727 0x1054  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:29:38.0727 0x1054  amdsbs - ok
16:29:38.0743 0x1054  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:29:38.0743 0x1054  amdxata - ok
16:29:38.0758 0x1054  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:29:38.0758 0x1054  AppID - ok
16:29:38.0774 0x1054  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:29:38.0774 0x1054  AppIDSvc - ok
16:29:38.0789 0x1054  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:29:38.0789 0x1054  Appinfo - ok
16:29:38.0805 0x1054  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:29:38.0821 0x1054  Apple Mobile Device - ok
16:29:38.0836 0x1054  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:29:38.0836 0x1054  arc - ok
16:29:38.0852 0x1054  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:29:38.0867 0x1054  arcsas - ok
16:29:38.0867 0x1054  [ 88FBC8BEBFD38566235EAA5E4DBC4E05, E714D913BA9786BD536F9D99E3510C489CA32F646044718394CEE65247941288 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
16:29:38.0867 0x1054  AsDsm - ok
16:29:38.0883 0x1054  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:29:38.0899 0x1054  ASLDRService - ok
16:29:38.0914 0x1054  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:29:38.0914 0x1054  ASMMAP64 - ok
16:29:38.0945 0x1054  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:29:38.0961 0x1054  aspnet_state - ok
16:29:38.0961 0x1054  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
16:29:38.0961 0x1054  aswHwid - ok
16:29:38.0977 0x1054  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:29:38.0992 0x1054  aswMonFlt - ok
16:29:39.0008 0x1054  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
16:29:39.0008 0x1054  aswRdr - ok
16:29:39.0023 0x1054  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:29:39.0023 0x1054  aswRvrt - ok
16:29:39.0101 0x1054  [ 0BCDF7DF06B4407A7EB0443AADB3DD27, 3D33FFBECFE4766FE66B1269B7B218D03D7ED9E58A9C27E8D8B84474F30DBB19 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:29:39.0148 0x1054  aswSnx - ok
16:29:39.0195 0x1054  [ 619CA9F210F0F36F8162E5B7BFDDA5CD, D0D87549BD32F575E518B510085F86D434C3B948733391A6F7959918D761F29B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:29:39.0226 0x1054  aswSP - ok
16:29:39.0242 0x1054  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
16:29:39.0257 0x1054  aswStm - ok
16:29:39.0273 0x1054  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:29:39.0289 0x1054  aswVmm - ok
16:29:39.0304 0x1054  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:39.0304 0x1054  AsyncMac - ok
16:29:39.0320 0x1054  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:29:39.0320 0x1054  atapi - ok
16:29:39.0429 0x1054  [ F8633CDD09647A64EE8DB550630427FF, 565F32E6B1E8451B2DD866E4997336A47B8DC6669392BDAAF252C35C0383E8A3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:29:39.0507 0x1054  athr - ok
16:29:39.0523 0x1054  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:29:39.0523 0x1054  ATKGFNEXSrv - ok
16:29:39.0601 0x1054  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:29:39.0632 0x1054  AudioEndpointBuilder - ok
16:29:39.0694 0x1054  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:29:39.0725 0x1054  AudioSrv - ok
16:29:39.0788 0x1054  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:29:39.0803 0x1054  avast! Antivirus - ok
16:29:39.0819 0x1054  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:29:39.0819 0x1054  AxInstSV - ok
16:29:39.0866 0x1054  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:29:39.0881 0x1054  b06bdrv - ok
16:29:39.0913 0x1054  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:39.0928 0x1054  b57nd60a - ok
16:29:39.0959 0x1054  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:29:39.0959 0x1054  BDESVC - ok
16:29:39.0975 0x1054  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:29:39.0975 0x1054  Beep - ok
16:29:40.0022 0x1054  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:29:40.0069 0x1054  BFE - ok
16:29:40.0131 0x1054  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:29:40.0178 0x1054  BITS - ok
16:29:40.0193 0x1054  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:40.0193 0x1054  blbdrive - ok
16:29:40.0256 0x1054  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:29:40.0271 0x1054  Bonjour Service - ok
16:29:40.0287 0x1054  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:29:40.0303 0x1054  bowser - ok
16:29:40.0303 0x1054  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:29:40.0303 0x1054  BrFiltLo - ok
16:29:40.0318 0x1054  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:29:40.0318 0x1054  BrFiltUp - ok
16:29:40.0334 0x1054  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:29:40.0349 0x1054  Browser - ok
16:29:40.0381 0x1054  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:29:40.0396 0x1054  Brserid - ok
16:29:40.0396 0x1054  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:29:40.0412 0x1054  BrSerWdm - ok
16:29:40.0412 0x1054  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:29:40.0412 0x1054  BrUsbMdm - ok
16:29:40.0427 0x1054  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:29:40.0427 0x1054  BrUsbSer - ok
16:29:40.0443 0x1054  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:29:40.0443 0x1054  BTHMODEM - ok
16:29:40.0474 0x1054  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:29:40.0474 0x1054  bthserv - ok
16:29:40.0490 0x1054  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:29:40.0490 0x1054  cdfs - ok
16:29:40.0521 0x1054  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:29:40.0521 0x1054  cdrom - ok
16:29:40.0537 0x1054  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:29:40.0552 0x1054  CertPropSvc - ok
16:29:40.0552 0x1054  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:29:40.0568 0x1054  circlass - ok
16:29:40.0599 0x1054  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:29:40.0615 0x1054  CLFS - ok
16:29:40.0646 0x1054  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:40.0661 0x1054  clr_optimization_v2.0.50727_32 - ok
16:29:40.0677 0x1054  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:29:40.0693 0x1054  clr_optimization_v2.0.50727_64 - ok
16:29:40.0724 0x1054  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:40.0724 0x1054  clr_optimization_v4.0.30319_32 - ok
16:29:40.0739 0x1054  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:40.0755 0x1054  clr_optimization_v4.0.30319_64 - ok
16:29:40.0771 0x1054  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:29:40.0771 0x1054  CmBatt - ok
16:29:40.0786 0x1054  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:29:40.0786 0x1054  cmdide - ok
16:29:40.0817 0x1054  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
16:29:40.0849 0x1054  CNG - ok
16:29:40.0911 0x1054  [ 7247A4D0875F5F28919E0787E11B7B57, 9F79077619E626A8DAE74D9EF819BF1D061455CBCAD23C491EC595A2F6C21DED ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
16:29:40.0942 0x1054  CnxtHdAudService - ok
16:29:40.0958 0x1054  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:29:40.0958 0x1054  Compbatt - ok
16:29:40.0958 0x1054  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:29:40.0973 0x1054  CompositeBus - ok
16:29:40.0973 0x1054  COMSysApp - ok
16:29:40.0989 0x1054  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:29:40.0989 0x1054  crcdisk - ok
16:29:41.0020 0x1054  [ D8129C49798CBBFB2E4351D4B7B8EF9C, 7C125DBA3F88E7C6D98AE0869EDB7995360904A913923528ABD0429B2608C313 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:29:41.0020 0x1054  CryptSvc - ok
16:29:41.0083 0x1054  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:29:41.0114 0x1054  DcomLaunch - ok
16:29:41.0161 0x1054  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:29:41.0176 0x1054  defragsvc - ok
16:29:41.0192 0x1054  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:29:41.0192 0x1054  DfsC - ok
16:29:41.0223 0x1054  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:29:41.0254 0x1054  Dhcp - ok
16:29:41.0254 0x1054  DiagTrack - ok
16:29:41.0270 0x1054  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:29:41.0270 0x1054  discache - ok
16:29:41.0285 0x1054  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:29:41.0285 0x1054  Disk - ok
16:29:41.0317 0x1054  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:29:41.0332 0x1054  Dnscache - ok
16:29:41.0348 0x1054  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:29:41.0363 0x1054  dot3svc - ok
16:29:41.0379 0x1054  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:29:41.0395 0x1054  DPS - ok
16:29:41.0410 0x1054  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:29:41.0410 0x1054  drmkaud - ok
16:29:41.0488 0x1054  [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:29:41.0535 0x1054  DXGKrnl - ok
16:29:41.0551 0x1054  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:29:41.0566 0x1054  EapHost - ok
16:29:41.0769 0x1054  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:29:41.0925 0x1054  ebdrv - ok
16:29:41.0972 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
16:29:41.0987 0x1054  EFS - ok
16:29:42.0050 0x1054  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:29:42.0081 0x1054  ehRecvr - ok
16:29:42.0097 0x1054  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:29:42.0112 0x1054  ehSched - ok
16:29:42.0175 0x1054  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:29:42.0206 0x1054  elxstor - ok
16:29:42.0206 0x1054  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:29:42.0221 0x1054  ErrDev - ok
16:29:42.0237 0x1054  [ 05B0DCDA418E297A1B4CD8D7B8ADE403, 100F8093B3772563AD42F4C167E2A7C6ED65603FBB610804DBA0CAFAA7658520 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
16:29:42.0237 0x1054  ETD - ok
16:29:42.0284 0x1054  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:29:42.0315 0x1054  EventSystem - ok
16:29:42.0331 0x1054  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:29:42.0346 0x1054  exfat - ok
16:29:42.0377 0x1054  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:29:42.0377 0x1054  fastfat - ok
16:29:42.0440 0x1054  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:29:42.0471 0x1054  Fax - ok
16:29:42.0487 0x1054  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:29:42.0487 0x1054  fdc - ok
16:29:42.0502 0x1054  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:29:42.0502 0x1054  fdPHost - ok
16:29:42.0518 0x1054  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:29:42.0533 0x1054  FDResPub - ok
16:29:42.0533 0x1054  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:29:42.0549 0x1054  FileInfo - ok
16:29:42.0549 0x1054  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:29:42.0565 0x1054  Filetrace - ok
16:29:42.0565 0x1054  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:29:42.0565 0x1054  flpydisk - ok
16:29:42.0596 0x1054  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:29:42.0611 0x1054  FltMgr - ok
16:29:42.0705 0x1054  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:29:42.0767 0x1054  FontCache - ok
16:29:42.0783 0x1054  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:42.0783 0x1054  FontCache3.0.0.0 - ok
16:29:42.0799 0x1054  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:29:42.0799 0x1054  FsDepends - ok
16:29:42.0814 0x1054  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:29:42.0814 0x1054  fssfltr - ok
16:29:42.0923 0x1054  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:29:43.0001 0x1054  fsssvc - ok
16:29:43.0017 0x1054  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:29:43.0017 0x1054  Fs_Rec - ok
16:29:43.0033 0x1054  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:29:43.0048 0x1054  fvevol - ok
16:29:43.0064 0x1054  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:29:43.0064 0x1054  gagp30kx - ok
16:29:43.0079 0x1054  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:29:43.0079 0x1054  GEARAspiWDM - ok
16:29:43.0142 0x1054  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:29:43.0189 0x1054  gpsvc - ok
16:29:43.0204 0x1054  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:29:43.0204 0x1054  hcw85cir - ok
16:29:43.0251 0x1054  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:29:43.0267 0x1054  HdAudAddService - ok
16:29:43.0282 0x1054  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:29:43.0298 0x1054  HDAudBus - ok
16:29:43.0313 0x1054  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
16:29:43.0313 0x1054  HECIx64 - ok
16:29:43.0329 0x1054  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:29:43.0329 0x1054  HidBatt - ok
16:29:43.0345 0x1054  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:29:43.0345 0x1054  HidBth - ok
16:29:43.0360 0x1054  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:29:43.0360 0x1054  HidIr - ok
16:29:43.0376 0x1054  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:29:43.0391 0x1054  hidserv - ok
16:29:43.0391 0x1054  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:29:43.0407 0x1054  HidUsb - ok
16:29:43.0407 0x1054  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:29:43.0423 0x1054  hkmsvc - ok
16:29:43.0454 0x1054  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:29:43.0469 0x1054  HomeGroupListener - ok
16:29:43.0506 0x1054  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:29:43.0521 0x1054  HomeGroupProvider - ok
16:29:43.0537 0x1054  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:29:43.0537 0x1054  HpSAMD - ok
16:29:43.0662 0x1054  [ E82871D75565219A7E28C6B14572EF63, CDE94165591FC52A2CB0475072F4F6C44065F34B816CCB8F92C5E5F40011DA45 ] HsdService      C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
16:29:43.0724 0x1054  HsdService - ok
16:29:43.0818 0x1054  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:29:43.0864 0x1054  HTTP - ok
16:29:43.0880 0x1054  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:29:43.0880 0x1054  hwpolicy - ok
16:29:43.0896 0x1054  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:29:43.0911 0x1054  i8042prt - ok
16:29:43.0958 0x1054  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:29:43.0974 0x1054  iaStor - ok
16:29:44.0036 0x1054  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:29:44.0052 0x1054  iaStorV - ok
16:29:44.0130 0x1054  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:44.0192 0x1054  idsvc - ok
16:29:44.0208 0x1054  IEEtwCollectorService - ok
16:29:44.0832 0x1054  [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:29:45.0346 0x1054  igfx - ok
16:29:45.0502 0x1054  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:29:45.0502 0x1054  iirsp - ok
16:29:45.0580 0x1054  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:29:45.0627 0x1054  IKEEXT - ok
16:29:45.0643 0x1054  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
16:29:45.0658 0x1054  Impcd - ok
16:29:45.0690 0x1054  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:29:45.0705 0x1054  IntcDAud - ok
16:29:45.0705 0x1054  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:29:45.0721 0x1054  intelide - ok
16:29:45.0721 0x1054  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:29:45.0736 0x1054  intelppm - ok
16:29:45.0752 0x1054  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:29:45.0752 0x1054  IPBusEnum - ok
16:29:45.0768 0x1054  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:29:45.0783 0x1054  IpFilterDriver - ok
16:29:45.0830 0x1054  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:29:45.0861 0x1054  iphlpsvc - ok
16:29:45.0877 0x1054  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:29:45.0877 0x1054  IPMIDRV - ok
16:29:45.0892 0x1054  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:29:45.0908 0x1054  IPNAT - ok
16:29:45.0970 0x1054  [ EE4C2A137C7088911A8919EFFC9812E7, B93DE083B872FAA44D37C1EBC5C7F408FC6105F4324240796BF4F42951868117 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:29:46.0017 0x1054  iPod Service - ok
16:29:46.0033 0x1054  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:29:46.0048 0x1054  IRENUM - ok
16:29:46.0048 0x1054  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:29:46.0048 0x1054  isapnp - ok
16:29:46.0095 0x1054  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:29:46.0111 0x1054  iScsiPrt - ok
16:29:46.0111 0x1054  jiucecvv - ok
16:29:46.0158 0x1054  [ DB917B998CBC15A153C00DD6EFC34C13, 5FF4DA2C2D567AAD435730EA910016F2E9DE8BDF0A414A477B72248D16A47115 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
16:29:46.0173 0x1054  JMCR - ok
16:29:46.0189 0x1054  [ 8ADAAFCD2B8C259DEBF6C8DFD9727889, 52378F1FBB3669DB3E1E9AEF65FCA009B0DC652D021CB1461163E008CB673F04 ] JME             C:\Windows\system32\DRIVERS\JME.sys
16:29:46.0189 0x1054  JME - ok
16:29:46.0204 0x1054  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:29:46.0204 0x1054  kbdclass - ok
16:29:46.0220 0x1054  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:29:46.0220 0x1054  kbdhid - ok
16:29:46.0236 0x1054  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
16:29:46.0236 0x1054  kbfiltr - ok
16:29:46.0251 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
16:29:46.0267 0x1054  KeyIso - ok
16:29:46.0267 0x1054  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:29:46.0282 0x1054  KSecDD - ok
16:29:46.0298 0x1054  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:29:46.0314 0x1054  KSecPkg - ok
16:29:46.0314 0x1054  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:29:46.0329 0x1054  ksthunk - ok
16:29:46.0360 0x1054  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:29:46.0392 0x1054  KtmRm - ok
16:29:46.0423 0x1054  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:29:46.0438 0x1054  LanmanServer - ok
16:29:46.0454 0x1054  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:29:46.0485 0x1054  LanmanWorkstation - ok
16:29:46.0501 0x1054  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:29:46.0501 0x1054  lltdio - ok
16:29:46.0548 0x1054  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:29:46.0563 0x1054  lltdsvc - ok
16:29:46.0579 0x1054  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:29:46.0579 0x1054  lmhosts - ok
16:29:46.0610 0x1054  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:29:46.0626 0x1054  LMS - ok
16:29:46.0657 0x1054  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:29:46.0672 0x1054  LSI_FC - ok
16:29:46.0688 0x1054  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:29:46.0688 0x1054  LSI_SAS - ok
16:29:46.0704 0x1054  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:29:46.0704 0x1054  LSI_SAS2 - ok
16:29:46.0719 0x1054  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:29:46.0735 0x1054  LSI_SCSI - ok
16:29:46.0750 0x1054  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:29:46.0750 0x1054  luafv - ok
16:29:46.0766 0x1054  [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
16:29:46.0766 0x1054  lullaby - ok
16:29:46.0766 0x1054  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:29:46.0782 0x1054  MBAMProtector - ok
16:29:46.0875 0x1054  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:29:46.0922 0x1054  MBAMService - ok
16:29:46.0953 0x1054  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:29:46.0953 0x1054  MBAMSwissArmy - ok
16:29:46.0969 0x1054  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:29:46.0969 0x1054  MBAMWebAccessControl - ok
16:29:46.0984 0x1054  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:29:47.0000 0x1054  Mcx2Svc - ok
16:29:47.0016 0x1054  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:29:47.0016 0x1054  megasas - ok
16:29:47.0047 0x1054  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:29:47.0062 0x1054  MegaSR - ok
16:29:47.0078 0x1054  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:29:47.0078 0x1054  MMCSS - ok
16:29:47.0094 0x1054  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:29:47.0094 0x1054  Modem - ok
16:29:47.0109 0x1054  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:29:47.0109 0x1054  monitor - ok
16:29:47.0125 0x1054  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:29:47.0140 0x1054  mouclass - ok
16:29:47.0140 0x1054  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:29:47.0156 0x1054  mouhid - ok
16:29:47.0172 0x1054  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:29:47.0172 0x1054  mountmgr - ok
16:29:47.0187 0x1054  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:29:47.0203 0x1054  mpio - ok
16:29:47.0218 0x1054  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:29:47.0218 0x1054  mpsdrv - ok
16:29:47.0281 0x1054  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:29:47.0328 0x1054  MpsSvc - ok
16:29:47.0359 0x1054  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:29:47.0359 0x1054  MRxDAV - ok
16:29:47.0374 0x1054  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:29:47.0390 0x1054  mrxsmb - ok
16:29:47.0406 0x1054  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:29:47.0421 0x1054  mrxsmb10 - ok
16:29:47.0437 0x1054  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:29:47.0452 0x1054  mrxsmb20 - ok
16:29:47.0468 0x1054  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:29:47.0468 0x1054  msahci - ok
16:29:47.0484 0x1054  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:29:47.0499 0x1054  msdsm - ok
16:29:47.0515 0x1054  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:29:47.0530 0x1054  MSDTC - ok
16:29:47.0546 0x1054  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:29:47.0546 0x1054  Msfs - ok
16:29:47.0562 0x1054  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:29:47.0562 0x1054  mshidkmdf - ok
16:29:47.0577 0x1054  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:29:47.0577 0x1054  msisadrv - ok
16:29:47.0593 0x1054  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:29:47.0608 0x1054  MSiSCSI - ok
16:29:47.0624 0x1054  msiserver - ok
16:29:47.0624 0x1054  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:29:47.0640 0x1054  MSKSSRV - ok
16:29:47.0640 0x1054  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:29:47.0640 0x1054  MSPCLOCK - ok
16:29:47.0655 0x1054  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:29:47.0655 0x1054  MSPQM - ok
16:29:47.0686 0x1054  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:29:47.0702 0x1054  MsRPC - ok
16:29:47.0718 0x1054  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:29:47.0718 0x1054  mssmbios - ok
16:29:47.0733 0x1054  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:29:47.0733 0x1054  MSTEE - ok
16:29:47.0749 0x1054  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:29:47.0749 0x1054  MTConfig - ok
16:29:47.0764 0x1054  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:29:47.0764 0x1054  MTsensor - ok
16:29:47.0764 0x1054  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:29:47.0780 0x1054  Mup - ok
16:29:47.0811 0x1054  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:29:47.0858 0x1054  napagent - ok
16:29:47.0889 0x1054  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:29:47.0905 0x1054  NativeWifiP - ok
16:29:47.0983 0x1054  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:29:48.0030 0x1054  NDIS - ok
16:29:48.0030 0x1054  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:29:48.0045 0x1054  NdisCap - ok
16:29:48.0045 0x1054  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:29:48.0045 0x1054  NdisTapi - ok
16:29:48.0061 0x1054  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:29:48.0076 0x1054  Ndisuio - ok
16:29:48.0092 0x1054  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:29:48.0108 0x1054  NdisWan - ok
16:29:48.0108 0x1054  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:29:48.0123 0x1054  NDProxy - ok
16:29:48.0123 0x1054  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:29:48.0139 0x1054  NetBIOS - ok
16:29:48.0154 0x1054  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:29:48.0170 0x1054  NetBT - ok
16:29:48.0186 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
16:29:48.0201 0x1054  Netlogon - ok
16:29:48.0232 0x1054  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:29:48.0264 0x1054  Netman - ok
16:29:48.0295 0x1054  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:48.0310 0x1054  NetMsmqActivator - ok
16:29:48.0310 0x1054  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:48.0326 0x1054  NetPipeActivator - ok
16:29:48.0373 0x1054  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:29:48.0404 0x1054  netprofm - ok
16:29:48.0420 0x1054  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:48.0420 0x1054  NetTcpActivator - ok
16:29:48.0435 0x1054  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:48.0451 0x1054  NetTcpPortSharing - ok
16:29:48.0466 0x1054  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:29:48.0466 0x1054  nfrd960 - ok
16:29:48.0498 0x1054  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:29:48.0513 0x1054  NlaSvc - ok
16:29:48.0529 0x1054  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:29:48.0529 0x1054  Npfs - ok
16:29:48.0544 0x1054  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:29:48.0560 0x1054  nsi - ok
16:29:48.0560 0x1054  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:29:48.0576 0x1054  nsiproxy - ok
16:29:48.0685 0x1054  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:29:48.0763 0x1054  Ntfs - ok
16:29:48.0778 0x1054  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:29:48.0778 0x1054  Null - ok
16:29:48.0810 0x1054  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:29:48.0810 0x1054  nvraid - ok
16:29:48.0841 0x1054  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:29:48.0841 0x1054  nvstor - ok
16:29:48.0856 0x1054  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:29:48.0872 0x1054  nv_agp - ok
16:29:48.0888 0x1054  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:29:48.0888 0x1054  ohci1394 - ok
16:29:48.0919 0x1054  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:29:48.0950 0x1054  p2pimsvc - ok
16:29:48.0997 0x1054  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:29:49.0028 0x1054  p2psvc - ok
16:29:49.0044 0x1054  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:29:49.0059 0x1054  Parport - ok
16:29:49.0075 0x1054  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:29:49.0075 0x1054  partmgr - ok
16:29:49.0106 0x1054  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:29:49.0137 0x1054  PcaSvc - ok
16:29:49.0153 0x1054  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:29:49.0168 0x1054  pci - ok
16:29:49.0184 0x1054  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:29:49.0184 0x1054  pciide - ok
16:29:49.0215 0x1054  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:29:49.0231 0x1054  pcmcia - ok
16:29:49.0246 0x1054  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:29:49.0262 0x1054  pcw - ok
16:29:49.0309 0x1054  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:29:49.0340 0x1054  PEAUTH - ok
16:29:49.0418 0x1054  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:29:49.0418 0x1054  PerfHost - ok
16:29:49.0527 0x1054  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:29:49.0605 0x1054  pla - ok
16:29:49.0636 0x1054  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:29:49.0683 0x1054  PlugPlay - ok
16:29:49.0683 0x1054  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:29:49.0699 0x1054  PNRPAutoReg - ok
16:29:49.0730 0x1054  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:29:49.0761 0x1054  PNRPsvc - ok
16:29:49.0808 0x1054  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:29:49.0839 0x1054  PolicyAgent - ok
16:29:49.0870 0x1054  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:29:49.0886 0x1054  Power - ok
16:29:49.0917 0x1054  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:29:49.0917 0x1054  PptpMiniport - ok
16:29:49.0933 0x1054  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:29:49.0933 0x1054  Processor - ok
16:29:49.0980 0x1054  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:29:50.0011 0x1054  ProfSvc - ok
16:29:50.0026 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:29:50.0026 0x1054  ProtectedStorage - ok
16:29:50.0042 0x1054  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:29:50.0058 0x1054  Psched - ok
16:29:50.0151 0x1054  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:29:50.0229 0x1054  ql2300 - ok
16:29:50.0245 0x1054  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:29:50.0260 0x1054  ql40xx - ok
16:29:50.0276 0x1054  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:29:50.0307 0x1054  QWAVE - ok
16:29:50.0323 0x1054  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:29:50.0338 0x1054  QWAVEdrv - ok
16:29:50.0338 0x1054  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:29:50.0338 0x1054  RasAcd - ok
16:29:50.0354 0x1054  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:29:50.0370 0x1054  RasAgileVpn - ok
16:29:50.0385 0x1054  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:29:50.0401 0x1054  RasAuto - ok
16:29:50.0416 0x1054  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:29:50.0432 0x1054  Rasl2tp - ok
16:29:50.0463 0x1054  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:29:50.0494 0x1054  RasMan - ok
16:29:50.0510 0x1054  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:29:50.0510 0x1054  RasPppoe - ok
16:29:50.0526 0x1054  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:29:50.0541 0x1054  RasSstp - ok
16:29:50.0572 0x1054  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:29:50.0588 0x1054  rdbss - ok
16:29:50.0604 0x1054  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:29:50.0604 0x1054  rdpbus - ok
16:29:50.0604 0x1054  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:29:50.0619 0x1054  RDPCDD - ok
16:29:50.0635 0x1054  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:29:50.0635 0x1054  RDPENCDD - ok
16:29:50.0635 0x1054  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:29:50.0650 0x1054  RDPREFMP - ok
16:29:50.0666 0x1054  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:29:50.0682 0x1054  RDPWD - ok
16:29:50.0697 0x1054  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:29:50.0713 0x1054  rdyboost - ok
16:29:50.0728 0x1054  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:29:50.0744 0x1054  RemoteAccess - ok
16:29:50.0775 0x1054  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:29:50.0791 0x1054  RemoteRegistry - ok
16:29:50.0806 0x1054  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:29:50.0822 0x1054  RpcEptMapper - ok
16:29:50.0822 0x1054  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:29:50.0838 0x1054  RpcLocator - ok
16:29:50.0884 0x1054  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:29:50.0918 0x1054  RpcSs - ok
16:29:50.0933 0x1054  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:29:50.0949 0x1054  rspndr - ok
16:29:50.0949 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
16:29:50.0964 0x1054  SamSs - ok
16:29:50.0980 0x1054  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:29:50.0980 0x1054  sbp2port - ok
16:29:51.0011 0x1054  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:29:51.0042 0x1054  SCardSvr - ok
16:29:51.0042 0x1054  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:29:51.0058 0x1054  scfilter - ok
16:29:51.0136 0x1054  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:29:51.0198 0x1054  Schedule - ok
16:29:51.0214 0x1054  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:29:51.0214 0x1054  SCPolicySvc - ok
16:29:51.0230 0x1054  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:29:51.0245 0x1054  sdbus - ok
16:29:51.0261 0x1054  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:29:51.0292 0x1054  SDRSVC - ok
16:29:51.0292 0x1054  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:29:51.0308 0x1054  secdrv - ok
16:29:51.0308 0x1054  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:29:51.0323 0x1054  seclogon - ok
16:29:51.0339 0x1054  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:29:51.0354 0x1054  SENS - ok
16:29:51.0370 0x1054  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:29:51.0386 0x1054  SensrSvc - ok
16:29:51.0386 0x1054  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:29:51.0401 0x1054  Serenum - ok
16:29:51.0417 0x1054  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:29:51.0432 0x1054  Serial - ok
16:29:51.0432 0x1054  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:29:51.0448 0x1054  sermouse - ok
16:29:52.0072 0x1054  [ 9910F4097EECBF561B257D614ADEF09A, A0F80F28634DC5709B003CFB4F2F29C032C02D2E3E422A6D916B711E31D18B9B ] ServicepointService C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
16:29:52.0556 0x1054  ServicepointService - ok
16:29:52.0602 0x1054  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:29:52.0618 0x1054  SessionEnv - ok
16:29:52.0634 0x1054  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:29:52.0634 0x1054  sffdisk - ok
16:29:52.0634 0x1054  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:29:52.0649 0x1054  sffp_mmc - ok
16:29:52.0649 0x1054  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:29:52.0649 0x1054  sffp_sd - ok
16:29:52.0665 0x1054  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:29:52.0665 0x1054  sfloppy - ok
16:29:52.0836 0x1054  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:29:52.0868 0x1054  SharedAccess - ok
16:29:52.0899 0x1054  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:29:52.0930 0x1054  ShellHWDetection - ok
16:29:52.0946 0x1054  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
16:29:52.0961 0x1054  SiSGbeLH - ok
16:29:52.0961 0x1054  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:29:52.0977 0x1054  SiSRaid2 - ok
16:29:52.0977 0x1054  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:29:52.0992 0x1054  SiSRaid4 - ok
16:29:53.0008 0x1054  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:29:53.0024 0x1054  Smb - ok
16:29:53.0039 0x1054  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:29:53.0055 0x1054  SNMPTRAP - ok
16:29:53.0180 0x1054  [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
16:29:53.0273 0x1054  SNP2UVC - ok
16:29:53.0289 0x1054  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:29:53.0289 0x1054  spldr - ok
16:29:53.0336 0x1054  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:29:53.0382 0x1054  Spooler - ok
16:29:53.0616 0x1054  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:29:53.0804 0x1054  sppsvc - ok
16:29:53.0819 0x1054  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:29:53.0835 0x1054  sppuinotify - ok
16:29:54.0131 0x1054  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:29:54.0162 0x1054  srv - ok
16:29:54.0194 0x1054  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:29:54.0225 0x1054  srv2 - ok
16:29:54.0240 0x1054  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:29:54.0256 0x1054  srvnet - ok
16:29:54.0272 0x1054  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:29:54.0303 0x1054  SSDPSRV - ok
16:29:54.0318 0x1054  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:29:54.0350 0x1054  SstpSvc - ok
16:29:54.0350 0x1054  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:29:54.0365 0x1054  stexstor - ok
16:29:54.0412 0x1054  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:29:54.0459 0x1054  stisvc - ok
16:29:54.0474 0x1054  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:29:54.0474 0x1054  swenum - ok
16:29:54.0521 0x1054  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:29:54.0568 0x1054  swprv - ok
16:29:54.0708 0x1054  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:29:54.0802 0x1054  SysMain - ok
16:29:54.0818 0x1054  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:29:54.0833 0x1054  TabletInputService - ok
16:29:54.0896 0x1054  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:29:54.0927 0x1054  TapiSrv - ok
16:29:54.0942 0x1054  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:29:54.0958 0x1054  TBS - ok
16:29:55.0083 0x1054  [ 9849EA3843A2ADBDD1497E97A85D8CAE, 71984DB2555989A0934E158281EA5F966109EC925B064B2045469A0E77971A7C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:29:55.0176 0x1054  Tcpip - ok
16:29:55.0317 0x1054  [ 9849EA3843A2ADBDD1497E97A85D8CAE, 71984DB2555989A0934E158281EA5F966109EC925B064B2045469A0E77971A7C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:29:55.0410 0x1054  TCPIP6 - ok
16:29:55.0426 0x1054  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:29:55.0426 0x1054  tcpipreg - ok
16:29:55.0442 0x1054  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:29:55.0442 0x1054  TDPIPE - ok
16:29:55.0457 0x1054  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:29:55.0457 0x1054  TDTCP - ok
16:29:55.0473 0x1054  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:29:55.0488 0x1054  tdx - ok
16:29:55.0504 0x1054  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:29:55.0504 0x1054  TermDD - ok
16:29:55.0566 0x1054  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:29:55.0613 0x1054  TermService - ok
16:29:55.0629 0x1054  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:29:55.0644 0x1054  Themes - ok
16:29:55.0660 0x1054  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:29:55.0660 0x1054  THREADORDER - ok
16:29:55.0676 0x1054  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:29:55.0707 0x1054  TrkWks - ok
16:29:55.0722 0x1054  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:29:55.0738 0x1054  TrustedInstaller - ok
16:29:55.0754 0x1054  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:29:55.0754 0x1054  tssecsrv - ok
16:29:55.0769 0x1054  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:29:55.0769 0x1054  TsUsbFlt - ok
16:29:55.0800 0x1054  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:29:55.0800 0x1054  tunnel - ok
16:29:55.0816 0x1054  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:29:55.0816 0x1054  uagp35 - ok
16:29:55.0863 0x1054  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:29:55.0878 0x1054  udfs - ok
16:29:55.0894 0x1054  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:29:55.0910 0x1054  UI0Detect - ok
16:29:55.0925 0x1054  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:29:55.0925 0x1054  uliagpkx - ok
16:29:55.0941 0x1054  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:29:55.0941 0x1054  umbus - ok
16:29:55.0956 0x1054  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:29:55.0956 0x1054  UmPass - ok
16:29:56.0112 0x1054  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:29:56.0222 0x1054  UNS - ok
16:29:56.0284 0x1054  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:29:56.0315 0x1054  upnphost - ok
16:29:56.0331 0x1054  [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:29:56.0331 0x1054  USBAAPL64 - ok
16:29:56.0346 0x1054  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:29:56.0362 0x1054  usbccgp - ok
16:29:56.0378 0x1054  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:29:56.0378 0x1054  usbcir - ok
16:29:56.0393 0x1054  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:29:56.0393 0x1054  usbehci - ok
16:29:56.0440 0x1054  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:29:56.0456 0x1054  usbhub - ok
16:29:56.0471 0x1054  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:29:56.0471 0x1054  usbohci - ok
16:29:56.0471 0x1054  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:29:56.0487 0x1054  usbprint - ok
16:29:56.0502 0x1054  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:29:56.0502 0x1054  USBSTOR - ok
16:29:56.0518 0x1054  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:29:56.0518 0x1054  usbuhci - ok
16:29:56.0534 0x1054  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:29:56.0549 0x1054  usbvideo - ok
16:29:56.0565 0x1054  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:29:56.0580 0x1054  UxSms - ok
16:29:56.0596 0x1054  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
16:29:56.0596 0x1054  VaultSvc - ok
16:29:56.0612 0x1054  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:29:56.0612 0x1054  vdrvroot - ok
16:29:56.0674 0x1054  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:29:56.0705 0x1054  vds - ok
16:29:56.0721 0x1054  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:29:56.0721 0x1054  vga - ok
16:29:56.0736 0x1054  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:29:56.0736 0x1054  VgaSave - ok
16:29:56.0768 0x1054  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:29:56.0783 0x1054  vhdmp - ok
16:29:56.0783 0x1054  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:29:56.0799 0x1054  viaide - ok
16:29:56.0799 0x1054  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:29:56.0814 0x1054  volmgr - ok
16:29:56.0861 0x1054  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:29:56.0877 0x1054  volmgrx - ok
16:29:56.0908 0x1054  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:29:56.0924 0x1054  volsnap - ok
16:29:56.0955 0x1054  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:29:56.0955 0x1054  vsmraid - ok
16:29:57.0064 0x1054  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:29:57.0158 0x1054  VSS - ok
16:29:57.0173 0x1054  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:29:57.0173 0x1054  vwifibus - ok
16:29:57.0189 0x1054  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:29:57.0189 0x1054  vwififlt - ok
16:29:57.0236 0x1054  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:29:57.0267 0x1054  W32Time - ok
16:29:57.0282 0x1054  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:29:57.0282 0x1054  WacomPen - ok
16:29:57.0314 0x1054  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:29:57.0314 0x1054  WANARP - ok
16:29:57.0329 0x1054  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:29:57.0329 0x1054  Wanarpv6 - ok
16:29:57.0423 0x1054  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:29:57.0485 0x1054  WatAdminSvc - ok
16:29:57.0579 0x1054  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:29:57.0672 0x1054  wbengine - ok
16:29:57.0719 0x1054  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:29:57.0735 0x1054  WbioSrvc - ok
16:29:57.0766 0x1054  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:29:57.0813 0x1054  wcncsvc - ok
16:29:57.0813 0x1054  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:29:57.0844 0x1054  WcsPlugInService - ok
16:29:57.0844 0x1054  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:29:57.0844 0x1054  Wd - ok
16:29:57.0906 0x1054  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:29:57.0953 0x1054  Wdf01000 - ok
16:29:57.0969 0x1054  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:29:57.0984 0x1054  WdiServiceHost - ok
16:29:58.0000 0x1054  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:29:58.0016 0x1054  WdiSystemHost - ok
16:29:58.0047 0x1054  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:29:58.0078 0x1054  WebClient - ok
16:29:58.0094 0x1054  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:29:58.0125 0x1054  Wecsvc - ok
16:29:58.0140 0x1054  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:29:58.0156 0x1054  wercplsupport - ok
16:29:58.0172 0x1054  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:29:58.0203 0x1054  WerSvc - ok
16:29:58.0203 0x1054  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:29:58.0218 0x1054  WfpLwf - ok
16:29:58.0234 0x1054  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:29:58.0234 0x1054  WimFltr - ok
16:29:58.0250 0x1054  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:29:58.0250 0x1054  WIMMount - ok
16:29:58.0265 0x1054  WinDefend - ok
16:29:58.0281 0x1054  WinHttpAutoProxySvc - ok
16:29:58.0312 0x1054  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:29:58.0328 0x1054  Winmgmt - ok
16:29:58.0452 0x1054  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:29:58.0577 0x1054  WinRM - ok
16:29:58.0593 0x1054  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:29:58.0593 0x1054  WinUsb - ok
16:29:58.0655 0x1054  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:29:58.0718 0x1054  Wlansvc - ok
16:29:58.0749 0x1054  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:29:58.0749 0x1054  wlcrasvc - ok
16:29:58.0905 0x1054  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:29:59.0014 0x1054  wlidsvc - ok
16:29:59.0030 0x1054  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:29:59.0030 0x1054  WmiAcpi - ok
16:29:59.0061 0x1054  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:29:59.0076 0x1054  wmiApSrv - ok
16:29:59.0076 0x1054  WMPNetworkSvc - ok
16:29:59.0092 0x1054  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:29:59.0108 0x1054  WPCSvc - ok
16:29:59.0123 0x1054  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:29:59.0154 0x1054  WPDBusEnum - ok
16:29:59.0154 0x1054  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:29:59.0170 0x1054  ws2ifsl - ok
16:29:59.0186 0x1054  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
16:29:59.0201 0x1054  wscsvc - ok
16:29:59.0201 0x1054  WSearch - ok
16:29:59.0404 0x1054  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:29:59.0544 0x1054  wuauserv - ok
16:29:59.0560 0x1054  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:29:59.0560 0x1054  WudfPf - ok
16:29:59.0591 0x1054  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:29:59.0607 0x1054  WUDFRd - ok
16:29:59.0622 0x1054  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:29:59.0654 0x1054  wudfsvc - ok
16:29:59.0669 0x1054  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:29:59.0700 0x1054  WwanSvc - ok
16:29:59.0716 0x1054  ================ Scan global ===============================
16:29:59.0732 0x1054  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:29:59.0763 0x1054  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
16:29:59.0810 0x1054  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
16:29:59.0856 0x1054  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:29:59.0903 0x1054  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:29:59.0934 0x1054  [ Global ] - ok
16:29:59.0934 0x1054  ================ Scan MBR ==================================
16:29:59.0934 0x1054  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:30:00.0761 0x1054  \Device\Harddisk0\DR0 - ok
16:30:00.0761 0x1054  ================ Scan VBR ==================================
16:30:00.0761 0x1054  [ 7109AE87D960B45FABA4598A0705296A ] \Device\Harddisk0\DR0\Partition1
16:30:00.0761 0x1054  \Device\Harddisk0\DR0\Partition1 - ok
16:30:00.0777 0x1054  [ EA09F1935C568D65E5B529C26E238815 ] \Device\Harddisk0\DR0\Partition2
16:30:00.0777 0x1054  \Device\Harddisk0\DR0\Partition2 - ok
16:30:00.0777 0x1054  ================ Scan generic autorun ======================
16:30:00.0808 0x1054  [ 5B3719BDBF1F035558F2D73BA166A99C, AA0A6B2C7B504637A77C31A1680245CEAE993417050B9A0D8595E3424BC2D57A ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
16:30:00.0824 0x1054  SmartAudio - ok
16:30:00.0870 0x1054  [ B69A01794D44C769C2575AE75E2EB31F, CE19EEA3F738A5F2A2C43EB6699AACB21D798B9649D744FB983868FB3E58E7C1 ] C:\Windows\system32\igfxpers.exe
16:30:00.0902 0x1054  Persistence - ok
16:30:00.0917 0x1054  [ 0BBFE08ECCE8A209D07C3B68D63FC293, 0374316F3586D191437F5A54F9A322B3F68002652920477DBCFD48EF049E6F21 ] C:\Windows\system32\igfxtray.exe
16:30:00.0933 0x1054  IgfxTray - ok
16:30:00.0964 0x1054  [ 2F16207A65B62001FC73E6798D0B8F2A, 44B3B7E0ED654480EE6CB238976FCDC745BE3EFD7CDC71B262146A4CE63731CD ] C:\Windows\system32\hkcmd.exe
16:30:00.0995 0x1054  HotKeysCmds - ok
16:30:00.0995 0x1054  ETDWare - ok
16:30:01.0604 0x1054  [ A65D3054EC15EF918F6072CC042EEF7A, 232536009B398C5F8D162864D9374C2789667BCAC7C39D3DCBD3A3A37D794AA7 ] C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
16:30:02.0072 0x1054  Windstream Service Agent.exe - ok
16:30:02.0337 0x1054  [ 4753A3BA6324677E1DB205DCC7509549, CA404DDFB63BDC1A81DAD96F0C8D16CCCE015BE93CC8D30EEF4C485567E55C21 ] C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
16:30:02.0430 0x1054  DiagnosticTools.exe - ok
16:30:02.0462 0x1054  [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:30:02.0477 0x1054  SunJavaUpdateSched - ok
16:30:02.0586 0x1054  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:02.0633 0x1054  Sidebar - ok
16:30:02.0649 0x1054  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:02.0664 0x1054  mctadmin - ok
16:30:02.0774 0x1054  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:02.0836 0x1054  Sidebar - ok
16:30:02.0852 0x1054  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:02.0852 0x1054  mctadmin - ok
16:30:02.0898 0x1054  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
16:30:02.0898 0x1054  Google Update - ok
16:30:02.0898 0x1054  Inspector - ok
16:30:03.0023 0x1054  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:30:03.0086 0x1054  Sidebar - ok
16:30:03.0101 0x1054  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
16:30:03.0101 0x1054  Win FW state via NFP2: enabled ( trusted )
16:30:06.0377 0x1054  ============================================================
16:30:06.0377 0x1054  Scan finished
16:30:06.0377 0x1054  ============================================================
16:30:06.0377 0x1020  Detected object count: 0
16:30:06.0377 0x1020  Actual detected object count: 0

  • 0

Advertisements


#11
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

My PC runs/ performs/ processes programs incredibly slow.


  • 0

#12
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

Hi L3Nerd,

 

My PC runs/ performs/ processes programs incredibly slow.

 

Thanks for reporting, but I will need you to follow my instructions below before we can proceed with the fix.

 

It is extremely important to read my instruction and understand my instruction correctly. If you do not understand, please ask before running the tools as I have explained in Post #4.

 

You have ran the tools again (TDSS/AdwCleaner) for a new log, which is not what I instructed. 

 

You have missed out FRST Addition log which is located in C:\Users\Owner\Downloads\Addition.txt

 

In your next reply, please post the following log and answer the following questions.

 

  • FRST Addition log
  • Have you tried to change to another mouse?
  • Is there any error message while trying to run from Desktop?

 


  • 0

#13
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

As I might be a little unclear on the previous post on "Is there any error message while trying to run from Desktop?". I was referring to running FRST tool from Desktop.


  • 0

#14
L3Nerd

L3Nerd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

 

I also noticed that you have ran JRT and TDSSKiller tool on your own previously which not recommended as it may cause more harm than good if not supervised.

 

However, seeing that the logs are already exist, please also do post the content of the following log in your next reply as it may help me understand the situation better.

 

  • JRT log - Located at C:\Users\Owner\Desktop\JRT.txt
  • TDSSKiller log - Located at C:\TDSSKiller.3.1.0.9_24.01.2016_19.26.21_log.txt
  • FRST Addition log - Located at C:\Users\Owner\Downloads\Addition.txt

 

 

 

This is why i posted the other logs.

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by Owner (2016-01-31 10:50:00)
Running from C:\Users\Owner\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-24 18:20:56)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2057531234-2367892702-2072951418-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2057531234-2367892702-2072951418-501 - Limited - Enabled)
Owner (S-1-5-21-2057531234-2367892702-2072951418-1000 - Administrator - Enabled) => C:\Users\Owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.42 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Best Buy pc app (HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\48e4cff94f039634) (Version: 3.1.1.0 - Best Buy)
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.7 - ASUS)
Free File Viewer 2011 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software) <==== ATTENTION
Google Chrome (HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Radialpoint Security Advisor 2.5.15 (x32 Version: 2.5.15 - Radialpoint SafeCare Inc.) Hidden
Radialpoint Servicepoint Dashboard Extensions version 16.1.12.34309 (HKLM-x32\...\RadialpointServicepointDashboardExtensions_is1) (Version: 16.1.12.34309 - )
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.10 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windstream Diagnostic Tools 3.0.21 (x32 Version: 3.0.21 - Windstream) Hidden
Windstream Service Agent 4.1.15 (HKLM-x32\...\RadialpointClientGateway_is1) (Version: 4.1.15 - Windstream)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00E10AF8-C520-43D3-B5A5-F57C68ED0945} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {1667EA56-7B87-440E-9C51-B8FBA45ABECD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-14] (AVAST Software)
Task: {1FB1A171-2CB2-478E-BFB8-4E687FA741A5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe
Task: {256EBD91-A7CF-410C-A0B3-A8601432AB6A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe
Task: {264BF239-0444-4BBE-8388-9ED21A29E96C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {2BA6625F-952B-438F-8332-A4E8FDD3347A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36B6310B-9E8F-4B48-B638-B2F77BB5B1EA} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)
Task: {47764F4D-150F-4077-91C1-6C0DCBD0D5B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-26] (Adobe Systems Incorporated)
Task: {5495D149-92FB-49CA-BD35-DDD330CA6426} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {73164D51-BDCE-480C-8CC3-9D2E2185446C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {826B8D22-7B28-451A-B194-4181C1444E02} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {9724BD46-C78A-4060-8928-3B13DCAEF869} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {974F98DA-E6A4-4514-A9D8-43AE037005BF} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {A90EAD37-F0A5-431A-AC9E-E49F8F0DF72E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-23] (AVAST Software)
Task: {A99E58CF-06B7-43AE-8DD2-87FE7E81BE68} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-11-10] (ASUS)
Task: {AF5F284E-8260-4A77-B3C8-E376BCCC5921} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {C401A8AE-0244-4137-BD44-253B3381A1A2} - \Scheduled Update for Ask Toolbar -> No File <==== ATTENTION
Task: {D2C43335-3C76-4815-8BE8-23A1C8E9E4C2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {DC855D1B-BC8A-42CD-A5EE-195302A6933C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DF0DB457-BDEC-4DFF-9CF2-696429C18639} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {FB4E3865-D073-4AEF-A2F4-C515F60B0AC0} - \ProgramUpdateCheck -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2057531234-2367892702-2072951418-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2007-06-15 13:28 - 2007-06-15 13:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-01 19:52 - 2007-06-01 19:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2016-01-14 08:10 - 2016-01-14 08:10 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-14 08:10 - 2016-01-14 08:10 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-29 18:37 - 2016-01-29 18:37 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012900\algo.dll
2016-01-14 08:10 - 2016-01-14 08:10 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-30 15:50 - 2016-01-30 15:50 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16013001\algo.dll
2016-01-14 08:10 - 2016-01-14 08:10 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-01-31 10:41 - 2016-01-31 10:41 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16013100\algo.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-14 08:10 - 2016-01-14 08:10 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2007-06-15 13:28 - 2007-06-15 13:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-01 20:08 - 2007-06-01 20:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2016-01-30 16:04 - 2016-01-27 12:39 - 01632584 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-30 16:04 - 2016-01-27 12:39 - 00087880 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\48.0.2564.97\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 4788 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2013-02-27 18:10 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2057531234-2367892702-2072951418-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2057531234-2367892702-2072951418-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A8D957A7-1595-4890-BA3C-6AB78BAD39F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E35E5C9A-C729-4EC8-A714-26A5B39EF2C9}] => (Allow) LPort=2869
FirewallRules: [{70A47C7B-8C91-45FA-82CB-D2FC2A5A89A5}] => (Allow) LPort=1900
FirewallRules: [{094A58A2-3D90-459D-9ABE-3D98E04639C4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{80E1448D-8492-49A3-8D3B-6478BF3C131D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FE4B8318-9643-4B84-A5FD-C7079ED35E20}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{7E779EFD-FDB6-48C4-A568-D624414FEACF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97243C1D-A241-4E7F-AACB-093DF977BABC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F52FEAFA-99E2-452E-84F8-419884A0082E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4540EBD8-8C2B-41C4-B745-89D16113510F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15AC4F6D-D39C-4B41-8B5F-E09868170B49}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{FCA5DF2F-17E8-45C5-9353-6138552A1154}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{84C5A026-0760-4AF4-8447-1CE8BA2FD640}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [TCP Query User{923FE6FB-0C6D-44C6-BF59-00F979A0ADF1}C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{60898521-5636-48B9-8321-D50F8AE41860}C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{432DD5FE-CED4-47CC-B11D-AFCEEBB76FDB}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{D69990BB-7582-4345-91B1-2E904DFD1166}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{5C3CD27E-D71A-4936-A793-57763005C9F8}] => (Allow) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
14-01-2016 16:14:01 Windows Update
24-01-2016 19:44:00 JRT Pre-Junkware Removal
27-01-2016 02:01:36 Windows Update
29-01-2016 18:49:50 Windows Update
30-01-2016 16:09:12 JRT Pre-Junkware Removal
31-01-2016 10:45:55 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/31/2016 04:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13572
 
Error: (01/31/2016 04:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13572
 
Error: (01/31/2016 04:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/31/2016 04:07:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12558
 
Error: (01/31/2016 04:07:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12558
 
Error: (01/31/2016 04:07:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/31/2016 04:07:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11466
 
Error: (01/31/2016 04:07:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11466
 
Error: (01/31/2016 04:07:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/31/2016 04:07:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10452
 
 
System errors:
=============
Error: (01/30/2016 05:57:24 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{770317D9-EA8E-4F6C-B8B1-5C05798825FA} because another computer on the network has the same name.  The server could not start.
 
Error: (01/30/2016 12:45:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB3020369).
 
Error: (01/30/2016 12:45:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3124275).
 
Error: (01/30/2016 12:42:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DiagTrack service terminated with the following error: 
%%126
 
Error: (01/30/2016 12:39:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Windows Update Aux.
 
Error: (01/30/2016 12:35:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DiagTrack service terminated with the following error: 
%%126
 
Error: (01/30/2016 12:32:58 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
 
Error: (01/30/2016 12:15:19 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (01/29/2016 11:08:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595).
 
Error: (01/29/2016 09:52:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019).
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
Percentage of memory in use: 72%
Total physical RAM: 2924.38 MB
Available physical RAM: 814.73 MB
Total Virtual: 5846.94 MB
Available Virtual: 3328.24 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:200 GB) (Free:146.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:240.76 GB) (Free:240.36 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CA1BABAE)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=240.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 
 
 
 
 
I tried another known working mouse, doesn't work.
 
i will try another mouse and let u know.

  • 0

#15
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

This is why i posted the other logs.

 
Hi, 
 
You have posted the log but wasn't exactly the right one that I specifically asked for. It is alright since you already had re-ran those tools and posted the log, but do not re-run any tools to grab the logs unless I specifically instruct you to.  
 
In your current Addition log that you posted, it is from a different run from your previous FRST main log which you have posted yesterday. I would require both FRST main log, and Addition log to be from the same run.

 

Now, please perform another run of FRST, and post both FRST.txt and Addition.txt that is output from the same run. If possible, please also do try to run the tool (FRST) from your Desktop, instead of the Download folder.

FRST.gif Re-Scan with Farbar's Recovery Scan Tool (FRST)

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • Because you selected the Addition.txt check box this log will be created as well. Please also paste that along with the FRST.txt into your reply.

It is very important for you to provide the correct log for me to review as there could be changes to your system from yesterday to today.

 

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP