View Full Version : Many dllhost.exe *32 running resulting in high CPU Usage
When I have an active internet connection (WLAN or wired) multiple (~30) dllhost.exe *32 processes launch bringing my laptop to a grinding halt (80-100% CPU usage). I've seen others report similar issues on this message board so I'm hoping you can help me also.
Thanks in advance for your help!!!
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.10.2
Run by Bob at 11:01:52 on 2014-03-20
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{AC53CB68-76DF-42BA-ABDF-418E8C8330A4} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\3557E6023586F6070234166656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\75C414E4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\C696E6B6379737F5355435F51383631393 : DHCPNameServer = 65.32.5.111 65.32.5.112
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? AMD External Events Utility;AMD External Events Utility
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? dkab_device;dkab_device
R? DsiWMIService;Dritek WMI Service
R? ePowerSvc;Acer ePower Service
R? GREGService;GREGService
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? LMIGuardianSvc;LMIGuardianSvc
R? MWLService;MyWinLocker Service
R? NTI IScheduleSvc;NTI IScheduleSvc
R? obpedscx;obpedscx
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? TsUsbFlt;TsUsbFlt
R? Updater Service;Updater Service
R? WatAdminSvc;Windows Activation Technologies Service
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? MpFilter;Microsoft Malware Protection Driver
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
.
=============== Created Last 30 ================
.
2014-03-19 17:34:10 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCF0E090-D1CC-496E-AF67-FF1C5D1F95DE}\mpengine.dll
2014-03-14 20:35:58 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{44C88B17-1777-4F84-B738-B5E35453CDAF}\gapaengine.dll
2014-03-14 20:35:51 10536864 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 20:33:27 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-14 20:33:27 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-14 20:33:10 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-14 20:33:10 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-14 20:31:33 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-03-14 20:31:10 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-03-14 19:43:14 -------- d-----w- C:\50afdc55646263780c
2014-03-13 17:21:56 -------- d-----w- C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 15:53:08 -------- d-----w- C:\Windows\pss
2014-03-09 11:48:49 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D1492DC-CAD1-4835-85BC-6685686EAE8C}\mpengine.dll
2014-02-26 16:46:52 -------- d-----w- C:\Windows\Migration
.
==================== Find3M ====================
.
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-21 17:03:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:03:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-16 00:42:40 608032 ----a-w- C:\SecurityScanner.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 11:05:57.52 ===============
aswMBR log
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-20 11:57:53
-----------------------------
11:57:53.398 OS Version: Windows x64 6.1.7601 Service Pack 1
11:57:53.398 Number of processors: 3 586 0x503
11:57:53.398 ComputerName: LAPTOP-JORDAN UserName: Bob
12:03:20.232 Initialize success
12:05:36.640 AVAST engine defs: 14031901
12:07:37.260 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:07:37.260 Disk 0 Vendor: Hitachi_HTS545032B9A300 PB3OC60F Size: 305245MB BusType: 11
12:07:37.431 Disk 0 MBR read successfully
12:07:37.431 Disk 0 MBR scan
12:07:37.556 Disk 0 Windows 7 default MBR code
12:07:37.572 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
12:07:37.618 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
12:07:37.650 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291831 MB offset 27469824
12:07:38.019 Disk 0 scanning C:\Windows\system32\drivers
12:08:03.633 Service scanning
12:09:11.504 Modules scanning
12:09:11.504 Disk 0 trace - called modules:
12:09:11.536 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:09:11.551 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800433a060]
12:09:11.567 3 CLASSPNP.SYS[fffff8800195443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042be060]
12:09:15.262 AVAST engine scan C:\Windows
12:09:25.845 AVAST engine scan C:\Windows\system32
15:25:23.306 AVAST engine scan C:\Windows\system32\drivers
15:49:37.475 AVAST engine scan C:\Users\Bob
16:08:08.188 AVAST engine scan C:\ProgramData
20:09:43.284 Scan finished successfully
21:10:54.613 Disk 0 MBR has been saved successfully to "C:\Users\Bob\Desktop\MBR.dat"
21:10:57.080 The log file has been saved successfully to "C:\Users\Bob\Desktop\aswMBR.txt"
Hi barlee,
My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
Even though you stated that you have numerous processess running you DDS log lists none. Kindly run these scan and post the logs generated for review.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check
Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply
=========================
In your next post please provide the following:
checkup.txt
FRST.txt
Addition.txt
OCD,
Thank you very much for the assistance.
checkup.txt
Results of screen317's Security Check version 0.99.81
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 10
Java version out of Date!
Adobe Flash Player 12.0.0.70
Adobe Reader XI
Mozilla Firefox 15.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST.txt
Before running the scan I see a message at the top of the window indicating that the registry is being backed up. I then get a series of warning messages that indicated the program is unable to save some files. They are
C:\FRST\HIVES\security!
clicked yes to continue
C:\FRST\HIVES\default!
clicked yes to continue
C:\FRST\HIVES\sam!
gave up and clicked No to continue
It looked like it was running the ERUNT program again.
I then clicked on Scan. The process begins and appears to be performing a successful scan. However, when it reaches Scanning Services: Tcpip the Farbar Recover Scan Tool header indicates that it is "Not Responding".
Addition.txt
The scan did not complete so I do not have an Addition.txt file to attach.
Update: I left the FRST tool open and it came back to life. Actually it goes in and out of "Not Responding". I'll let it continue to run and will post the results when it's finished.
Hi barlee,
OCD,
FRST.txt
Before running the scan I see a message at the top of the window indicating that the registry is being backed up. I then get a series of warning messages that indicated the program is unable to save some files. They are
C:\FRST\HIVES\security!
clicked yes to continue
C:\FRST\HIVES\default!
clicked yes to continue
C:\FRST\HIVES\sam!
gave up and clicked No to continue
.
Try clicking Yes to continue on any of these prompts and see if FRST will run completely. ERUNT is used to back up the Registry. It appears the prompts you received was stating that ERUNT wouldn't back up the FRST\HIVES files.
FRST complete the scan. Here are the results.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jordan (ATTENTION: The logged in user is not administrator) on LAPTOP-JORDAN on 22-03-2014 10:13:37
Running from C:\Users\Jordan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\dllhost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...\Run: [ROBLOX Corporation Update] - regsvr32.exe "C:\Users\Jordan\AppData\Local\ROBLOX Corporation\OGSDeviceDX9.dll"
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\Jordan\AppData\Local\Temp\siqusiw\sveirfr\wow.dll ATTENTION! ====> ZeroAccess?
GroupPolicyUsers\S-1-5-21-1803198997-23066263-2989206535-1003\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406?appid=394
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.2.2.2
FireFox:
========
FF ProfilePath: C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default
FF DefaultSearchEngine: Search Results
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Search Results
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6564558371054311&o=APN10645&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\searchplugins\Search_Results.xml
FF Extension: WebToSave - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\{f80bc79c-ab5e-418a-a0be-3d9e66b4e976} [2013-09-01]
FF Extension: Video Downloader - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\chbnserfrc@chbnserfrc.org.xpi [2013-04-27]
FF Extension: New Tab - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi [2013-05-20]
==================== Services (Whitelisted) =================
S4 dkab_device; C:\Windows\system32\DKabcoms.exe [476568 2006-10-21] ( )
S4 dkab_device; C:\Windows\SysWOW64\DKabcoms.exe [508824 2006-10-21] ( )
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S1 obpedscx; \??\C:\Windows\system32\drivers\obpedscx.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-22 10:13 - 2014-03-22 10:27 - 00009496 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-21 16:48 - 2014-03-22 10:13 - 00000000 ____D () C:\FRST
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 08:37 - 2014-03-20 08:37 - 00000000 ____D () C:\Windows\ERDNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:30 - 2014-03-20 08:34 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-14 16:34 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 16:34 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 16:34 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 16:34 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 16:34 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 16:34 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 16:34 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 16:34 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 16:34 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 16:34 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 16:34 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 16:34 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 16:34 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 16:34 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 16:34 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 16:34 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 16:34 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 16:34 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 16:34 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 16:34 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 16:34 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 16:34 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 16:34 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 16:34 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 16:34 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 16:34 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 16:34 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 16:34 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 16:34 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:30 - 2014-02-14 12:11 - 00000426 _____ () C:\AVScanner.ini
2014-03-14 15:44 - 2014-03-14 16:47 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 15:43 - 2014-03-14 15:44 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:37 - 2014-03-14 15:38 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 13:53 - 2014-03-14 13:53 - 00000906 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-14 13:48 - 2014-03-14 13:48 - 00000632 __RSH () C:\Users\Bob\ntuser.pol
2014-03-14 11:09 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:09 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:08 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-09 12:41 - 2014-03-09 12:42 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:35 - 2014-03-09 12:36 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 11:53 - 2014-03-09 11:53 - 00000000 ____D () C:\Windows\pss
2014-03-09 08:16 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-09 08:11 - 2014-03-09 08:13 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-03-22 10:27 - 2014-03-22 10:13 - 00009496 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-22 10:13 - 2014-03-21 16:48 - 00000000 ____D () C:\FRST
2014-03-22 10:04 - 2012-08-20 09:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 09:38 - 2012-08-19 16:12 - 02065950 _____ () C:\Windows\WindowsUpdate.log
2014-03-22 07:09 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-22 07:09 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-22 07:02 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-22 07:02 - 2009-07-14 00:51 - 00094451 _____ () C:\Windows\setupact.log
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 08:37 - 2014-03-20 08:37 - 00000000 ____D () C:\Windows\ERDNT
2014-03-20 08:34 - 2014-03-20 08:30 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-15 08:02 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 04:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-15 03:25 - 2009-07-14 00:45 - 00338000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 03:24 - 2012-08-19 16:09 - 00156178 _____ () C:\Windows\PFRO.log
2014-03-14 16:59 - 2012-08-19 19:03 - 00000000 ____D () C:\Users\Jordan\AppData\Roaming\Skype
2014-03-14 16:47 - 2014-03-14 15:44 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 15:44 - 2014-03-14 15:43 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:38 - 2014-03-14 15:37 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 15:23 - 2013-12-24 00:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 13:53 - 2014-03-14 13:53 - 00000906 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-14 13:53 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\Jordan
2014-03-14 13:48 - 2014-03-14 13:48 - 00000632 __RSH () C:\Users\Bob\ntuser.pol
2014-03-14 13:48 - 2012-08-19 13:58 - 00000000 ____D () C:\Users\Bob
2014-03-14 13:48 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-14 12:11 - 2012-08-19 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-14 12:06 - 2012-08-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble
2014-03-14 11:20 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:20 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-14 11:19 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:19 - 2013-08-21 13:25 - 00000000 ____D () C:\Users\Jordan\Documents\FLVS English I Virtual Backpack
2014-03-09 12:42 - 2014-03-09 12:41 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:36 - 2014-03-09 12:35 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 11:53 - 2014-03-09 11:53 - 00000000 ____D () C:\Windows\pss
2014-03-09 09:39 - 2012-08-19 14:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 08:13 - 2014-03-09 08:11 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:49 - 2012-08-19 15:01 - 00000000 ____D () C:\Users\Jordan\AppData\Local\Mozilla
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-09 07:43 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Skype
2014-03-04 01:33 - 2013-07-22 20:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 01:33 - 2012-08-19 19:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-01 02:05 - 2014-03-14 16:34 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-14 16:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-14 16:34 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-14 16:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-14 16:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-14 16:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-14 16:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-14 16:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-14 16:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-14 16:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-14 16:34 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-14 16:34 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-14 16:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-14 16:34 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-14 16:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-14 16:34 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-14 16:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-14 16:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-14 16:34 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-14 16:34 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-14 16:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-14 16:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-14 16:34 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-14 16:34 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-14 16:34 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-14 16:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-14 16:34 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-14 16:34 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-14 16:34 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-14 16:34 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-14 16:34 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-14 16:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-14 16:34 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-14 16:34 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:34 - 2013-08-21 13:41 - 00000000 ____D () C:\Users\Public\Documents\TT Algebra 2
2014-02-26 14:20 - 2009-07-14 01:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-26 12:49 - 2013-08-18 13:30 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-21 13:03 - 2012-08-20 09:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 13:03 - 2012-08-20 09:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Jordan\AppData\Local\Temp\1A11.exe
C:\Users\Jordan\AppData\Local\Temp\778F.exe
C:\Users\Jordan\AppData\Local\Temp\adiiio.exe
C:\Users\Jordan\AppData\Local\Temp\hiimnb.exe
C:\Users\Jordan\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe
C:\Users\Jordan\AppData\Local\Temp\install_flashplayer11x32_mssd_au_aih.exe
C:\Users\Jordan\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Jordan\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Addition.txt
attached
Hi barlee,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) TDSSKiller
Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) - Extract it to your desktop
TDSSKiller.exe
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Press Start Scan
Only if Malicious objects are found then ensure Cure is selected
Then click Continue > Reboot now
Copy and paste the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ComboFix
Refer to the ComboFix User's Guide (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
Download ComboFix from the following location:
Link (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Place ComboFix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html)
Double click on ComboFix.exe & follow the prompts.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.
---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) VirusTotal
Please go to: VirusTotal (http://www.virustotal.com/en/index.html)
http://i204.photobucket.com/albums/bb106/Juliet702/virustotal2-SWI.png
Click the Browse button and search for the following file: C:\Windows\system32\drivers\obpedscx.sys
Click Open
Then click Send File
Please be patient while the file is scanned.
Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now"
=========================
In your next post please provide the following:
TDSSKiller log
Combofix.txt
VirusTotal results
OCD,
I have a comment and quick question. I downloaded TDS Killer. When I run it I get a pop-up that indicates that it "can't initialize log". I closed the window and tried to continue but I get another pop-up window indicating there is an update available for TDS Killer. Should I continue with version 2.8.16.0 or update to 3.0.0.25?
Hi barlee,
Sorry I didn't catch your question before I had to leave for work yesterday. :sad:
As far as the updated version goes, yes go ahead and get the latest version available.
OCD,
No problem. Sorry for all of the questions, but I want to make sure I'm doing everything in the correct sequence.
I updated TDSSKiller and ran it as administrator (right click -> run as admin). I get a warning message that TDSSKiller "can't initialize log". I 'OK' out of this window and the program attempts to continue.
After accepting the license agreement I see another pop-up window indicating that "Reboot is required. Extended monitoring driver is required for more advanced threats detection..." I click on 'Reboot now' which produces an Error window saying "Can't install extended monitoring driver". Should I manually reboot the PC?
Note that I'm also obtaining a lot of "iexplorer has stopped working" messages in the background. I know there are some iexplorer processes running in the background even though I'm using Firefox at the moment.
Hi barlee,
Run this tool first, then re-attempt the TDSSKiller scan. If TDSSKiller still will not run, skip it and move onto the rest of the scans requested.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) rkill
Print out these instructions as we may need to close every window that is open later in the fix.
It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.
Do not reboot your computer after running rkill as the malware programs will start again.
Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 5 different versions. If one of them won't run then download and try to run the other one.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
You only need to get one of them to run, not all of them.
rkill.exe (http://download.bleepingcomputer.com/grinler/rkill.exe)
rkill.com (http://download.bleepingcomputer.com/grinler/rkill.com)
rkill.scr (http://download.bleepingcomputer.com/grinler/rkill.scr)
WiNlOgOn.exe (http://download.bleepingcomputer.com/grinler/WiNlOgOn.exe)
uSeRiNiT.exe (http://download.bleepingcomputer.com/grinler/uSeRiNiT.exe)
Do not reboot your computer after running rkill as the malware programs will start again.
=========================
OCD,
I ran rkill but I'm still having the same issues with TDSSkiller. As recommended I moved on to the next scan which is ComboFix. When I try to run this program (right click and select 'Run as administrator' I get a pop-up window that states "You need to be an Administrator to run ComboFix!". Do you recommend that I log into my PC under a different user which has admin privileges to run this tool?
Hi barlee,
I get a pop-up window that states "You need to be an Administrator to run ComboFix!". Do you recommend that I log into my PC under a different user which has admin privileges to run this tool?
Yes please do. Most of the tools that will be necessary to run will require administrator privileges to run.
OCD,
Note: Due to message length limits I'm splitting this response into multiple posts.
I've logged into my PC using an admin account. Please note that I sometimes don't see the same performance issues when logged in under this user account.
TDSSKiller
Now that I'm logged in using an admin account I can run TDSSKiller. The log file is too long to post so I've attached the file.
07:26:46.0875 0x1214 TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
07:26:51.0172 0x1214 ============================================================
07:26:51.0172 0x1214 Current date / time: 2014/03/24 07:26:51.0172
07:26:51.0172 0x1214 SystemInfo:
07:26:51.0172 0x1214
07:26:51.0172 0x1214 OS Version: 6.1.7601 ServicePack: 1.0
07:26:51.0172 0x1214 Product type: Workstation
07:26:51.0172 0x1214 ComputerName: LAPTOP-JORDAN
07:26:51.0173 0x1214 UserName: Bob
07:26:51.0173 0x1214 Windows directory: C:\Windows
07:26:51.0173 0x1214 System windows directory: C:\Windows
07:26:51.0173 0x1214 Running under WOW64
07:26:51.0173 0x1214 Processor architecture: Intel x64
07:26:51.0173 0x1214 Number of processors: 3
07:26:51.0173 0x1214 Page size: 0x1000
07:26:51.0173 0x1214 Boot type: Normal boot
07:26:51.0173 0x1214 ============================================================
07:26:54.0314 0x1214 KLMD registered as C:\Windows\system32\drivers\80582009.sys
07:26:54.0583 0x1214 System UUID: {E39A0E70-9DF6-9EA1-B805-BD0EFE27B48B}
07:26:55.0528 0x1214 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:26:55.0591 0x1214 ============================================================
07:26:55.0591 0x1214 \Device\Harddisk0\DR0:
07:26:55.0591 0x1214 MBR partitions:
07:26:55.0591 0x1214 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
07:26:55.0591 0x1214 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
07:26:55.0591 0x1214 ============================================================
07:26:55.0618 0x1214 C: <-> \Device\Harddisk0\DR0\Partition2
07:26:55.0618 0x1214 ============================================================
07:26:55.0618 0x1214 Initialize success
07:26:55.0619 0x1214 ============================================================
07:27:01.0944 0x0f1c ============================================================
07:27:01.0944 0x0f1c Scan started
07:27:01.0944 0x0f1c Mode: Manual;
07:27:01.0944 0x0f1c ============================================================
07:27:01.0944 0x0f1c KSN ping started
07:27:15.0981 0x0f1c KSN ping finished: true
07:27:17.0557 0x0f1c ================ Scan system memory ========================
07:27:17.0557 0x0f1c System memory - ok
07:27:17.0557 0x0f1c ================ Scan services =============================
07:27:17.0775 0x0f1c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:27:17.0791 0x0f1c 1394ohci - ok
07:27:17.0853 0x0f1c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:27:17.0869 0x0f1c ACPI - ok
07:27:17.0900 0x0f1c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:27:17.0900 0x0f1c AcpiPmi - ok
07:27:18.0009 0x0f1c [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:27:18.0025 0x0f1c AdobeARMservice - ok
07:27:18.0165 0x0f1c [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:27:18.0165 0x0f1c AdobeFlashPlayerUpdateSvc - ok
07:27:18.0243 0x0f1c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
07:27:18.0259 0x0f1c adp94xx - ok
07:27:18.0274 0x0f1c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
07:27:18.0290 0x0f1c adpahci - ok
07:27:18.0306 0x0f1c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
07:27:18.0321 0x0f1c adpu320 - ok
07:27:18.0352 0x0f1c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:27:18.0352 0x0f1c AeLookupSvc - ok
07:27:18.0399 0x0f1c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
07:27:18.0415 0x0f1c AFD - ok
07:27:18.0446 0x0f1c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
07:27:18.0446 0x0f1c agp440 - ok
07:27:18.0493 0x0f1c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
07:27:18.0493 0x0f1c ALG - ok
07:27:18.0540 0x0f1c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
07:27:18.0540 0x0f1c aliide - ok
07:27:18.0618 0x0f1c [ 671D9DCA48DA807780D8409C18ED0AE0, 0502328A9334EF9703547619EC3CB2532AAE33460AD85EFEBD461899C602A7AA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:27:18.0633 0x0f1c AMD External Events Utility - ok
07:27:18.0664 0x0f1c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
07:27:18.0664 0x0f1c amdide - ok
07:27:18.0711 0x0f1c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
07:27:18.0727 0x0f1c AmdK8 - ok
07:27:19.0039 0x0f1c [ D3E6B2E1394D93FE9DB0BA24814B0D8F, C4B00C280B562E4DD4F1DF56CFBFCFB486224006585A71B0827BF271AE163DD6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
07:27:19.0444 0x0f1c amdkmdag - ok
07:27:19.0522 0x0f1c [ CC4D915D786D3DA973B2EA9B95D59A29, 8089D5CB60A26784EB164D49A7EF907D7053D614F04B50C9A9672605FFA16164 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
07:27:19.0538 0x0f1c amdkmdap - ok
07:27:19.0569 0x0f1c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
07:27:19.0569 0x0f1c AmdPPM - ok
07:27:19.0616 0x0f1c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:27:19.0632 0x0f1c amdsata - ok
07:27:19.0663 0x0f1c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
07:27:19.0678 0x0f1c amdsbs - ok
07:27:19.0694 0x0f1c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:27:19.0694 0x0f1c amdxata - ok
07:27:19.0756 0x0f1c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
07:27:19.0756 0x0f1c AppID - ok
07:27:19.0788 0x0f1c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:27:19.0788 0x0f1c AppIDSvc - ok
07:27:19.0819 0x0f1c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
07:27:19.0819 0x0f1c Appinfo - ok
07:27:19.0866 0x0f1c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
07:27:19.0866 0x0f1c arc - ok
07:27:19.0881 0x0f1c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
07:27:19.0897 0x0f1c arcsas - ok
07:27:20.0006 0x0f1c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:27:20.0006 0x0f1c aspnet_state - ok
07:27:20.0053 0x0f1c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:27:20.0053 0x0f1c AsyncMac - ok
07:27:20.0084 0x0f1c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
07:27:20.0084 0x0f1c atapi - ok
07:27:20.0256 0x0f1c [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr C:\Windows\system32\DRIVERS\athrx.sys
07:27:20.0349 0x0f1c athr - ok
07:27:20.0443 0x0f1c [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
07:27:20.0443 0x0f1c AtiPcie - ok
07:27:20.0505 0x0f1c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:27:20.0552 0x0f1c AudioEndpointBuilder - ok
07:27:20.0583 0x0f1c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:27:20.0599 0x0f1c AudioSrv - ok
07:27:20.0677 0x0f1c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:27:20.0677 0x0f1c AxInstSV - ok
07:27:20.0755 0x0f1c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
07:27:20.0817 0x0f1c b06bdrv - ok
07:27:21.0051 0x0f1c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:27:21.0082 0x0f1c b57nd60a - ok
07:27:21.0145 0x0f1c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
07:27:21.0145 0x0f1c BDESVC - ok
07:27:21.0176 0x0f1c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
07:27:21.0176 0x0f1c Beep - ok
07:27:21.0270 0x0f1c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
07:27:21.0285 0x0f1c BFE - ok
07:27:21.0332 0x0f1c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
07:27:21.0379 0x0f1c BITS - ok
07:27:21.0394 0x0f1c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:27:21.0394 0x0f1c blbdrive - ok
07:27:21.0441 0x0f1c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:27:21.0441 0x0f1c bowser - ok
07:27:21.0472 0x0f1c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:27:21.0472 0x0f1c BrFiltLo - ok
07:27:21.0488 0x0f1c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:27:21.0488 0x0f1c BrFiltUp - ok
07:27:21.0519 0x0f1c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
07:27:21.0519 0x0f1c Browser - ok
07:27:21.0550 0x0f1c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:27:21.0550 0x0f1c Brserid - ok
07:27:21.0566 0x0f1c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:27:21.0566 0x0f1c BrSerWdm - ok
07:27:21.0582 0x0f1c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:27:21.0582 0x0f1c BrUsbMdm - ok
07:27:21.0597 0x0f1c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:27:21.0597 0x0f1c BrUsbSer - ok
07:27:21.0597 0x0f1c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
07:27:21.0597 0x0f1c BTHMODEM - ok
07:27:21.0628 0x0f1c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
07:27:21.0628 0x0f1c bthserv - ok
07:27:21.0644 0x0f1c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:27:21.0660 0x0f1c cdfs - ok
07:27:21.0722 0x0f1c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
07:27:21.0722 0x0f1c cdrom - ok
07:27:21.0769 0x0f1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
07:27:21.0784 0x0f1c CertPropSvc - ok
07:27:21.0831 0x0f1c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
07:27:21.0831 0x0f1c circlass - ok
07:27:21.0894 0x0f1c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
07:27:21.0909 0x0f1c CLFS - ok
07:27:21.0972 0x0f1c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:27:21.0972 0x0f1c clr_optimization_v2.0.50727_32 - ok
07:27:22.0018 0x0f1c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:27:22.0018 0x0f1c clr_optimization_v2.0.50727_64 - ok
07:27:22.0143 0x0f1c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:27:22.0159 0x0f1c clr_optimization_v4.0.30319_32 - ok
07:27:22.0190 0x0f1c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:27:22.0206 0x0f1c clr_optimization_v4.0.30319_64 - ok
07:27:22.0237 0x0f1c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
07:27:22.0237 0x0f1c CmBatt - ok
07:27:22.0284 0x0f1c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:27:22.0284 0x0f1c cmdide - ok
07:27:22.0346 0x0f1c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
07:27:22.0362 0x0f1c CNG - ok
07:27:22.0424 0x0f1c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
07:27:22.0440 0x0f1c Compbatt - ok
07:27:22.0502 0x0f1c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
07:27:22.0502 0x0f1c CompositeBus - ok
07:27:22.0533 0x0f1c COMSysApp - ok
07:27:22.0564 0x0f1c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
07:27:22.0564 0x0f1c crcdisk - ok
07:27:22.0627 0x0f1c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:27:22.0627 0x0f1c CryptSvc - ok
07:27:22.0689 0x0f1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:27:22.0705 0x0f1c DcomLaunch - ok
07:27:22.0767 0x0f1c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
07:27:22.0783 0x0f1c defragsvc - ok
07:27:22.0830 0x0f1c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:27:22.0845 0x0f1c DfsC - ok
07:27:22.0892 0x0f1c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
07:27:22.0908 0x0f1c Dhcp - ok
07:27:22.0954 0x0f1c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
07:27:22.0954 0x0f1c discache - ok
07:27:23.0001 0x0f1c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
07:27:23.0001 0x0f1c Disk - ok
07:27:23.0032 0x0f1c dkab_device - ok
07:27:23.0095 0x0f1c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:27:23.0110 0x0f1c Dnscache - ok
07:27:23.0157 0x0f1c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
07:27:23.0173 0x0f1c dot3svc - ok
07:27:23.0204 0x0f1c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
07:27:23.0204 0x0f1c DPS - ok
07:27:23.0251 0x0f1c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:27:23.0251 0x0f1c drmkaud - ok
07:27:23.0360 0x0f1c [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
07:27:23.0376 0x0f1c DsiWMIService - ok
07:27:23.0438 0x0f1c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:27:23.0469 0x0f1c DXGKrnl - ok
07:27:23.0532 0x0f1c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
07:27:23.0532 0x0f1c EapHost - ok
07:27:23.0719 0x0f1c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
07:27:23.0906 0x0f1c ebdrv - ok
07:27:23.0953 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
07:27:23.0953 0x0f1c EFS - ok
07:27:24.0062 0x0f1c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:27:24.0093 0x0f1c ehRecvr - ok
07:27:24.0124 0x0f1c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
07:27:24.0140 0x0f1c ehSched - ok
07:27:24.0187 0x0f1c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
07:27:24.0218 0x0f1c elxstor - ok
07:27:24.0358 0x0f1c [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
07:27:24.0390 0x0f1c ePowerSvc - ok
07:27:24.0436 0x0f1c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:27:24.0436 0x0f1c ErrDev - ok
07:27:24.0514 0x0f1c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
07:27:24.0530 0x0f1c EventSystem - ok
07:27:24.0561 0x0f1c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
07:27:24.0561 0x0f1c exfat - ok
07:27:24.0592 0x0f1c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:27:24.0592 0x0f1c fastfat - ok
07:27:24.0639 0x0f1c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
07:27:24.0670 0x0f1c Fax - ok
07:27:24.0686 0x0f1c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
07:27:24.0702 0x0f1c fdc - ok
07:27:24.0733 0x0f1c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
07:27:24.0733 0x0f1c fdPHost - ok
07:27:24.0748 0x0f1c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
07:27:24.0748 0x0f1c FDResPub - ok
07:27:24.0780 0x0f1c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:27:24.0780 0x0f1c FileInfo - ok
07:27:24.0811 0x0f1c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:27:24.0811 0x0f1c Filetrace - ok
07:27:24.0904 0x0f1c [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:27:24.0936 0x0f1c FLEXnet Licensing Service - ok
07:27:24.0951 0x0f1c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
07:27:24.0951 0x0f1c flpydisk - ok
07:27:24.0998 0x0f1c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:27:25.0014 0x0f1c FltMgr - ok
07:27:25.0107 0x0f1c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
07:27:25.0185 0x0f1c FontCache - ok
07:27:25.0248 0x0f1c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:27:25.0248 0x0f1c FontCache3.0.0.0 - ok
07:27:25.0294 0x0f1c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:27:25.0294 0x0f1c FsDepends - ok
07:27:25.0326 0x0f1c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:27:25.0326 0x0f1c Fs_Rec - ok
07:27:25.0388 0x0f1c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:27:25.0404 0x0f1c fvevol - ok
07:27:25.0435 0x0f1c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
07:27:25.0450 0x0f1c gagp30kx - ok
07:27:25.0528 0x0f1c [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
07:27:25.0528 0x0f1c GameConsoleService - ok
07:27:25.0622 0x0f1c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
07:27:25.0669 0x0f1c gpsvc - ok
07:27:25.0731 0x0f1c [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
07:27:25.0731 0x0f1c GREGService - ok
07:27:25.0762 0x0f1c [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
07:27:25.0778 0x0f1c hamachi - ok
07:27:25.0809 0x0f1c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:27:25.0809 0x0f1c hcw85cir - ok
07:27:25.0887 0x0f1c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:27:25.0918 0x0f1c HdAudAddService - ok
07:27:25.0950 0x0f1c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
07:27:25.0950 0x0f1c HDAudBus - ok
07:27:25.0981 0x0f1c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
07:27:25.0981 0x0f1c HidBatt - ok
07:27:25.0981 0x0f1c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
07:27:25.0996 0x0f1c HidBth - ok
07:27:26.0012 0x0f1c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
07:27:26.0012 0x0f1c HidIr - ok
07:27:26.0059 0x0f1c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
07:27:26.0059 0x0f1c hidserv - ok
07:27:26.0106 0x0f1c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:27:26.0106 0x0f1c HidUsb - ok
07:27:26.0152 0x0f1c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:27:26.0168 0x0f1c hkmsvc - ok
07:27:26.0199 0x0f1c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:27:26.0215 0x0f1c HomeGroupListener - ok
07:27:26.0262 0x0f1c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:27:26.0277 0x0f1c HomeGroupProvider - ok
07:27:26.0324 0x0f1c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:27:26.0324 0x0f1c HpSAMD - ok
07:27:26.0402 0x0f1c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:27:26.0449 0x0f1c HTTP - ok
07:27:26.0480 0x0f1c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:27:26.0480 0x0f1c hwpolicy - ok
07:27:26.0542 0x0f1c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:27:26.0558 0x0f1c i8042prt - ok
07:27:26.0620 0x0f1c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:27:26.0636 0x0f1c iaStorV - ok
07:27:26.0730 0x0f1c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:27:26.0761 0x0f1c idsvc - ok
07:27:26.0808 0x0f1c IEEtwCollectorService - ok
07:27:26.0870 0x0f1c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
07:27:26.0870 0x0f1c iirsp - ok
07:27:26.0964 0x0f1c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
07:27:27.0026 0x0f1c IKEEXT - ok
07:27:27.0198 0x0f1c [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:27:27.0276 0x0f1c IntcAzAudAddService - ok
07:27:27.0307 0x0f1c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
07:27:27.0307 0x0f1c intelide - ok
07:27:27.0354 0x0f1c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:27:27.0369 0x0f1c intelppm - ok
07:27:27.0400 0x0f1c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:27:27.0416 0x0f1c IPBusEnum - ok
07:27:27.0463 0x0f1c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:27:27.0463 0x0f1c IpFilterDriver - ok
07:27:27.0525 0x0f1c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:27:27.0541 0x0f1c iphlpsvc - ok
07:27:27.0588 0x0f1c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:27:27.0603 0x0f1c IPMIDRV - ok
07:27:27.0634 0x0f1c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:27:27.0650 0x0f1c IPNAT - ok
07:27:27.0681 0x0f1c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:27:27.0681 0x0f1c IRENUM - ok
07:27:27.0697 0x0f1c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:27:27.0697 0x0f1c isapnp - ok
07:27:27.0759 0x0f1c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:27:27.0759 0x0f1c iScsiPrt - ok
07:27:27.0837 0x0f1c [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
07:27:27.0868 0x0f1c k57nd60a - ok
07:27:27.0900 0x0f1c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
07:27:27.0900 0x0f1c kbdclass - ok
07:27:27.0931 0x0f1c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
07:27:27.0931 0x0f1c kbdhid - ok
07:27:27.0946 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
07:27:27.0946 0x0f1c KeyIso - ok
07:27:27.0993 0x0f1c [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:27:27.0993 0x0f1c KSecDD - ok
07:27:28.0009 0x0f1c [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:27:28.0009 0x0f1c KSecPkg - ok
07:27:28.0040 0x0f1c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:27:28.0040 0x0f1c ksthunk - ok
07:27:28.0087 0x0f1c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
07:27:28.0102 0x0f1c KtmRm - ok
07:27:28.0165 0x0f1c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:27:28.0196 0x0f1c LanmanServer - ok
07:27:28.0227 0x0f1c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:27:28.0243 0x0f1c LanmanWorkstation - ok
07:27:28.0290 0x0f1c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:27:28.0290 0x0f1c lltdio - ok
07:27:28.0352 0x0f1c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:27:28.0368 0x0f1c lltdsvc - ok
07:27:28.0414 0x0f1c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:27:28.0414 0x0f1c lmhosts - ok
07:27:28.0446 0x0f1c LMIGuardianSvc - ok
07:27:28.0492 0x0f1c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
07:27:28.0508 0x0f1c LSI_FC - ok
07:27:28.0524 0x0f1c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
07:27:28.0539 0x0f1c LSI_SAS - ok
07:27:28.0539 0x0f1c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:27:28.0555 0x0f1c LSI_SAS2 - ok
07:27:28.0570 0x0f1c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:27:28.0570 0x0f1c LSI_SCSI - ok
07:27:28.0602 0x0f1c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
07:27:28.0617 0x0f1c luafv - ok
07:27:28.0664 0x0f1c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:27:28.0680 0x0f1c Mcx2Svc - ok
07:27:28.0711 0x0f1c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
07:27:28.0711 0x0f1c megasas - ok
07:27:28.0742 0x0f1c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
07:27:28.0758 0x0f1c MegaSR - ok
07:27:28.0773 0x0f1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
07:27:28.0789 0x0f1c MMCSS - ok
07:27:28.0820 0x0f1c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
07:27:28.0820 0x0f1c Modem - ok
07:27:28.0867 0x0f1c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:27:28.0867 0x0f1c monitor - ok
07:27:28.0898 0x0f1c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:27:28.0914 0x0f1c mouclass - ok
07:27:28.0945 0x0f1c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:27:28.0945 0x0f1c mouhid - ok
07:27:28.0976 0x0f1c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:27:28.0992 0x0f1c mountmgr - ok
07:27:29.0070 0x0f1c [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:27:29.0070 0x0f1c MozillaMaintenance - ok
07:27:29.0132 0x0f1c [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
07:27:29.0148 0x0f1c MpFilter - ok
07:27:29.0194 0x0f1c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
07:27:29.0194 0x0f1c mpio - ok
07:27:29.0241 0x0f1c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:27:29.0241 0x0f1c mpsdrv - ok
07:27:29.0319 0x0f1c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:27:29.0366 0x0f1c MpsSvc - ok
07:27:29.0397 0x0f1c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:27:29.0397 0x0f1c MRxDAV - ok
07:27:29.0444 0x0f1c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:27:29.0460 0x0f1c mrxsmb - ok
07:27:29.0475 0x0f1c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:27:29.0491 0x0f1c mrxsmb10 - ok
07:27:29.0506 0x0f1c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:27:29.0522 0x0f1c mrxsmb20 - ok
07:27:29.0538 0x0f1c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
07:27:29.0553 0x0f1c msahci - ok
07:27:29.0584 0x0f1c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:27:29.0584 0x0f1c msdsm - ok
07:27:29.0631 0x0f1c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
07:27:29.0647 0x0f1c MSDTC - ok
07:27:29.0709 0x0f1c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:27:29.0709 0x0f1c Msfs - ok
07:27:29.0725 0x0f1c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:27:29.0725 0x0f1c mshidkmdf - ok
07:27:29.0772 0x0f1c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:27:29.0772 0x0f1c msisadrv - ok
07:27:29.0818 0x0f1c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:27:29.0834 0x0f1c MSiSCSI - ok
07:27:29.0834 0x0f1c msiserver - ok
07:27:29.0912 0x0f1c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:27:29.0912 0x0f1c MSKSSRV - ok
07:27:30.0037 0x0f1c [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:27:30.0052 0x0f1c MsMpSvc - ok
07:27:30.0084 0x0f1c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:27:30.0084 0x0f1c MSPCLOCK - ok
07:27:30.0099 0x0f1c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:27:30.0099 0x0f1c MSPQM - ok
07:27:30.0162 0x0f1c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:27:30.0177 0x0f1c MsRPC - ok
07:27:30.0224 0x0f1c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
07:27:30.0224 0x0f1c mssmbios - ok
07:27:30.0240 0x0f1c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:27:30.0240 0x0f1c MSTEE - ok
07:27:30.0255 0x0f1c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
07:27:30.0271 0x0f1c MTConfig - ok
07:27:30.0302 0x0f1c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
07:27:30.0302 0x0f1c Mup - ok
07:27:30.0349 0x0f1c [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
07:27:30.0349 0x0f1c mwlPSDFilter - ok
07:27:30.0396 0x0f1c [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
07:27:30.0396 0x0f1c mwlPSDNServ - ok
07:27:30.0427 0x0f1c [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
07:27:30.0427 0x0f1c mwlPSDVDisk - ok
07:27:30.0489 0x0f1c [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
07:27:30.0505 0x0f1c MWLService - ok
07:27:30.0567 0x0f1c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
07:27:30.0583 0x0f1c napagent - ok
07:27:30.0630 0x0f1c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:27:30.0630 0x0f1c NativeWifiP - ok
07:27:30.0708 0x0f1c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
07:27:30.0770 0x0f1c NDIS - ok
07:27:30.0801 0x0f1c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:27:30.0801 0x0f1c NdisCap - ok
07:27:30.0832 0x0f1c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:27:30.0832 0x0f1c NdisTapi - ok
07:27:30.0879 0x0f1c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:27:30.0879 0x0f1c Ndisuio - ok
07:27:30.0926 0x0f1c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:27:30.0942 0x0f1c NdisWan - ok
07:27:30.0988 0x0f1c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:27:30.0988 0x0f1c NDProxy - ok
07:27:31.0035 0x0f1c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:27:31.0035 0x0f1c NetBIOS - ok
07:27:31.0082 0x0f1c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:27:31.0098 0x0f1c NetBT - ok
07:27:31.0113 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
07:27:31.0129 0x0f1c Netlogon - ok
07:27:31.0176 0x0f1c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
07:27:31.0191 0x0f1c Netman - ok
07:27:31.0254 0x0f1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:27:31.0269 0x0f1c NetMsmqActivator - ok
07:27:31.0300 0x0f1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:27:31.0300 0x0f1c NetPipeActivator - ok
07:27:31.0347 0x0f1c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
07:27:31.0363 0x0f1c netprofm - ok
07:27:31.0425 0x0f1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:27:31.0425 0x0f1c NetTcpActivator - ok
07:27:31.0441 0x0f1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:27:31.0456 0x0f1c NetTcpPortSharing - ok
07:27:31.0503 0x0f1c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
07:27:31.0503 0x0f1c nfrd960 - ok
07:27:31.0566 0x0f1c [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:27:31.0581 0x0f1c NisDrv - ok
07:27:31.0659 0x0f1c [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
07:27:31.0675 0x0f1c NisSrv - ok
07:27:31.0737 0x0f1c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:27:31.0768 0x0f1c NlaSvc - ok
07:27:31.0784 0x0f1c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:27:31.0784 0x0f1c Npfs - ok
07:27:31.0815 0x0f1c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
07:27:31.0831 0x0f1c nsi - ok
07:27:31.0846 0x0f1c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:27:31.0846 0x0f1c nsiproxy - ok
07:27:31.0971 0x0f1c [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:27:32.0065 0x0f1c Ntfs - ok
07:27:32.0158 0x0f1c [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
07:27:32.0158 0x0f1c NTI IScheduleSvc - ok
07:27:32.0190 0x0f1c [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
07:27:32.0205 0x0f1c NTIDrvr - ok
07:27:32.0205 0x0f1c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
07:27:32.0205 0x0f1c Null - ok
07:27:32.0252 0x0f1c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:27:32.0252 0x0f1c nvraid - ok
07:27:32.0268 0x0f1c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:27:32.0283 0x0f1c nvstor - ok
07:27:32.0314 0x0f1c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:27:32.0330 0x0f1c nv_agp - ok
07:27:32.0361 0x0f1c obpedscx - ok
07:27:32.0502 0x0f1c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:27:32.0517 0x0f1c odserv - ok
07:27:32.0580 0x0f1c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:27:32.0580 0x0f1c ohci1394 - ok
07:27:32.0642 0x0f1c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:27:32.0658 0x0f1c ose - ok
07:27:32.0720 0x0f1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:27:32.0736 0x0f1c p2pimsvc - ok
07:27:32.0782 0x0f1c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
07:27:32.0798 0x0f1c p2psvc - ok
07:27:32.0845 0x0f1c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
07:27:32.0845 0x0f1c Parport - ok
07:27:32.0876 0x0f1c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:27:32.0876 0x0f1c partmgr - ok
07:27:32.0923 0x0f1c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
07:27:32.0938 0x0f1c PcaSvc - ok
07:27:33.0001 0x0f1c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
07:27:33.0016 0x0f1c pci - ok
07:27:33.0048 0x0f1c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
07:27:33.0048 0x0f1c pciide - ok
07:27:33.0094 0x0f1c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
07:27:33.0110 0x0f1c pcmcia - ok
07:27:33.0141 0x0f1c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
07:27:33.0141 0x0f1c pcw - ok
07:27:33.0219 0x0f1c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:27:33.0235 0x0f1c PEAUTH - ok
07:27:33.0313 0x0f1c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:27:33.0328 0x0f1c PerfHost - ok
07:27:33.0453 0x0f1c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
07:27:33.0500 0x0f1c pla - ok
07:27:33.0562 0x0f1c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:27:33.0578 0x0f1c PlugPlay - ok
07:27:33.0609 0x0f1c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:27:33.0625 0x0f1c PNRPAutoReg - ok
07:27:33.0656 0x0f1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:27:33.0672 0x0f1c PNRPsvc - ok
07:27:33.0703 0x0f1c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:27:33.0734 0x0f1c PolicyAgent - ok
07:27:33.0765 0x0f1c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
07:27:33.0781 0x0f1c Power - ok
07:27:33.0812 0x0f1c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:27:33.0828 0x0f1c PptpMiniport - ok
07:27:33.0859 0x0f1c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
07:27:33.0859 0x0f1c Processor - ok
07:27:33.0921 0x0f1c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
07:27:33.0937 0x0f1c ProfSvc - ok
07:27:33.0952 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
07:27:33.0952 0x0f1c ProtectedStorage - ok
07:27:33.0999 0x0f1c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:27:33.0999 0x0f1c Psched - ok
07:27:34.0124 0x0f1c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
07:27:34.0186 0x0f1c ql2300 - ok
07:27:34.0218 0x0f1c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
07:27:34.0218 0x0f1c ql40xx - ok
07:27:34.0280 0x0f1c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
07:27:34.0296 0x0f1c QWAVE - ok
07:27:34.0327 0x0f1c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:27:34.0327 0x0f1c QWAVEdrv - ok
07:27:34.0342 0x0f1c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:27:34.0342 0x0f1c RasAcd - ok
07:27:34.0389 0x0f1c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:27:34.0389 0x0f1c RasAgileVpn - ok
07:27:34.0405 0x0f1c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
07:27:34.0420 0x0f1c RasAuto - ok
07:27:34.0467 0x0f1c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:27:34.0483 0x0f1c Rasl2tp - ok
07:27:34.0530 0x0f1c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
07:27:34.0545 0x0f1c RasMan - ok
07:27:34.0576 0x0f1c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:27:34.0576 0x0f1c RasPppoe - ok
07:27:34.0608 0x0f1c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:27:34.0608 0x0f1c RasSstp - ok
07:27:34.0639 0x0f1c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:27:34.0654 0x0f1c rdbss - ok
07:27:34.0670 0x0f1c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
07:27:34.0670 0x0f1c rdpbus - ok
07:27:34.0701 0x0f1c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:27:34.0701 0x0f1c RDPCDD - ok
07:27:34.0732 0x0f1c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:27:34.0732 0x0f1c RDPENCDD - ok
07:27:34.0748 0x0f1c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:27:34.0748 0x0f1c RDPREFMP - ok
07:27:34.0810 0x0f1c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:27:34.0826 0x0f1c RDPWD - ok
07:27:34.0888 0x0f1c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:27:34.0888 0x0f1c rdyboost - ok
07:27:34.0935 0x0f1c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:27:34.0951 0x0f1c RemoteAccess - ok
07:27:34.0982 0x0f1c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:27:34.0998 0x0f1c RemoteRegistry - ok
07:27:35.0029 0x0f1c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:27:35.0029 0x0f1c RpcEptMapper - ok
07:27:35.0060 0x0f1c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
07:27:35.0060 0x0f1c RpcLocator - ok
07:27:35.0107 0x0f1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
07:27:35.0122 0x0f1c RpcSs - ok
07:27:35.0154 0x0f1c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:27:35.0154 0x0f1c rspndr - ok
07:27:35.0232 0x0f1c [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
07:27:35.0247 0x0f1c RSUSBSTOR - ok
07:27:35.0294 0x0f1c [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
07:27:35.0310 0x0f1c RTHDMIAzAudService - ok
07:27:35.0325 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
07:27:35.0325 0x0f1c SamSs - ok
07:27:35.0372 0x0f1c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:27:35.0372 0x0f1c sbp2port - ok
07:27:35.0434 0x0f1c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:27:35.0450 0x0f1c SCardSvr - ok
07:27:35.0481 0x0f1c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:27:35.0481 0x0f1c scfilter - ok
07:27:35.0575 0x0f1c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
07:27:35.0637 0x0f1c Schedule - ok
07:27:35.0668 0x0f1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
07:27:35.0684 0x0f1c SCPolicySvc - ok
07:27:35.0731 0x0f1c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:27:35.0746 0x0f1c SDRSVC - ok
07:27:35.0778 0x0f1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:27:35.0778 0x0f1c secdrv - ok
07:27:35.0809 0x0f1c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
07:27:35.0809 0x0f1c seclogon - ok
07:27:35.0856 0x0f1c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
07:27:35.0856 0x0f1c SENS - ok
07:27:35.0887 0x0f1c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:27:35.0887 0x0f1c SensrSvc - ok
07:27:35.0918 0x0f1c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:27:35.0918 0x0f1c Serenum - ok
07:27:35.0934 0x0f1c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:27:35.0949 0x0f1c Serial - ok
07:27:35.0980 0x0f1c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
07:27:35.0980 0x0f1c sermouse - ok
07:27:36.0043 0x0f1c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
07:27:36.0058 0x0f1c SessionEnv - ok
07:27:36.0090 0x0f1c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:27:36.0090 0x0f1c sffdisk - ok
07:27:36.0105 0x0f1c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:27:36.0105 0x0f1c sffp_mmc - ok
07:27:36.0121 0x0f1c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:27:36.0121 0x0f1c sffp_sd - ok
07:27:36.0152 0x0f1c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
07:27:36.0152 0x0f1c sfloppy - ok
07:27:36.0214 0x0f1c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:27:36.0230 0x0f1c SharedAccess - ok
07:27:36.0277 0x0f1c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:27:36.0292 0x0f1c ShellHWDetection - ok
07:27:36.0324 0x0f1c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:27:36.0324 0x0f1c SiSRaid2 - ok
07:27:36.0324 0x0f1c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
07:27:36.0339 0x0f1c SiSRaid4 - ok
07:27:36.0417 0x0f1c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
07:27:36.0433 0x0f1c SkypeUpdate - ok
07:27:36.0495 0x0f1c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:27:36.0495 0x0f1c Smb - ok
07:27:36.0573 0x0f1c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:27:36.0573 0x0f1c SNMPTRAP - ok
07:27:36.0589 0x0f1c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
07:27:36.0589 0x0f1c spldr - ok
07:27:36.0651 0x0f1c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
07:27:36.0667 0x0f1c Spooler - ok
07:27:36.0854 0x0f1c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
07:27:37.0072 0x0f1c sppsvc - ok
07:27:37.0150 0x0f1c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:27:37.0150 0x0f1c sppuinotify - ok
07:27:37.0228 0x0f1c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:27:37.0244 0x0f1c srv - ok
07:27:37.0275 0x0f1c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:27:37.0291 0x0f1c srv2 - ok
07:27:37.0306 0x0f1c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:27:37.0306 0x0f1c srvnet - ok
07:27:37.0338 0x0f1c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:27:37.0353 0x0f1c SSDPSRV - ok
07:27:37.0369 0x0f1c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:27:37.0369 0x0f1c SstpSvc - ok
07:27:37.0447 0x0f1c [ C3D855CC0A8E5E373FDFCF4F743C5C9D, 8DFDD2470DCCC63FCF1621B6B3A996285C75EE330BE8AC905B2176E5DE52C150 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
07:27:37.0462 0x0f1c Steam Client Service - ok
07:27:37.0494 0x0f1c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
07:27:37.0494 0x0f1c stexstor - ok
07:27:37.0587 0x0f1c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
07:27:37.0634 0x0f1c stisvc - ok
07:27:37.0681 0x0f1c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
07:27:37.0681 0x0f1c swenum - ok
07:27:37.0743 0x0f1c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
07:27:37.0759 0x0f1c swprv - ok
07:27:37.0837 0x0f1c [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
07:27:37.0852 0x0f1c SynTP - ok
07:27:37.0946 0x0f1c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
07:27:37.0993 0x0f1c SysMain - ok
07:27:38.0040 0x0f1c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:27:38.0040 0x0f1c TabletInputService - ok
07:27:38.0071 0x0f1c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
07:27:38.0086 0x0f1c TapiSrv - ok
07:27:38.0133 0x0f1c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
07:27:38.0133 0x0f1c TBS - ok
07:27:38.0258 0x0f1c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:27:38.0336 0x0f1c Tcpip - ok
07:27:38.0461 0x0f1c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:27:38.0508 0x0f1c TCPIP6 - ok
07:27:38.0570 0x0f1c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:27:38.0570 0x0f1c tcpipreg - ok
07:27:38.0617 0x0f1c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:27:38.0617 0x0f1c TDPIPE - ok
07:27:38.0648 0x0f1c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:27:38.0648 0x0f1c TDTCP - ok
07:27:38.0695 0x0f1c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:27:38.0710 0x0f1c tdx - ok
07:27:38.0726 0x0f1c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
07:27:38.0726 0x0f1c TermDD - ok
07:27:38.0788 0x0f1c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
07:27:38.0820 0x0f1c TermService - ok
07:27:38.0851 0x0f1c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
07:27:38.0866 0x0f1c Themes - ok
07:27:38.0898 0x0f1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
07:27:38.0898 0x0f1c THREADORDER - ok
07:27:38.0929 0x0f1c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
07:27:38.0944 0x0f1c TrkWks - ok
07:27:39.0007 0x0f1c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:27:39.0023 0x0f1c TrustedInstaller - ok
07:27:39.0054 0x0f1c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:27:39.0054 0x0f1c tssecsrv - ok
07:27:39.0101 0x0f1c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:27:39.0101 0x0f1c TsUsbFlt - ok
07:27:39.0147 0x0f1c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:27:39.0163 0x0f1c tunnel - ok
07:27:39.0194 0x0f1c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
07:27:39.0194 0x0f1c uagp35 - ok
07:27:39.0210 0x0f1c [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
07:27:39.0210 0x0f1c UBHelper - ok
07:27:39.0272 0x0f1c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:27:39.0303 0x0f1c udfs - ok
07:27:39.0350 0x0f1c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:27:39.0350 0x0f1c UI0Detect - ok
07:27:39.0397 0x0f1c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:27:39.0397 0x0f1c uliagpkx - ok
07:27:39.0459 0x0f1c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
07:27:39.0459 0x0f1c umbus - ok
07:27:39.0491 0x0f1c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
07:27:39.0506 0x0f1c UmPass - ok
07:27:39.0569 0x0f1c [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
07:27:39.0584 0x0f1c Updater Service - ok
07:27:39.0647 0x0f1c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
07:27:39.0678 0x0f1c upnphost - ok
07:27:39.0740 0x0f1c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
07:27:39.0756 0x0f1c usbaudio - ok
07:27:39.0787 0x0f1c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:27:39.0803 0x0f1c usbccgp - ok
07:27:39.0834 0x0f1c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:27:39.0834 0x0f1c usbcir - ok
07:27:39.0865 0x0f1c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:27:39.0865 0x0f1c usbehci - ok
07:27:39.0927 0x0f1c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:27:39.0943 0x0f1c usbhub - ok
07:27:39.0974 0x0f1c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
07:27:39.0974 0x0f1c usbohci - ok
07:27:40.0005 0x0f1c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:27:40.0005 0x0f1c usbprint - ok
07:27:40.0052 0x0f1c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:27:40.0052 0x0f1c USBSTOR - ok
07:27:40.0083 0x0f1c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:27:40.0099 0x0f1c usbuhci - ok
07:27:40.0130 0x0f1c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
07:27:40.0146 0x0f1c usbvideo - ok
07:27:40.0177 0x0f1c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
07:27:40.0177 0x0f1c UxSms - ok
07:27:40.0193 0x0f1c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
07:27:40.0208 0x0f1c VaultSvc - ok
07:27:40.0255 0x0f1c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:27:40.0255 0x0f1c vdrvroot - ok
07:27:40.0333 0x0f1c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
07:27:40.0364 0x0f1c vds - ok
07:27:40.0411 0x0f1c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:27:40.0427 0x0f1c vga - ok
07:27:40.0442 0x0f1c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
07:27:40.0442 0x0f1c VgaSave - ok
07:27:40.0489 0x0f1c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:27:40.0505 0x0f1c vhdmp - ok
07:27:40.0551 0x0f1c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
07:27:40.0551 0x0f1c viaide - ok
07:27:40.0567 0x0f1c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:27:40.0583 0x0f1c volmgr - ok
07:27:40.0614 0x0f1c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:27:40.0645 0x0f1c volmgrx - ok
07:27:40.0661 0x0f1c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:27:40.0676 0x0f1c volsnap - ok
07:27:40.0723 0x0f1c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
07:27:40.0723 0x0f1c vsmraid - ok
07:27:40.0848 0x0f1c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
07:27:40.0941 0x0f1c VSS - ok
07:27:40.0973 0x0f1c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:27:40.0973 0x0f1c vwifibus - ok
07:27:40.0988 0x0f1c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:27:41.0004 0x0f1c vwififlt - ok
07:27:41.0082 0x0f1c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
07:27:41.0097 0x0f1c W32Time - ok
07:27:41.0113 0x0f1c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
07:27:41.0129 0x0f1c WacomPen - ok
07:27:41.0175 0x0f1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:27:41.0175 0x0f1c WANARP - ok
07:27:41.0191 0x0f1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:27:41.0191 0x0f1c Wanarpv6 - ok
07:27:41.0316 0x0f1c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:27:41.0363 0x0f1c WatAdminSvc - ok
07:27:41.0503 0x0f1c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
07:27:41.0597 0x0f1c wbengine - ok
07:27:41.0659 0x0f1c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:27:41.0675 0x0f1c WbioSrvc - ok
07:27:41.0737 0x0f1c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:27:41.0753 0x0f1c wcncsvc - ok
07:27:41.0784 0x0f1c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:27:41.0784 0x0f1c WcsPlugInService - ok
07:27:41.0815 0x0f1c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
07:27:41.0815 0x0f1c Wd - ok
07:27:41.0877 0x0f1c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:27:41.0909 0x0f1c Wdf01000 - ok
07:27:41.0940 0x0f1c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:27:41.0955 0x0f1c WdiServiceHost - ok
07:27:41.0955 0x0f1c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:27:41.0971 0x0f1c WdiSystemHost - ok
07:27:42.0002 0x0f1c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
07:27:42.0018 0x0f1c WebClient - ok
07:27:42.0049 0x0f1c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:27:42.0065 0x0f1c Wecsvc - ok
07:27:42.0080 0x0f1c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:27:42.0080 0x0f1c wercplsupport - ok
07:27:42.0127 0x0f1c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
07:27:42.0127 0x0f1c WerSvc - ok
07:27:42.0158 0x0f1c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:27:42.0158 0x0f1c WfpLwf - ok
07:27:42.0174 0x0f1c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:27:42.0174 0x0f1c WIMMount - ok
07:27:42.0205 0x0f1c WinDefend - ok
07:27:42.0221 0x0f1c WinHttpAutoProxySvc - ok
07:27:42.0299 0x0f1c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:27:42.0314 0x0f1c Winmgmt - ok
07:27:42.0501 0x0f1c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
07:27:42.0579 0x0f1c WinRM - ok
07:27:42.0673 0x0f1c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:27:42.0673 0x0f1c WinUsb - ok
07:27:42.0767 0x0f1c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
07:27:42.0813 0x0f1c Wlansvc - ok
07:27:43.0001 0x0f1c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:27:43.0063 0x0f1c wlidsvc - ok
07:27:43.0110 0x0f1c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:27:43.0110 0x0f1c WmiAcpi - ok
07:27:43.0172 0x0f1c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:27:43.0188 0x0f1c wmiApSrv - ok
07:27:43.0235 0x0f1c WMPNetworkSvc - ok
07:27:43.0266 0x0f1c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:27:43.0266 0x0f1c WPCSvc - ok
07:27:43.0313 0x0f1c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:27:43.0313 0x0f1c WPDBusEnum - ok
07:27:43.0344 0x0f1c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:27:43.0344 0x0f1c ws2ifsl - ok
07:27:43.0375 0x0f1c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
07:27:43.0375 0x0f1c wscsvc - ok
07:27:43.0391 0x0f1c WSearch - ok
07:27:43.0515 0x0f1c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
07:27:43.0578 0x0f1c wuauserv - ok
07:27:43.0625 0x0f1c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:27:43.0625 0x0f1c WudfPf - ok
07:27:43.0671 0x0f1c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:27:43.0671 0x0f1c WUDFRd - ok
07:27:43.0703 0x0f1c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:27:43.0703 0x0f1c wudfsvc - ok
07:27:43.0765 0x0f1c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
07:27:43.0843 0x0f1c WwanSvc - ok
07:27:43.0890 0x0f1c ================ Scan global ===============================
07:27:43.0921 0x0f1c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
07:27:43.0968 0x0f1c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:27:44.0015 0x0f1c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:27:44.0046 0x0f1c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
07:27:44.0108 0x0f1c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
07:27:44.0124 0x0f1c [ Global ] - ok
07:27:44.0124 0x0f1c ================ Scan MBR ==================================
07:27:44.0139 0x0f1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:27:44.0623 0x0f1c \Device\Harddisk0\DR0 - ok
07:27:44.0623 0x0f1c ================ Scan VBR ==================================
07:27:44.0639 0x0f1c [ E37277CA43758313B81E90E86B850A72 ] \Device\Harddisk0\DR0\Partition1
07:27:44.0685 0x0f1c \Device\Harddisk0\DR0\Partition1 - ok
07:27:44.0685 0x0f1c [ 5CEE1D84F9F64EB58772E1615BA28FC6 ] \Device\Harddisk0\DR0\Partition2
07:27:44.0685 0x0f1c \Device\Harddisk0\DR0\Partition2 - ok
07:27:44.0701 0x0f1c Waiting for KSN requests completion. In queue: 41
07:27:45.0715 0x0f1c Waiting for KSN requests completion. In queue: 41
07:27:46.0729 0x0f1c Waiting for KSN requests completion. In queue: 41
07:27:47.0743 0x0f1c Waiting for KSN requests completion. In queue: 41
07:27:48.0773 0x0f1c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
07:27:48.0819 0x0f1c Win FW state via NFP2: enabled
07:27:51.0721 0x0f1c ============================================================
07:27:51.0721 0x0f1c Scan finished
07:27:51.0721 0x0f1c ============================================================
07:27:51.0721 0x063c Detected object count: 0
07:27:51.0721 0x063c Actual detected object count: 0
10:57:06.0507 0x1288 ============================================================
10:57:06.0507 0x1288 Scan started
10:57:06.0507 0x1288 Mode: Manual;
10:57:06.0507 0x1288 ============================================================
10:57:06.0507 0x1288 KSN ping started
10:57:10.0454 0x1288 KSN ping finished: true
10:57:11.0015 0x1288 ================ Scan system memory ========================
10:57:11.0015 0x1288 System memory - ok
10:57:11.0015 0x1288 ================ Scan services =============================
10:57:11.0218 0x1288 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:57:11.0234 0x1288 1394ohci - ok
10:57:11.0280 0x1288 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:57:11.0296 0x1288 ACPI - ok
10:57:11.0327 0x1288 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:57:11.0327 0x1288 AcpiPmi - ok
10:57:11.0468 0x1288 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:57:11.0468 0x1288 AdobeARMservice - ok
10:57:11.0639 0x1288 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:57:11.0655 0x1288 AdobeFlashPlayerUpdateSvc - ok
10:57:11.0717 0x1288 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:57:11.0733 0x1288 adp94xx - ok
10:57:11.0748 0x1288 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:57:11.0764 0x1288 adpahci - ok
10:57:11.0780 0x1288 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:57:11.0780 0x1288 adpu320 - ok
10:57:11.0811 0x1288 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:57:11.0811 0x1288 AeLookupSvc - ok
10:57:11.0858 0x1288 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
10:57:11.0873 0x1288 AFD - ok
10:57:11.0920 0x1288 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:57:11.0920 0x1288 agp440 - ok
10:57:11.0951 0x1288 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:57:11.0951 0x1288 ALG - ok
10:57:11.0982 0x1288 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:57:11.0982 0x1288 aliide - ok
10:57:12.0029 0x1288 [ 671D9DCA48DA807780D8409C18ED0AE0, 0502328A9334EF9703547619EC3CB2532AAE33460AD85EFEBD461899C602A7AA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:57:12.0045 0x1288 AMD External Events Utility - ok
10:57:12.0060 0x1288 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:57:12.0060 0x1288 amdide - ok
10:57:12.0092 0x1288 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:57:12.0092 0x1288 AmdK8 - ok
10:57:12.0419 0x1288 [ D3E6B2E1394D93FE9DB0BA24814B0D8F, C4B00C280B562E4DD4F1DF56CFBFCFB486224006585A71B0827BF271AE163DD6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
10:57:12.0622 0x1288 amdkmdag - ok
10:57:12.0700 0x1288 [ CC4D915D786D3DA973B2EA9B95D59A29, 8089D5CB60A26784EB164D49A7EF907D7053D614F04B50C9A9672605FFA16164 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:57:12.0700 0x1288 amdkmdap - ok
10:57:12.0716 0x1288 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:57:12.0716 0x1288 AmdPPM - ok
10:57:12.0747 0x1288 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:57:12.0762 0x1288 amdsata - ok
10:57:12.0778 0x1288 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:57:12.0794 0x1288 amdsbs - ok
10:57:12.0809 0x1288 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:57:12.0809 0x1288 amdxata - ok
10:57:12.0840 0x1288 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:57:12.0840 0x1288 AppID - ok
10:57:12.0887 0x1288 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:57:12.0887 0x1288 AppIDSvc - ok
10:57:12.0918 0x1288 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:57:12.0918 0x1288 Appinfo - ok
10:57:12.0934 0x1288 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:57:12.0934 0x1288 arc - ok
10:57:12.0965 0x1288 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:57:12.0965 0x1288 arcsas - ok
10:57:13.0074 0x1288 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:57:13.0074 0x1288 aspnet_state - ok
10:57:13.0106 0x1288 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:57:13.0106 0x1288 AsyncMac - ok
10:57:13.0137 0x1288 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:57:13.0137 0x1288 atapi - ok
10:57:13.0262 0x1288 [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:57:13.0324 0x1288 athr - ok
10:57:13.0340 0x1288 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
10:57:13.0340 0x1288 AtiPcie - ok
10:57:13.0433 0x1288 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:57:13.0449 0x1288 AudioEndpointBuilder - ok
10:57:13.0480 0x1288 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:57:13.0496 0x1288 AudioSrv - ok
10:57:13.0527 0x1288 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:57:13.0542 0x1288 AxInstSV - ok
10:57:13.0605 0x1288 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:57:13.0620 0x1288 b06bdrv - ok
10:57:13.0667 0x1288 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:57:13.0667 0x1288 b57nd60a - ok
10:57:13.0714 0x1288 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:57:13.0714 0x1288 BDESVC - ok
10:57:13.0745 0x1288 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:57:13.0745 0x1288 Beep - ok
10:57:13.0823 0x1288 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:57:13.0854 0x1288 BFE - ok
10:57:13.0917 0x1288 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:57:13.0948 0x1288 BITS - ok
10:57:13.0979 0x1288 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:57:13.0979 0x1288 blbdrive - ok
10:57:14.0026 0x1288 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:57:14.0026 0x1288 bowser - ok
10:57:14.0073 0x1288 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:57:14.0073 0x1288 BrFiltLo - ok
10:57:14.0088 0x1288 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:57:14.0088 0x1288 BrFiltUp - ok
10:57:14.0120 0x1288 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:57:14.0135 0x1288 Browser - ok
10:57:14.0151 0x1288 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:57:14.0166 0x1288 Brserid - ok
10:57:14.0166 0x1288 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:57:14.0182 0x1288 BrSerWdm - ok
10:57:14.0182 0x1288 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:57:14.0182 0x1288 BrUsbMdm - ok
10:57:14.0198 0x1288 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:57:14.0198 0x1288 BrUsbSer - ok
10:57:14.0213 0x1288 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:57:14.0213 0x1288 BTHMODEM - ok
10:57:14.0244 0x1288 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:57:14.0244 0x1288 bthserv - ok
10:57:14.0260 0x1288 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:57:14.0276 0x1288 cdfs - ok
10:57:14.0307 0x1288 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:57:14.0322 0x1288 cdrom - ok
10:57:14.0354 0x1288 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:57:14.0369 0x1288 CertPropSvc - ok
10:57:14.0400 0x1288 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:57:14.0400 0x1288 circlass - ok
10:57:14.0463 0x1288 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:57:14.0478 0x1288 CLFS - ok
10:57:14.0541 0x1288 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:57:14.0541 0x1288 clr_optimization_v2.0.50727_32 - ok
10:57:14.0588 0x1288 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:57:14.0603 0x1288 clr_optimization_v2.0.50727_64 - ok
10:57:14.0666 0x1288 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:57:14.0681 0x1288 clr_optimization_v4.0.30319_32 - ok
10:57:14.0697 0x1288 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:57:14.0712 0x1288 clr_optimization_v4.0.30319_64 - ok
10:57:14.0728 0x1288 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:57:14.0728 0x1288 CmBatt - ok
10:57:14.0759 0x1288 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:57:14.0759 0x1288 cmdide - ok
10:57:14.0806 0x1288 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:57:14.0822 0x1288 CNG - ok
10:57:14.0853 0x1288 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:57:14.0868 0x1288 Compbatt - ok
10:57:14.0900 0x1288 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:57:14.0900 0x1288 CompositeBus - ok
10:57:14.0915 0x1288 COMSysApp - ok
10:57:14.0931 0x1288 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:57:14.0931 0x1288 crcdisk - ok
10:57:14.0978 0x1288 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:57:14.0978 0x1288 CryptSvc - ok
10:57:15.0024 0x1288 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:57:15.0040 0x1288 DcomLaunch - ok
10:57:15.0102 0x1288 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:57:15.0118 0x1288 defragsvc - ok
10:57:15.0165 0x1288 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:57:15.0165 0x1288 DfsC - ok
10:57:15.0212 0x1288 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:57:15.0227 0x1288 Dhcp - ok
10:57:15.0258 0x1288 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:57:15.0258 0x1288 discache - ok
10:57:15.0290 0x1288 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:57:15.0290 0x1288 Disk - ok
10:57:15.0290 0x1288 dkab_device - ok
10:57:15.0336 0x1288 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:57:15.0336 0x1288 Dnscache - ok
10:57:15.0399 0x1288 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:57:15.0414 0x1288 dot3svc - ok
10:57:15.0461 0x1288 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:57:15.0461 0x1288 DPS - ok
10:57:15.0492 0x1288 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:57:15.0492 0x1288 drmkaud - ok
10:57:15.0570 0x1288 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
10:57:15.0586 0x1288 DsiWMIService - ok
10:57:15.0695 0x1288 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:57:15.0726 0x1288 DXGKrnl - ok
10:57:15.0758 0x1288 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:57:15.0773 0x1288 EapHost - ok
10:57:15.0976 0x1288 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:57:16.0054 0x1288 ebdrv - ok
10:57:16.0163 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
10:57:16.0179 0x1288 EFS - ok
10:57:16.0288 0x1288 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:57:16.0304 0x1288 ehRecvr - ok
10:57:16.0335 0x1288 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:57:16.0335 0x1288 ehSched - ok
10:57:16.0382 0x1288 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:57:16.0397 0x1288 elxstor - ok
10:57:16.0522 0x1288 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
10:57:16.0553 0x1288 ePowerSvc - ok
10:57:16.0600 0x1288 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:57:16.0600 0x1288 ErrDev - ok
10:57:16.0662 0x1288 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:57:16.0678 0x1288 EventSystem - ok
10:57:16.0709 0x1288 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:57:16.0725 0x1288 exfat - ok
10:57:16.0756 0x1288 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:57:16.0772 0x1288 fastfat - ok
10:57:16.0865 0x1288 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:57:16.0912 0x1288 Fax - ok
10:57:16.0928 0x1288 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:57:16.0928 0x1288 fdc - ok
10:57:16.0959 0x1288 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:57:16.0959 0x1288 fdPHost - ok
10:57:16.0974 0x1288 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:57:16.0974 0x1288 FDResPub - ok
10:57:16.0990 0x1288 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:57:16.0990 0x1288 FileInfo - ok
10:57:17.0006 0x1288 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:57:17.0021 0x1288 Filetrace - ok
10:57:17.0099 0x1288 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:57:17.0130 0x1288 FLEXnet Licensing Service - ok
10:57:17.0162 0x1288 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:57:17.0162 0x1288 flpydisk - ok
10:57:17.0208 0x1288 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:57:17.0240 0x1288 FltMgr - ok
10:57:17.0302 0x1288 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:57:17.0333 0x1288 FontCache - ok
10:57:17.0396 0x1288 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:57:17.0396 0x1288 FontCache3.0.0.0 - ok
10:57:17.0442 0x1288 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:57:17.0442 0x1288 FsDepends - ok
10:57:17.0474 0x1288 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:57:17.0474 0x1288 Fs_Rec - ok
10:57:17.0520 0x1288 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:57:17.0536 0x1288 fvevol - ok
10:57:17.0552 0x1288 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:57:17.0567 0x1288 gagp30kx - ok
10:57:17.0630 0x1288 [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
10:57:17.0645 0x1288 GameConsoleService - ok
10:57:17.0723 0x1288 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:57:17.0739 0x1288 gpsvc - ok
10:57:17.0801 0x1288 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
10:57:17.0801 0x1288 GREGService - ok
10:57:17.0848 0x1288 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:57:17.0848 0x1288 hamachi - ok
10:57:17.0879 0x1288 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:57:17.0879 0x1288 hcw85cir - ok
10:57:17.0942 0x1288 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:57:17.0957 0x1288 HdAudAddService - ok
10:57:17.0988 0x1288 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:57:17.0988 0x1288 HDAudBus - ok
10:57:18.0004 0x1288 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:57:18.0004 0x1288 HidBatt - ok
10:57:18.0020 0x1288 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:57:18.0020 0x1288 HidBth - ok
10:57:18.0035 0x1288 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:57:18.0035 0x1288 HidIr - ok
10:57:18.0051 0x1288 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:57:18.0066 0x1288 hidserv - ok
10:57:18.0098 0x1288 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:57:18.0098 0x1288 HidUsb - ok
10:57:18.0129 0x1288 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:57:18.0144 0x1288 hkmsvc - ok
10:57:18.0191 0x1288 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:57:18.0191 0x1288 HomeGroupListener - ok
10:57:18.0238 0x1288 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:57:18.0254 0x1288 HomeGroupProvider - ok
10:57:18.0300 0x1288 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:57:18.0300 0x1288 HpSAMD - ok
10:57:18.0410 0x1288 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:57:18.0425 0x1288 HTTP - ok
10:57:18.0472 0x1288 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:57:18.0472 0x1288 hwpolicy - ok
10:57:18.0503 0x1288 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:57:18.0519 0x1288 i8042prt - ok
10:57:18.0581 0x1288 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:57:18.0597 0x1288 iaStorV - ok
10:57:18.0690 0x1288 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:57:18.0737 0x1288 idsvc - ok
10:57:18.0753 0x1288 IEEtwCollectorService - ok
10:57:18.0800 0x1288 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:57:18.0800 0x1288 iirsp - ok
10:57:18.0893 0x1288 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:57:18.0956 0x1288 IKEEXT - ok
10:57:19.0221 0x1288 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:57:19.0268 0x1288 IntcAzAudAddService - ok
10:57:19.0361 0x1288 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:57:19.0361 0x1288 intelide - ok
10:57:19.0392 0x1288 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:57:19.0408 0x1288 intelppm - ok
10:57:19.0439 0x1288 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:57:19.0455 0x1288 IPBusEnum - ok
10:57:19.0486 0x1288 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:57:19.0486 0x1288 IpFilterDriver - ok
10:57:19.0564 0x1288 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:57:19.0611 0x1288 iphlpsvc - ok
10:57:19.0658 0x1288 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:57:19.0658 0x1288 IPMIDRV - ok
10:57:19.0704 0x1288 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:57:19.0704 0x1288 IPNAT - ok
10:57:19.0720 0x1288 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:57:19.0720 0x1288 IRENUM - ok
10:57:19.0767 0x1288 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:57:19.0767 0x1288 isapnp - ok
10:57:19.0814 0x1288 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:57:19.0829 0x1288 iScsiPrt - ok
10:57:19.0892 0x1288 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
10:57:19.0923 0x1288 k57nd60a - ok
10:57:19.0938 0x1288 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:57:19.0938 0x1288 kbdclass - ok
10:57:19.0954 0x1288 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:57:19.0954 0x1288 kbdhid - ok
10:57:19.0985 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
10:57:19.0985 0x1288 KeyIso - ok
10:57:20.0016 0x1288 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:57:20.0016 0x1288 KSecDD - ok
10:57:20.0032 0x1288 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:57:20.0032 0x1288 KSecPkg - ok
10:57:20.0079 0x1288 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:57:20.0079 0x1288 ksthunk - ok
10:57:20.0110 0x1288 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:57:20.0126 0x1288 KtmRm - ok
10:57:20.0172 0x1288 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:57:20.0188 0x1288 LanmanServer - ok
10:57:20.0219 0x1288 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:57:20.0219 0x1288 LanmanWorkstation - ok
10:57:20.0250 0x1288 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:57:20.0250 0x1288 lltdio - ok
10:57:20.0297 0x1288 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:57:20.0297 0x1288 lltdsvc - ok
10:57:20.0328 0x1288 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:57:20.0328 0x1288 lmhosts - ok
10:57:20.0328 0x1288 LMIGuardianSvc - ok
10:57:20.0375 0x1288 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:57:20.0375 0x1288 LSI_FC - ok
10:57:20.0391 0x1288 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:57:20.0391 0x1288 LSI_SAS - ok
10:57:20.0406 0x1288 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:57:20.0406 0x1288 LSI_SAS2 - ok
10:57:20.0438 0x1288 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:57:20.0453 0x1288 LSI_SCSI - ok
10:57:20.0469 0x1288 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:57:20.0469 0x1288 luafv - ok
10:57:20.0516 0x1288 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:57:20.0516 0x1288 Mcx2Svc - ok
10:57:20.0531 0x1288 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:57:20.0531 0x1288 megasas - ok
10:57:20.0562 0x1288 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:57:20.0578 0x1288 MegaSR - ok
10:57:20.0609 0x1288 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:57:20.0609 0x1288 MMCSS - ok
10:57:20.0640 0x1288 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:57:20.0640 0x1288 Modem - ok
10:57:20.0656 0x1288 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:57:20.0656 0x1288 monitor - ok
10:57:20.0672 0x1288 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:57:20.0672 0x1288 mouclass - ok
10:57:20.0687 0x1288 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:57:20.0687 0x1288 mouhid - ok
10:57:20.0718 0x1288 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:57:20.0718 0x1288 mountmgr - ok
10:57:20.0765 0x1288 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:57:20.0781 0x1288 MozillaMaintenance - ok
10:57:20.0812 0x1288 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:57:20.0828 0x1288 MpFilter - ok
10:57:20.0859 0x1288 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:57:20.0874 0x1288 mpio - ok
10:57:20.0890 0x1288 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:57:20.0890 0x1288 mpsdrv - ok
10:57:20.0968 0x1288 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:57:20.0999 0x1288 MpsSvc - ok
10:57:21.0030 0x1288 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:57:21.0046 0x1288 MRxDAV - ok
10:57:21.0093 0x1288 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:57:21.0093 0x1288 mrxsmb - ok
10:57:21.0124 0x1288 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:57:21.0140 0x1288 mrxsmb10 - ok
10:57:21.0155 0x1288 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:57:21.0171 0x1288 mrxsmb20 - ok
10:57:21.0202 0x1288 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:57:21.0202 0x1288 msahci - ok
10:57:21.0233 0x1288 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:57:21.0233 0x1288 msdsm - ok
10:57:21.0280 0x1288 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:57:21.0280 0x1288 MSDTC - ok
10:57:21.0342 0x1288 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:57:21.0342 0x1288 Msfs - ok
10:57:21.0358 0x1288 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:57:21.0358 0x1288 mshidkmdf - ok
10:57:21.0405 0x1288 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:57:21.0405 0x1288 msisadrv - ok
10:57:21.0452 0x1288 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:57:21.0467 0x1288 MSiSCSI - ok
10:57:21.0483 0x1288 msiserver - ok
10:57:21.0498 0x1288 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:57:21.0498 0x1288 MSKSSRV - ok
10:57:21.0576 0x1288 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:57:21.0576 0x1288 MsMpSvc - ok
10:57:21.0608 0x1288 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:57:21.0608 0x1288 MSPCLOCK - ok
10:57:21.0623 0x1288 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:57:21.0623 0x1288 MSPQM - ok
10:57:21.0686 0x1288 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:57:21.0717 0x1288 MsRPC - ok
10:57:21.0748 0x1288 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:57:21.0748 0x1288 mssmbios - ok
10:57:21.0779 0x1288 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:57:21.0779 0x1288 MSTEE - ok
10:57:21.0795 0x1288 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:57:21.0795 0x1288 MTConfig - ok
10:57:21.0810 0x1288 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:57:21.0810 0x1288 Mup - ok
10:57:21.0842 0x1288 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:57:21.0842 0x1288 mwlPSDFilter - ok
10:57:21.0842 0x1288 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:57:21.0857 0x1288 mwlPSDNServ - ok
10:57:21.0873 0x1288 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:57:21.0873 0x1288 mwlPSDVDisk - ok
10:57:21.0935 0x1288 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
10:57:21.0951 0x1288 MWLService - ok
10:57:22.0013 0x1288 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:57:22.0013 0x1288 napagent - ok
10:57:22.0060 0x1288 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:57:22.0076 0x1288 NativeWifiP - ok
10:57:22.0138 0x1288 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:57:22.0185 0x1288 NDIS - ok
10:57:22.0200 0x1288 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:57:22.0200 0x1288 NdisCap - ok
10:57:22.0232 0x1288 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:57:22.0232 0x1288 NdisTapi - ok
10:57:22.0263 0x1288 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:57:22.0263 0x1288 Ndisuio - ok
10:57:22.0294 0x1288 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:57:22.0310 0x1288 NdisWan - ok
10:57:22.0341 0x1288 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:57:22.0356 0x1288 NDProxy - ok
10:57:22.0403 0x1288 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:57:22.0403 0x1288 NetBIOS - ok
10:57:22.0481 0x1288 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:57:22.0497 0x1288 NetBT - ok
10:57:22.0512 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
10:57:22.0512 0x1288 Netlogon - ok
10:57:22.0575 0x1288 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:57:22.0606 0x1288 Netman - ok
10:57:22.0653 0x1288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:22.0668 0x1288 NetMsmqActivator - ok
10:57:22.0684 0x1288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:22.0700 0x1288 NetPipeActivator - ok
10:57:22.0746 0x1288 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:57:22.0762 0x1288 netprofm - ok
10:57:22.0778 0x1288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:22.0778 0x1288 NetTcpActivator - ok
10:57:22.0793 0x1288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:22.0809 0x1288 NetTcpPortSharing - ok
10:57:22.0840 0x1288 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:57:22.0840 0x1288 nfrd960 - ok
10:57:22.0871 0x1288 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:57:22.0871 0x1288 NisDrv - ok
10:57:22.0918 0x1288 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:57:22.0949 0x1288 NisSrv - ok
10:57:22.0996 0x1288 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:57:23.0012 0x1288 NlaSvc - ok
10:57:23.0027 0x1288 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:57:23.0027 0x1288 Npfs - ok
10:57:23.0074 0x1288 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:57:23.0074 0x1288 nsi - ok
10:57:23.0090 0x1288 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:57:23.0090 0x1288 nsiproxy - ok
10:57:23.0214 0x1288 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:57:23.0261 0x1288 Ntfs - ok
10:57:23.0417 0x1288 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:57:23.0433 0x1288 NTI IScheduleSvc - ok
10:57:23.0464 0x1288 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
10:57:23.0464 0x1288 NTIDrvr - ok
10:57:23.0480 0x1288 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:57:23.0480 0x1288 Null - ok
10:57:23.0526 0x1288 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:57:23.0542 0x1288 nvraid - ok
10:57:23.0558 0x1288 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:57:23.0573 0x1288 nvstor - ok
10:57:23.0620 0x1288 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:57:23.0620 0x1288 nv_agp - ok
10:57:23.0636 0x1288 obpedscx - ok
10:57:23.0745 0x1288 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:57:23.0760 0x1288 odserv - ok
10:57:23.0792 0x1288 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:57:23.0792 0x1288 ohci1394 - ok
10:57:23.0838 0x1288 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:57:23.0854 0x1288 ose - ok
10:57:23.0901 0x1288 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:57:23.0916 0x1288 p2pimsvc - ok
10:57:23.0948 0x1288 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:57:23.0963 0x1288 p2psvc - ok
10:57:23.0994 0x1288 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:57:23.0994 0x1288 Parport - ok
10:57:24.0041 0x1288 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:57:24.0041 0x1288 partmgr - ok
10:57:24.0088 0x1288 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:57:24.0088 0x1288 PcaSvc - ok
10:57:24.0135 0x1288 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:57:24.0135 0x1288 pci - ok
10:57:24.0166 0x1288 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:57:24.0166 0x1288 pciide - ok
10:57:24.0228 0x1288 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:57:24.0244 0x1288 pcmcia - ok
10:57:24.0260 0x1288 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:57:24.0275 0x1288 pcw - ok
10:57:24.0322 0x1288 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:57:24.0338 0x1288 PEAUTH - ok
10:57:24.0431 0x1288 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:57:24.0447 0x1288 PerfHost - ok
10:57:24.0587 0x1288 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:57:24.0650 0x1288 pla - ok
10:57:24.0696 0x1288 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:57:24.0712 0x1288 PlugPlay - ok
10:57:24.0759 0x1288 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:57:24.0759 0x1288 PNRPAutoReg - ok
10:57:24.0790 0x1288 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:57:24.0806 0x1288 PNRPsvc - ok
10:57:24.0852 0x1288 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:57:24.0868 0x1288 PolicyAgent - ok
10:57:24.0899 0x1288 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:57:24.0899 0x1288 Power - ok
10:57:24.0930 0x1288 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:57:24.0930 0x1288 PptpMiniport - ok
10:57:24.0977 0x1288 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:57:24.0977 0x1288 Processor - ok
10:57:25.0040 0x1288 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
10:57:25.0040 0x1288 ProfSvc - ok
10:57:25.0055 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:57:25.0055 0x1288 ProtectedStorage - ok
10:57:25.0102 0x1288 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:57:25.0102 0x1288 Psched - ok
10:57:25.0211 0x1288 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:57:25.0274 0x1288 ql2300 - ok
10:57:25.0289 0x1288 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:57:25.0305 0x1288 ql40xx - ok
10:57:25.0383 0x1288 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:57:25.0398 0x1288 QWAVE - ok
10:57:25.0430 0x1288 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:57:25.0445 0x1288 QWAVEdrv - ok
10:57:25.0445 0x1288 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:57:25.0445 0x1288 RasAcd - ok
10:57:25.0476 0x1288 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:57:25.0476 0x1288 RasAgileVpn - ok
10:57:25.0508 0x1288 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:57:25.0508 0x1288 RasAuto - ok
10:57:25.0554 0x1288 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:57:25.0554 0x1288 Rasl2tp - ok
10:57:25.0617 0x1288 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:57:25.0648 0x1288 RasMan - ok
10:57:25.0679 0x1288 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:57:25.0679 0x1288 RasPppoe - ok
10:57:25.0726 0x1288 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:57:25.0726 0x1288 RasSstp - ok
10:57:25.0773 0x1288 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:57:25.0788 0x1288 rdbss - ok
10:57:25.0820 0x1288 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:57:25.0820 0x1288 rdpbus - ok
10:57:25.0835 0x1288 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:57:25.0835 0x1288 RDPCDD - ok
10:57:25.0851 0x1288 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:57:25.0866 0x1288 RDPENCDD - ok
10:57:25.0882 0x1288 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:57:25.0882 0x1288 RDPREFMP - ok
10:57:25.0929 0x1288 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:57:25.0929 0x1288 RDPWD - ok
10:57:25.0991 0x1288 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:57:26.0007 0x1288 rdyboost - ok
10:57:26.0038 0x1288 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:57:26.0054 0x1288 RemoteAccess - ok
10:57:26.0085 0x1288 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:57:26.0100 0x1288 RemoteRegistry - ok
10:57:26.0116 0x1288 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:57:26.0116 0x1288 RpcEptMapper - ok
10:57:26.0132 0x1288 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:57:26.0147 0x1288 RpcLocator - ok
10:57:26.0210 0x1288 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:57:26.0225 0x1288 RpcSs - ok
10:57:26.0256 0x1288 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:57:26.0256 0x1288 rspndr - ok
10:57:26.0303 0x1288 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:57:26.0303 0x1288 RSUSBSTOR - ok
10:57:26.0334 0x1288 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:57:26.0350 0x1288 RTHDMIAzAudService - ok
10:57:26.0381 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
10:57:26.0381 0x1288 SamSs - ok
10:57:26.0412 0x1288 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:57:26.0428 0x1288 sbp2port - ok
10:57:26.0475 0x1288 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:57:26.0490 0x1288 SCardSvr - ok
10:57:26.0522 0x1288 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:57:26.0537 0x1288 scfilter - ok
10:57:26.0631 0x1288 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:57:26.0678 0x1288 Schedule - ok
10:57:26.0709 0x1288 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:57:26.0709 0x1288 SCPolicySvc - ok
10:57:26.0771 0x1288 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:57:26.0771 0x1288 SDRSVC - ok
10:57:26.0802 0x1288 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:57:26.0802 0x1288 secdrv - ok
10:57:26.0834 0x1288 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:57:26.0834 0x1288 seclogon - ok
10:57:26.0865 0x1288 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:57:26.0865 0x1288 SENS - ok
10:57:26.0896 0x1288 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:57:26.0896 0x1288 SensrSvc - ok
10:57:26.0927 0x1288 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:57:26.0927 0x1288 Serenum - ok
10:57:26.0943 0x1288 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:57:26.0943 0x1288 Serial - ok
10:57:26.0974 0x1288 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:57:26.0974 0x1288 sermouse - ok
10:57:27.0052 0x1288 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:57:27.0068 0x1288 SessionEnv - ok
10:57:27.0099 0x1288 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:57:27.0099 0x1288 sffdisk - ok
10:57:27.0114 0x1288 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:57:27.0114 0x1288 sffp_mmc - ok
10:57:27.0130 0x1288 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:57:27.0130 0x1288 sffp_sd - ok
10:57:27.0177 0x1288 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:57:27.0177 0x1288 sfloppy - ok
10:57:27.0255 0x1288 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:57:27.0270 0x1288 SharedAccess - ok
10:57:27.0317 0x1288 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:57:27.0317 0x1288 ShellHWDetection - ok
10:57:27.0333 0x1288 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:57:27.0333 0x1288 SiSRaid2 - ok
10:57:27.0348 0x1288 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:57:27.0348 0x1288 SiSRaid4 - ok
10:57:27.0411 0x1288 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:57:27.0426 0x1288 SkypeUpdate - ok
10:57:27.0473 0x1288 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:57:27.0473 0x1288 Smb - ok
10:57:27.0520 0x1288 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:57:27.0520 0x1288 SNMPTRAP - ok
10:57:27.0536 0x1288 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:57:27.0536 0x1288 spldr - ok
10:57:27.0598 0x1288 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:57:27.0629 0x1288 Spooler - ok
10:57:27.0801 0x1288 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:57:27.0894 0x1288 sppsvc - ok
10:57:27.0972 0x1288 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:57:27.0972 0x1288 sppuinotify - ok
10:57:28.0050 0x1288 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:57:28.0066 0x1288 srv - ok
10:57:28.0097 0x1288 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:57:28.0113 0x1288 srv2 - ok
10:57:28.0144 0x1288 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:57:28.0160 0x1288 srvnet - ok
10:57:28.0206 0x1288 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:57:28.0222 0x1288 SSDPSRV - ok
10:57:28.0238 0x1288 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:57:28.0253 0x1288 SstpSvc - ok
10:57:28.0316 0x1288 [ C3D855CC0A8E5E373FDFCF4F743C5C9D, 8DFDD2470DCCC63FCF1621B6B3A996285C75EE330BE8AC905B2176E5DE52C150 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:57:28.0331 0x1288 Steam Client Service - ok
10:57:28.0362 0x1288 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:57:28.0362 0x1288 stexstor - ok
10:57:28.0440 0x1288 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:57:28.0456 0x1288 stisvc - ok
10:57:28.0487 0x1288 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:57:28.0487 0x1288 swenum - ok
10:57:28.0565 0x1288 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:57:28.0581 0x1288 swprv - ok
10:57:28.0643 0x1288 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:57:28.0643 0x1288 SynTP - ok
10:57:28.0768 0x1288 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:57:28.0830 0x1288 SysMain - ok
10:57:28.0893 0x1288 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:57:28.0908 0x1288 TabletInputService - ok
10:57:28.0940 0x1288 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:57:28.0955 0x1288 TapiSrv - ok
10:57:29.0002 0x1288 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:57:29.0002 0x1288 TBS - ok
10:57:29.0127 0x1288 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:57:29.0174 0x1288 Tcpip - ok
10:57:29.0283 0x1288 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:57:29.0361 0x1288 TCPIP6 - ok
10:57:29.0470 0x1288 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:57:29.0470 0x1288 tcpipreg - ok
10:57:29.0517 0x1288 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:57:29.0517 0x1288 TDPIPE - ok
10:57:29.0548 0x1288 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:57:29.0548 0x1288 TDTCP - ok
10:57:29.0595 0x1288 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:57:29.0595 0x1288 tdx - ok
10:57:29.0626 0x1288 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:57:29.0626 0x1288 TermDD - ok
10:57:29.0704 0x1288 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:57:29.0735 0x1288 TermService - ok
10:57:29.0766 0x1288 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:57:29.0782 0x1288 Themes - ok
10:57:29.0813 0x1288 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:57:29.0813 0x1288 THREADORDER - ok
10:57:29.0844 0x1288 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:57:29.0844 0x1288 TrkWks - ok
10:57:29.0907 0x1288 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:57:29.0922 0x1288 TrustedInstaller - ok
10:57:29.0954 0x1288 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:57:29.0969 0x1288 tssecsrv - ok
10:57:30.0016 0x1288 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:57:30.0016 0x1288 TsUsbFlt - ok
10:57:30.0063 0x1288 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:57:30.0063 0x1288 tunnel - ok
10:57:30.0110 0x1288 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:57:30.0110 0x1288 uagp35 - ok
10:57:30.0125 0x1288 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
10:57:30.0125 0x1288 UBHelper - ok
10:57:30.0172 0x1288 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:57:30.0203 0x1288 udfs - ok
10:57:30.0234 0x1288 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:57:30.0234 0x1288 UI0Detect - ok
10:57:30.0266 0x1288 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:57:30.0266 0x1288 uliagpkx - ok
10:57:30.0328 0x1288 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:57:30.0328 0x1288 umbus - ok
10:57:30.0359 0x1288 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:57:30.0359 0x1288 UmPass - ok
10:57:30.0453 0x1288 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:57:30.0468 0x1288 Updater Service - ok
10:57:30.0531 0x1288 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:57:30.0546 0x1288 upnphost - ok
10:57:30.0593 0x1288 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:57:30.0593 0x1288 usbaudio - ok
10:57:30.0640 0x1288 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:57:30.0640 0x1288 usbccgp - ok
10:57:30.0671 0x1288 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:57:30.0671 0x1288 usbcir - ok
10:57:30.0702 0x1288 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:57:30.0702 0x1288 usbehci - ok
10:57:30.0749 0x1288 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:57:30.0765 0x1288 usbhub - ok
10:57:30.0796 0x1288 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:57:30.0796 0x1288 usbohci - ok
10:57:30.0827 0x1288 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:57:30.0843 0x1288 usbprint - ok
10:57:30.0874 0x1288 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:57:30.0874 0x1288 USBSTOR - ok
10:57:30.0905 0x1288 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:57:30.0905 0x1288 usbuhci - ok
10:57:30.0952 0x1288 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:57:30.0952 0x1288 usbvideo - ok
10:57:30.0983 0x1288 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:57:30.0983 0x1288 UxSms - ok
10:57:30.0999 0x1288 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
10:57:30.0999 0x1288 VaultSvc - ok
10:57:31.0046 0x1288 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:57:31.0046 0x1288 vdrvroot - ok
10:57:31.0124 0x1288 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:57:31.0139 0x1288 vds - ok
10:57:31.0186 0x1288 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:57:31.0186 0x1288 vga - ok
10:57:31.0217 0x1288 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:57:31.0217 0x1288 VgaSave - ok
10:57:31.0264 0x1288 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:57:31.0264 0x1288 vhdmp - ok
10:57:31.0311 0x1288 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:57:31.0311 0x1288 viaide - ok
10:57:31.0342 0x1288 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:57:31.0342 0x1288 volmgr - ok
10:57:31.0404 0x1288 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:57:31.0436 0x1288 volmgrx - ok
10:57:31.0467 0x1288 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:57:31.0467 0x1288 volsnap - ok
10:57:31.0498 0x1288 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:57:31.0514 0x1288 vsmraid - ok
10:57:31.0607 0x1288 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:57:31.0654 0x1288 VSS - ok
10:57:31.0670 0x1288 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:57:31.0670 0x1288 vwifibus - ok
10:57:31.0685 0x1288 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:57:31.0701 0x1288 vwififlt - ok
10:57:31.0763 0x1288 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:57:31.0779 0x1288 W32Time - ok
10:57:31.0810 0x1288 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:57:31.0810 0x1288 WacomPen - ok
10:57:31.0826 0x1288 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:57:31.0841 0x1288 WANARP - ok
10:57:31.0857 0x1288 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:57:31.0857 0x1288 Wanarpv6 - ok
10:57:31.0982 0x1288 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:57:32.0013 0x1288 WatAdminSvc - ok
10:57:32.0169 0x1288 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:57:32.0216 0x1288 wbengine - ok
10:57:32.0262 0x1288 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:57:32.0278 0x1288 WbioSrvc - ok
10:57:32.0325 0x1288 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:57:32.0325 0x1288 wcncsvc - ok
10:57:32.0356 0x1288 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:57:32.0356 0x1288 WcsPlugInService - ok
10:57:32.0403 0x1288 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:57:32.0403 0x1288 Wd - ok
10:57:32.0481 0x1288 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:57:32.0543 0x1288 Wdf01000 - ok
10:57:32.0574 0x1288 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:57:32.0590 0x1288 WdiServiceHost - ok
10:57:32.0606 0x1288 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:57:32.0606 0x1288 WdiSystemHost - ok
10:57:32.0652 0x1288 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:57:32.0668 0x1288 WebClient - ok
10:57:32.0699 0x1288 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:57:32.0715 0x1288 Wecsvc - ok
10:57:32.0762 0x1288 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:57:32.0762 0x1288 wercplsupport - ok
10:57:32.0777 0x1288 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:57:32.0793 0x1288 WerSvc - ok
10:57:32.0824 0x1288 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:57:32.0824 0x1288 WfpLwf - ok
10:57:32.0840 0x1288 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:57:32.0840 0x1288 WIMMount - ok
10:57:32.0871 0x1288 WinDefend - ok
10:57:32.0871 0x1288 WinHttpAutoProxySvc - ok
10:57:32.0949 0x1288 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:57:32.0964 0x1288 Winmgmt - ok
10:57:33.0120 0x1288 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:57:33.0183 0x1288 WinRM - ok
10:57:33.0276 0x1288 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:57:33.0276 0x1288 WinUsb - ok
10:57:33.0370 0x1288 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:57:33.0401 0x1288 Wlansvc - ok
10:57:33.0573 0x1288 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:57:33.0666 0x1288 wlidsvc - ok
10:57:33.0760 0x1288 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:57:33.0776 0x1288 WmiAcpi - ok
10:57:33.0822 0x1288 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:57:33.0838 0x1288 wmiApSrv - ok
10:57:33.0869 0x1288 WMPNetworkSvc - ok
10:57:33.0900 0x1288 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:57:33.0916 0x1288 WPCSvc - ok
10:57:33.0947 0x1288 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:57:33.0963 0x1288 WPDBusEnum - ok
10:57:33.0994 0x1288 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:57:33.0994 0x1288 ws2ifsl - ok
10:57:34.0010 0x1288 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:57:34.0025 0x1288 wscsvc - ok
10:57:34.0025 0x1288 WSearch - ok
10:57:34.0197 0x1288 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
10:57:34.0259 0x1288 wuauserv - ok
10:57:34.0368 0x1288 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:57:34.0368 0x1288 WudfPf - ok
10:57:34.0415 0x1288 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:57:34.0415 0x1288 WUDFRd - ok
10:57:34.0462 0x1288 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:57:34.0462 0x1288 wudfsvc - ok
10:57:34.0509 0x1288 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:57:34.0524 0x1288 WwanSvc - ok
10:57:34.0556 0x1288 ================ Scan global ===============================
10:57:34.0587 0x1288 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:57:34.0618 0x1288 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:57:34.0649 0x1288 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:57:34.0680 0x1288 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:57:34.0727 0x1288 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:57:34.0727 0x1288 [ Global ] - ok
10:57:34.0727 0x1288 ================ Scan MBR ==================================
10:57:34.0758 0x1288 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:57:35.0211 0x1288 \Device\Harddisk0\DR0 - ok
10:57:35.0211 0x1288 ================ Scan VBR ==================================
10:57:35.0211 0x1288 [ E37277CA43758313B81E90E86B850A72 ] \Device\Harddisk0\DR0\Partition1
10:57:35.0258 0x1288 \Device\Harddisk0\DR0\Partition1 - ok
10:57:35.0258 0x1288 [ 5CEE1D84F9F64EB58772E1615BA28FC6 ] \Device\Harddisk0\DR0\Partition2
10:57:35.0258 0x1288 \Device\Harddisk0\DR0\Partition2 - ok
10:57:35.0273 0x1288 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
10:57:35.0273 0x1288 Win FW state via NFP2: enabled
10:57:38.0128 0x1288 ============================================================
10:57:38.0128 0x1288 Scan finished
10:57:38.0128 0x1288 ============================================================
10:57:38.0144 0x02c4 Detected object count: 0
10:57:38.0144 0x02c4 Actual detected object count: 0
12:38:20.0903 0x0ea0 ============================================================
12:38:20.0903 0x0ea0 Scan started
12:38:20.0903 0x0ea0 Mode: Manual;
12:38:20.0903 0x0ea0 ============================================================
12:38:20.0903 0x0ea0 KSN ping started
12:38:25.0208 0x0ea0 KSN ping finished: true
12:38:25.0676 0x0ea0 ================ Scan system memory ========================
12:38:25.0676 0x0ea0 System memory - ok
12:38:25.0676 0x0ea0 ================ Scan services =============================
12:38:25.0957 0x0ea0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:38:25.0973 0x0ea0 1394ohci - ok
12:38:26.0035 0x0ea0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:38:26.0051 0x0ea0 ACPI - ok
12:38:26.0082 0x0ea0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:38:26.0082 0x0ea0 AcpiPmi - ok
12:38:26.0160 0x0ea0 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:26.0160 0x0ea0 AdobeARMservice - ok
12:38:26.0285 0x0ea0 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:26.0300 0x0ea0 AdobeFlashPlayerUpdateSvc - ok
12:38:26.0363 0x0ea0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:38:26.0378 0x0ea0 adp94xx - ok
12:38:26.0394 0x0ea0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:38:26.0409 0x0ea0 adpahci - ok
12:38:26.0425 0x0ea0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:38:26.0425 0x0ea0 adpu320 - ok
12:38:26.0472 0x0ea0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:38:26.0472 0x0ea0 AeLookupSvc - ok
12:38:26.0519 0x0ea0 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:38:26.0519 0x0ea0 AFD - ok
12:38:26.0565 0x0ea0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:38:26.0565 0x0ea0 agp440 - ok
12:38:26.0612 0x0ea0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:38:26.0612 0x0ea0 ALG - ok
12:38:26.0643 0x0ea0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:38:26.0659 0x0ea0 aliide - ok
12:38:26.0690 0x0ea0 [ 671D9DCA48DA807780D8409C18ED0AE0, 0502328A9334EF9703547619EC3CB2532AAE33460AD85EFEBD461899C602A7AA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:38:26.0706 0x0ea0 AMD External Events Utility - ok
12:38:26.0753 0x0ea0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:38:26.0753 0x0ea0 amdide - ok
12:38:26.0784 0x0ea0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:38:26.0784 0x0ea0 AmdK8 - ok
12:38:27.0111 0x0ea0 [ D3E6B2E1394D93FE9DB0BA24814B0D8F, C4B00C280B562E4DD4F1DF56CFBFCFB486224006585A71B0827BF271AE163DD6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
12:38:27.0267 0x0ea0 amdkmdag - ok
12:38:27.0330 0x0ea0 [ CC4D915D786D3DA973B2EA9B95D59A29, 8089D5CB60A26784EB164D49A7EF907D7053D614F04B50C9A9672605FFA16164 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:38:27.0330 0x0ea0 amdkmdap - ok
12:38:27.0345 0x0ea0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:38:27.0345 0x0ea0 AmdPPM - ok
12:38:27.0408 0x0ea0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:38:27.0423 0x0ea0 amdsata - ok
12:38:27.0455 0x0ea0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:38:27.0470 0x0ea0 amdsbs - ok
12:38:27.0501 0x0ea0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:38:27.0501 0x0ea0 amdxata - ok
12:38:27.0548 0x0ea0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:38:27.0548 0x0ea0 AppID - ok
12:38:27.0579 0x0ea0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:38:27.0579 0x0ea0 AppIDSvc - ok
12:38:27.0611 0x0ea0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:38:27.0626 0x0ea0 Appinfo - ok
12:38:27.0657 0x0ea0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:38:27.0657 0x0ea0 arc - ok
12:38:27.0689 0x0ea0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:38:27.0689 0x0ea0 arcsas - ok
12:38:27.0798 0x0ea0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:38:27.0813 0x0ea0 aspnet_state - ok
12:38:27.0829 0x0ea0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:27.0845 0x0ea0 AsyncMac - ok
12:38:27.0876 0x0ea0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:38:27.0876 0x0ea0 atapi - ok
12:38:28.0016 0x0ea0 [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:38:28.0079 0x0ea0 athr - ok
12:38:28.0172 0x0ea0 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:38:28.0172 0x0ea0 AtiPcie - ok
12:38:28.0250 0x0ea0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:28.0266 0x0ea0 AudioEndpointBuilder - ok
12:38:28.0297 0x0ea0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:38:28.0313 0x0ea0 AudioSrv - ok
12:38:28.0359 0x0ea0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:38:28.0359 0x0ea0 AxInstSV - ok
12:38:28.0437 0x0ea0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:38:28.0453 0x0ea0 b06bdrv - ok
12:38:28.0469 0x0ea0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:38:28.0484 0x0ea0 b57nd60a - ok
12:38:28.0515 0x0ea0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:38:28.0531 0x0ea0 BDESVC - ok
12:38:28.0562 0x0ea0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:38:28.0562 0x0ea0 Beep - ok
12:38:28.0609 0x0ea0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:38:28.0625 0x0ea0 BFE - ok
12:38:28.0703 0x0ea0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:38:28.0749 0x0ea0 BITS - ok
12:38:28.0781 0x0ea0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:28.0781 0x0ea0 blbdrive - ok
12:38:28.0827 0x0ea0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:38:28.0827 0x0ea0 bowser - ok
12:38:28.0874 0x0ea0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:38:28.0874 0x0ea0 BrFiltLo - ok
12:38:28.0890 0x0ea0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:38:28.0890 0x0ea0 BrFiltUp - ok
12:38:28.0937 0x0ea0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:38:28.0937 0x0ea0 Browser - ok
12:38:28.0968 0x0ea0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:38:28.0983 0x0ea0 Brserid - ok
12:38:28.0999 0x0ea0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:28.0999 0x0ea0 BrSerWdm - ok
12:38:29.0015 0x0ea0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:29.0015 0x0ea0 BrUsbMdm - ok
12:38:29.0015 0x0ea0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:29.0030 0x0ea0 BrUsbSer - ok
12:38:29.0030 0x0ea0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:38:29.0030 0x0ea0 BTHMODEM - ok
12:38:29.0061 0x0ea0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:38:29.0077 0x0ea0 bthserv - ok
12:38:29.0093 0x0ea0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:38:29.0108 0x0ea0 cdfs - ok
12:38:29.0155 0x0ea0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:38:29.0171 0x0ea0 cdrom - ok
12:38:29.0202 0x0ea0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:38:29.0202 0x0ea0 CertPropSvc - ok
12:38:29.0233 0x0ea0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:38:29.0233 0x0ea0 circlass - ok
12:38:29.0264 0x0ea0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:38:29.0280 0x0ea0 CLFS - ok
12:38:29.0327 0x0ea0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:29.0327 0x0ea0 clr_optimization_v2.0.50727_32 - ok
12:38:29.0373 0x0ea0 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:38:29.0389 0x0ea0 clr_optimization_v2.0.50727_64 - ok
12:38:29.0483 0x0ea0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:29.0483 0x0ea0 clr_optimization_v4.0.30319_32 - ok
12:38:29.0529 0x0ea0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:38:29.0545 0x0ea0 clr_optimization_v4.0.30319_64 - ok
12:38:29.0561 0x0ea0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:38:29.0561 0x0ea0 CmBatt - ok
12:38:29.0607 0x0ea0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:38:29.0607 0x0ea0 cmdide - ok
12:38:29.0685 0x0ea0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:38:29.0685 0x0ea0 CNG - ok
12:38:29.0732 0x0ea0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:38:29.0732 0x0ea0 Compbatt - ok
12:38:29.0763 0x0ea0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:38:29.0763 0x0ea0 CompositeBus - ok
12:38:29.0779 0x0ea0 COMSysApp - ok
12:38:29.0795 0x0ea0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:38:29.0810 0x0ea0 crcdisk - ok
12:38:29.0841 0x0ea0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:38:29.0857 0x0ea0 CryptSvc - ok
12:38:29.0935 0x0ea0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:38:29.0951 0x0ea0 DcomLaunch - ok
12:38:29.0997 0x0ea0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:38:29.0997 0x0ea0 defragsvc - ok
12:38:30.0029 0x0ea0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:38:30.0029 0x0ea0 DfsC - ok
12:38:30.0060 0x0ea0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:38:30.0075 0x0ea0 Dhcp - ok
12:38:30.0107 0x0ea0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:38:30.0107 0x0ea0 discache - ok
12:38:30.0122 0x0ea0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:38:30.0122 0x0ea0 Disk - ok
12:38:30.0138 0x0ea0 dkab_device - ok
12:38:30.0169 0x0ea0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:38:30.0185 0x0ea0 Dnscache - ok
12:38:30.0231 0x0ea0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:38:30.0247 0x0ea0 dot3svc - ok
12:38:30.0278 0x0ea0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:38:30.0278 0x0ea0 DPS - ok
12:38:30.0309 0x0ea0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:38:30.0325 0x0ea0 drmkaud - ok
12:38:30.0387 0x0ea0 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:38:30.0419 0x0ea0 DsiWMIService - ok
12:38:30.0497 0x0ea0 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:38:30.0512 0x0ea0 DXGKrnl - ok
12:38:30.0543 0x0ea0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:38:30.0559 0x0ea0 EapHost - ok
12:38:30.0731 0x0ea0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:38:30.0824 0x0ea0 ebdrv - ok
12:38:30.0887 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:38:30.0902 0x0ea0 EFS - ok
12:38:31.0011 0x0ea0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:38:31.0027 0x0ea0 ehRecvr - ok
12:38:31.0058 0x0ea0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:38:31.0058 0x0ea0 ehSched - ok
12:38:31.0121 0x0ea0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:38:31.0121 0x0ea0 elxstor - ok
12:38:31.0245 0x0ea0 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:38:31.0277 0x0ea0 ePowerSvc - ok
12:38:31.0308 0x0ea0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:38:31.0308 0x0ea0 ErrDev - ok
12:38:31.0370 0x0ea0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:38:31.0370 0x0ea0 EventSystem - ok
12:38:31.0401 0x0ea0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:38:31.0417 0x0ea0 exfat - ok
12:38:31.0448 0x0ea0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:38:31.0448 0x0ea0 fastfat - ok
12:38:31.0526 0x0ea0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:38:31.0557 0x0ea0 Fax - ok
12:38:31.0573 0x0ea0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:38:31.0573 0x0ea0 fdc - ok
12:38:31.0604 0x0ea0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:38:31.0604 0x0ea0 fdPHost - ok
12:38:31.0635 0x0ea0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:38:31.0635 0x0ea0 FDResPub - ok
12:38:31.0667 0x0ea0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:38:31.0667 0x0ea0 FileInfo - ok
12:38:31.0698 0x0ea0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:38:31.0698 0x0ea0 Filetrace - ok
12:38:31.0791 0x0ea0 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:38:31.0823 0x0ea0 FLEXnet Licensing Service - ok
12:38:31.0838 0x0ea0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:38:31.0838 0x0ea0 flpydisk - ok
12:38:31.0885 0x0ea0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:38:31.0916 0x0ea0 FltMgr - ok
12:38:31.0979 0x0ea0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:38:32.0010 0x0ea0 FontCache - ok
12:38:32.0072 0x0ea0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:32.0072 0x0ea0 FontCache3.0.0.0 - ok
12:38:32.0119 0x0ea0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:38:32.0119 0x0ea0 FsDepends - ok
12:38:32.0150 0x0ea0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:38:32.0166 0x0ea0 Fs_Rec - ok
12:38:32.0213 0x0ea0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:38:32.0228 0x0ea0 fvevol - ok
12:38:32.0259 0x0ea0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:38:32.0259 0x0ea0 gagp30kx - ok
12:38:32.0322 0x0ea0 [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
12:38:32.0337 0x0ea0 GameConsoleService - ok
12:38:32.0415 0x0ea0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:38:32.0431 0x0ea0 gpsvc - ok
12:38:32.0478 0x0ea0 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:38:32.0478 0x0ea0 GREGService - ok
12:38:32.0509 0x0ea0 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:38:32.0509 0x0ea0 hamachi - ok
12:38:32.0540 0x0ea0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:38:32.0556 0x0ea0 hcw85cir - ok
12:38:32.0603 0x0ea0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:32.0634 0x0ea0 HdAudAddService - ok
12:38:32.0649 0x0ea0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:38:32.0649 0x0ea0 HDAudBus - ok
12:38:32.0665 0x0ea0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:38:32.0665 0x0ea0 HidBatt - ok
12:38:32.0681 0x0ea0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:38:32.0681 0x0ea0 HidBth - ok
12:38:32.0696 0x0ea0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:38:32.0696 0x0ea0 HidIr - ok
12:38:32.0727 0x0ea0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:38:32.0727 0x0ea0 hidserv - ok
12:38:32.0759 0x0ea0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:38:32.0759 0x0ea0 HidUsb - ok
12:38:32.0805 0x0ea0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:38:32.0805 0x0ea0 hkmsvc - ok
12:38:32.0852 0x0ea0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:32.0883 0x0ea0 HomeGroupListener - ok
12:38:32.0930 0x0ea0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:32.0946 0x0ea0 HomeGroupProvider - ok
12:38:32.0993 0x0ea0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:38:32.0993 0x0ea0 HpSAMD - ok
12:38:33.0071 0x0ea0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:38:33.0086 0x0ea0 HTTP - ok
12:38:33.0117 0x0ea0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:38:33.0117 0x0ea0 hwpolicy - ok
12:38:33.0164 0x0ea0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:38:33.0180 0x0ea0 i8042prt - ok
12:38:33.0242 0x0ea0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:38:33.0258 0x0ea0 iaStorV - ok
12:38:33.0367 0x0ea0 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:33.0383 0x0ea0 idsvc - ok
12:38:33.0398 0x0ea0 IEEtwCollectorService - ok
12:38:33.0445 0x0ea0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:38:33.0445 0x0ea0 iirsp - ok
12:38:33.0554 0x0ea0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:38:33.0585 0x0ea0 IKEEXT - ok
12:38:33.0726 0x0ea0 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:33.0788 0x0ea0 IntcAzAudAddService - ok
12:38:33.0882 0x0ea0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:38:33.0882 0x0ea0 intelide - ok
12:38:33.0913 0x0ea0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:38:33.0929 0x0ea0 intelppm - ok
12:38:33.0960 0x0ea0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:38:33.0975 0x0ea0 IPBusEnum - ok
12:38:34.0007 0x0ea0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:34.0007 0x0ea0 IpFilterDriver - ok
12:38:34.0069 0x0ea0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:38:34.0100 0x0ea0 iphlpsvc - ok
12:38:34.0147 0x0ea0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:38:34.0147 0x0ea0 IPMIDRV - ok
12:38:34.0194 0x0ea0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:38:34.0194 0x0ea0 IPNAT - ok
12:38:34.0209 0x0ea0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:38:34.0209 0x0ea0 IRENUM - ok
12:38:34.0241 0x0ea0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:38:34.0241 0x0ea0 isapnp - ok
12:38:34.0272 0x0ea0 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:38:34.0272 0x0ea0 iScsiPrt - ok
12:38:34.0334 0x0ea0 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:38:34.0350 0x0ea0 k57nd60a - ok
12:38:34.0381 0x0ea0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:38:34.0397 0x0ea0 kbdclass - ok
12:38:34.0412 0x0ea0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:38:34.0412 0x0ea0 kbdhid - ok
12:38:34.0459 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:38:34.0459 0x0ea0 KeyIso - ok
12:38:34.0506 0x0ea0 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:38:34.0506 0x0ea0 KSecDD - ok
12:38:34.0537 0x0ea0 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:38:34.0553 0x0ea0 KSecPkg - ok
12:38:34.0584 0x0ea0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:38:34.0584 0x0ea0 ksthunk - ok
12:38:34.0646 0x0ea0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:38:34.0662 0x0ea0 KtmRm - ok
12:38:34.0693 0x0ea0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:38:34.0709 0x0ea0 LanmanServer - ok
12:38:34.0740 0x0ea0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:34.0740 0x0ea0 LanmanWorkstation - ok
12:38:34.0771 0x0ea0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:38:34.0771 0x0ea0 lltdio - ok
12:38:34.0818 0x0ea0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:38:34.0818 0x0ea0 lltdsvc - ok
12:38:34.0849 0x0ea0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:38:34.0849 0x0ea0 lmhosts - ok
12:38:34.0849 0x0ea0 LMIGuardianSvc - ok
12:38:34.0896 0x0ea0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:38:34.0896 0x0ea0 LSI_FC - ok
12:38:34.0896 0x0ea0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:38:34.0911 0x0ea0 LSI_SAS - ok
12:38:34.0911 0x0ea0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:38:34.0911 0x0ea0 LSI_SAS2 - ok
12:38:34.0927 0x0ea0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:38:34.0927 0x0ea0 LSI_SCSI - ok
12:38:34.0943 0x0ea0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:38:34.0958 0x0ea0 luafv - ok
12:38:34.0989 0x0ea0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:38:34.0989 0x0ea0 Mcx2Svc - ok
12:38:35.0005 0x0ea0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:38:35.0021 0x0ea0 megasas - ok
12:38:35.0052 0x0ea0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:38:35.0067 0x0ea0 MegaSR - ok
12:38:35.0083 0x0ea0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:38:35.0083 0x0ea0 MMCSS - ok
12:38:35.0114 0x0ea0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:38:35.0114 0x0ea0 Modem - ok
12:38:35.0145 0x0ea0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:38:35.0145 0x0ea0 monitor - ok
12:38:35.0161 0x0ea0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:38:35.0161 0x0ea0 mouclass - ok
12:38:35.0177 0x0ea0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:38:35.0177 0x0ea0 mouhid - ok
12:38:35.0223 0x0ea0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:38:35.0223 0x0ea0 mountmgr - ok
12:38:35.0270 0x0ea0 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:35.0270 0x0ea0 MozillaMaintenance - ok
12:38:35.0317 0x0ea0 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:38:35.0317 0x0ea0 MpFilter - ok
12:38:35.0348 0x0ea0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:38:35.0364 0x0ea0 mpio - ok
12:38:35.0411 0x0ea0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:38:35.0411 0x0ea0 mpsdrv - ok
12:38:35.0520 0x0ea0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:38:35.0535 0x0ea0 MpsSvc - ok
12:38:35.0582 0x0ea0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:38:35.0598 0x0ea0 MRxDAV - ok
12:38:35.0645 0x0ea0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:35.0660 0x0ea0 mrxsmb - ok
12:38:35.0676 0x0ea0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:35.0691 0x0ea0 mrxsmb10 - ok
12:38:35.0723 0x0ea0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:35.0723 0x0ea0 mrxsmb20 - ok
12:38:35.0754 0x0ea0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:38:35.0754 0x0ea0 msahci - ok
12:38:35.0801 0x0ea0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:38:35.0801 0x0ea0 msdsm - ok
12:38:35.0847 0x0ea0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:38:35.0863 0x0ea0 MSDTC - ok
12:38:35.0925 0x0ea0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:38:35.0925 0x0ea0 Msfs - ok
12:38:35.0941 0x0ea0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:38:35.0941 0x0ea0 mshidkmdf - ok
12:38:35.0988 0x0ea0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:38:35.0988 0x0ea0 msisadrv - ok
12:38:36.0050 0x0ea0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:38:36.0050 0x0ea0 MSiSCSI - ok
12:38:36.0066 0x0ea0 msiserver - ok
12:38:36.0097 0x0ea0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:38:36.0097 0x0ea0 MSKSSRV - ok
12:38:36.0159 0x0ea0 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:38:36.0159 0x0ea0 MsMpSvc - ok
12:38:36.0191 0x0ea0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:36.0191 0x0ea0 MSPCLOCK - ok
12:38:36.0206 0x0ea0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:38:36.0206 0x0ea0 MSPQM - ok
12:38:36.0269 0x0ea0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:38:36.0300 0x0ea0 MsRPC - ok
12:38:36.0331 0x0ea0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:38:36.0347 0x0ea0 mssmbios - ok
12:38:36.0362 0x0ea0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:38:36.0362 0x0ea0 MSTEE - ok
12:38:36.0378 0x0ea0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:38:36.0378 0x0ea0 MTConfig - ok
12:38:36.0409 0x0ea0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:38:36.0409 0x0ea0 Mup - ok
12:38:36.0440 0x0ea0 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:38:36.0456 0x0ea0 mwlPSDFilter - ok
12:38:36.0456 0x0ea0 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:38:36.0456 0x0ea0 mwlPSDNServ - ok
12:38:36.0487 0x0ea0 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:38:36.0487 0x0ea0 mwlPSDVDisk - ok
12:38:36.0534 0x0ea0 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
12:38:36.0534 0x0ea0 MWLService - ok
12:38:36.0596 0x0ea0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:38:36.0612 0x0ea0 napagent - ok
12:38:36.0659 0x0ea0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:38:36.0659 0x0ea0 NativeWifiP - ok
12:38:36.0737 0x0ea0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:38:36.0783 0x0ea0 NDIS - ok
12:38:36.0815 0x0ea0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:36.0815 0x0ea0 NdisCap - ok
12:38:36.0830 0x0ea0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:36.0830 0x0ea0 NdisTapi - ok
12:38:36.0861 0x0ea0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:36.0861 0x0ea0 Ndisuio - ok
12:38:36.0908 0x0ea0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:36.0924 0x0ea0 NdisWan - ok
12:38:36.0955 0x0ea0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:38:36.0955 0x0ea0 NDProxy - ok
12:38:37.0002 0x0ea0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:38:37.0002 0x0ea0 NetBIOS - ok
12:38:37.0064 0x0ea0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:38:37.0080 0x0ea0 NetBT - ok
12:38:37.0095 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:38:37.0095 0x0ea0 Netlogon - ok
12:38:37.0142 0x0ea0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:38:37.0158 0x0ea0 Netman - ok
12:38:37.0205 0x0ea0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:37.0220 0x0ea0 NetMsmqActivator - ok
12:38:37.0236 0x0ea0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:37.0236 0x0ea0 NetPipeActivator - ok
12:38:37.0283 0x0ea0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:38:37.0283 0x0ea0 netprofm - ok
12:38:37.0298 0x0ea0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:37.0314 0x0ea0 NetTcpActivator - ok
12:38:37.0314 0x0ea0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:37.0329 0x0ea0 NetTcpPortSharing - ok
12:38:37.0345 0x0ea0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:38:37.0361 0x0ea0 nfrd960 - ok
12:38:37.0423 0x0ea0 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:38:37.0423 0x0ea0 NisDrv - ok
12:38:37.0485 0x0ea0 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
12:38:37.0517 0x0ea0 NisSrv - ok
12:38:37.0563 0x0ea0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:38:37.0563 0x0ea0 NlaSvc - ok
12:38:37.0595 0x0ea0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:38:37.0595 0x0ea0 Npfs - ok
12:38:37.0626 0x0ea0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:38:37.0626 0x0ea0 nsi - ok
12:38:37.0641 0x0ea0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:38:37.0641 0x0ea0 nsiproxy - ok
12:38:37.0766 0x0ea0 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:38:37.0797 0x0ea0 Ntfs - ok
12:38:37.0891 0x0ea0 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:38:37.0907 0x0ea0 NTI IScheduleSvc - ok
12:38:37.0938 0x0ea0 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:38:37.0938 0x0ea0 NTIDrvr - ok
12:38:37.0953 0x0ea0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:38:37.0953 0x0ea0 Null - ok
12:38:38.0000 0x0ea0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:38:38.0016 0x0ea0 nvraid - ok
12:38:38.0047 0x0ea0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:38:38.0047 0x0ea0 nvstor - ok
12:38:38.0094 0x0ea0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:38:38.0109 0x0ea0 nv_agp - ok
12:38:38.0109 0x0ea0 obpedscx - ok
12:38:38.0234 0x0ea0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:38:38.0250 0x0ea0 odserv - ok
12:38:38.0281 0x0ea0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:38:38.0281 0x0ea0 ohci1394 - ok
12:38:38.0343 0x0ea0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:38.0343 0x0ea0 ose - ok
12:38:38.0406 0x0ea0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:38:38.0421 0x0ea0 p2pimsvc - ok
12:38:38.0453 0x0ea0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:38:38.0484 0x0ea0 p2psvc - ok
12:38:38.0531 0x0ea0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:38:38.0531 0x0ea0 Parport - ok
12:38:38.0562 0x0ea0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:38:38.0562 0x0ea0 partmgr - ok
12:38:38.0609 0x0ea0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:38:38.0624 0x0ea0 PcaSvc - ok
12:38:38.0687 0x0ea0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:38:38.0702 0x0ea0 pci - ok
12:38:38.0718 0x0ea0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:38:38.0733 0x0ea0 pciide - ok
12:38:38.0765 0x0ea0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:38:38.0780 0x0ea0 pcmcia - ok
12:38:38.0796 0x0ea0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:38:38.0796 0x0ea0 pcw - ok
12:38:38.0843 0x0ea0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:38:38.0858 0x0ea0 PEAUTH - ok
12:38:38.0936 0x0ea0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:38:38.0936 0x0ea0 PerfHost - ok
12:38:39.0061 0x0ea0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:38:39.0092 0x0ea0 pla - ok
12:38:39.0155 0x0ea0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:38:39.0170 0x0ea0 PlugPlay - ok
12:38:39.0201 0x0ea0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:38:39.0217 0x0ea0 PNRPAutoReg - ok
12:38:39.0248 0x0ea0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:38:39.0264 0x0ea0 PNRPsvc - ok
12:38:39.0311 0x0ea0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:38:39.0326 0x0ea0 PolicyAgent - ok
12:38:39.0373 0x0ea0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:38:39.0389 0x0ea0 Power - ok
12:38:39.0435 0x0ea0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:38:39.0435 0x0ea0 PptpMiniport - ok
12:38:39.0498 0x0ea0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:38:39.0498 0x0ea0 Processor - ok
12:38:39.0545 0x0ea0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:38:39.0560 0x0ea0 ProfSvc - ok
12:38:39.0576 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:39.0591 0x0ea0 ProtectedStorage - ok
12:38:39.0623 0x0ea0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:38:39.0638 0x0ea0 Psched - ok
12:38:39.0732 0x0ea0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:38:39.0779 0x0ea0 ql2300 - ok
12:38:39.0794 0x0ea0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:38:39.0794 0x0ea0 ql40xx - ok
12:38:39.0857 0x0ea0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:38:39.0872 0x0ea0 QWAVE - ok
12:38:39.0903 0x0ea0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:38:39.0903 0x0ea0 QWAVEdrv - ok
12:38:39.0919 0x0ea0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:38:39.0919 0x0ea0 RasAcd - ok
12:38:39.0950 0x0ea0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:39.0950 0x0ea0 RasAgileVpn - ok
12:38:39.0981 0x0ea0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:38:39.0981 0x0ea0 RasAuto - ok
12:38:40.0013 0x0ea0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:40.0028 0x0ea0 Rasl2tp - ok
12:38:40.0075 0x0ea0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:38:40.0091 0x0ea0 RasMan - ok
12:38:40.0122 0x0ea0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:40.0122 0x0ea0 RasPppoe - ok
12:38:40.0153 0x0ea0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:38:40.0153 0x0ea0 RasSstp - ok
12:38:40.0200 0x0ea0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:38:40.0215 0x0ea0 rdbss - ok
12:38:40.0231 0x0ea0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:38:40.0231 0x0ea0 rdpbus - ok
12:38:40.0262 0x0ea0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:40.0262 0x0ea0 RDPCDD - ok
12:38:40.0278 0x0ea0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:38:40.0278 0x0ea0 RDPENCDD - ok
12:38:40.0293 0x0ea0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:38:40.0293 0x0ea0 RDPREFMP - ok
12:38:40.0356 0x0ea0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:38:40.0371 0x0ea0 RDPWD - ok
12:38:40.0418 0x0ea0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:38:40.0418 0x0ea0 rdyboost - ok
12:38:40.0465 0x0ea0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:38:40.0465 0x0ea0 RemoteAccess - ok
12:38:40.0512 0x0ea0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:38:40.0512 0x0ea0 RemoteRegistry - ok
12:38:40.0543 0x0ea0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:38:40.0559 0x0ea0 RpcEptMapper - ok
12:38:40.0574 0x0ea0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:38:40.0574 0x0ea0 RpcLocator - ok
12:38:40.0621 0x0ea0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:38:40.0652 0x0ea0 RpcSs - ok
12:38:40.0699 0x0ea0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:38:40.0699 0x0ea0 rspndr - ok
12:38:40.0746 0x0ea0 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:38:40.0761 0x0ea0 RSUSBSTOR - ok
12:38:40.0808 0x0ea0 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:38:40.0808 0x0ea0 RTHDMIAzAudService - ok
12:38:40.0839 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:38:40.0839 0x0ea0 SamSs - ok
12:38:40.0871 0x0ea0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:38:40.0886 0x0ea0 sbp2port - ok
12:38:40.0933 0x0ea0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:38:40.0949 0x0ea0 SCardSvr - ok
12:38:40.0980 0x0ea0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:38:40.0995 0x0ea0 scfilter - ok
12:38:41.0073 0x0ea0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:38:41.0105 0x0ea0 Schedule - ok
12:38:41.0136 0x0ea0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:38:41.0151 0x0ea0 SCPolicySvc - ok
12:38:41.0198 0x0ea0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:38:41.0214 0x0ea0 SDRSVC - ok
12:38:41.0229 0x0ea0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:38:41.0229 0x0ea0 secdrv - ok
12:38:41.0261 0x0ea0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:38:41.0276 0x0ea0 seclogon - ok
12:38:41.0307 0x0ea0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:38:41.0307 0x0ea0 SENS - ok
12:38:41.0323 0x0ea0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:38:41.0339 0x0ea0 SensrSvc - ok
12:38:41.0354 0x0ea0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:38:41.0354 0x0ea0 Serenum - ok
12:38:41.0370 0x0ea0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:38:41.0370 0x0ea0 Serial - ok
12:38:41.0417 0x0ea0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:38:41.0432 0x0ea0 sermouse - ok
12:38:41.0479 0x0ea0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:38:41.0495 0x0ea0 SessionEnv - ok
12:38:41.0510 0x0ea0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:38:41.0510 0x0ea0 sffdisk - ok
12:38:41.0526 0x0ea0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:38:41.0526 0x0ea0 sffp_mmc - ok
12:38:41.0557 0x0ea0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:38:41.0557 0x0ea0 sffp_sd - ok
12:38:41.0588 0x0ea0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:41.0588 0x0ea0 sfloppy - ok
12:38:41.0651 0x0ea0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:38:41.0682 0x0ea0 SharedAccess - ok
12:38:41.0744 0x0ea0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:41.0760 0x0ea0 ShellHWDetection - ok
12:38:41.0775 0x0ea0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:41.0775 0x0ea0 SiSRaid2 - ok
12:38:41.0791 0x0ea0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:41.0807 0x0ea0 SiSRaid4 - ok
12:38:41.0853 0x0ea0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:41.0869 0x0ea0 SkypeUpdate - ok
12:38:41.0916 0x0ea0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:38:41.0931 0x0ea0 Smb - ok
12:38:41.0963 0x0ea0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:38:41.0963 0x0ea0 SNMPTRAP - ok
12:38:41.0978 0x0ea0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:38:41.0994 0x0ea0 spldr - ok
12:38:42.0056 0x0ea0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:38:42.0072 0x0ea0 Spooler - ok
12:38:42.0243 0x0ea0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:38:42.0353 0x0ea0 sppsvc - ok
12:38:42.0415 0x0ea0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:38:42.0431 0x0ea0 sppuinotify - ok
12:38:42.0493 0x0ea0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:38:42.0509 0x0ea0 srv - ok
12:38:42.0540 0x0ea0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:38:42.0555 0x0ea0 srv2 - ok
12:38:42.0587 0x0ea0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:38:42.0587 0x0ea0 srvnet - ok
12:38:42.0618 0x0ea0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:38:42.0633 0x0ea0 SSDPSRV - ok
12:38:42.0649 0x0ea0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:38:42.0649 0x0ea0 SstpSvc - ok
12:38:42.0696 0x0ea0 [ C3D855CC0A8E5E373FDFCF4F743C5C9D, 8DFDD2470DCCC63FCF1621B6B3A996285C75EE330BE8AC905B2176E5DE52C150 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:38:42.0711 0x0ea0 Steam Client Service - ok
12:38:42.0743 0x0ea0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:38:42.0743 0x0ea0 stexstor - ok
12:38:42.0805 0x0ea0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:38:42.0821 0x0ea0 stisvc - ok
12:38:42.0852 0x0ea0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:38:42.0867 0x0ea0 swenum - ok
12:38:42.0930 0x0ea0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:38:42.0961 0x0ea0 swprv - ok
12:38:43.0008 0x0ea0 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:38:43.0039 0x0ea0 SynTP - ok
12:38:43.0117 0x0ea0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:38:43.0164 0x0ea0 SysMain - ok
12:38:43.0211 0x0ea0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:43.0211 0x0ea0 TabletInputService - ok
12:38:43.0257 0x0ea0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:38:43.0257 0x0ea0 TapiSrv - ok
12:38:43.0304 0x0ea0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:38:43.0304 0x0ea0 TBS - ok
12:38:43.0460 0x0ea0 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:38:43.0523 0x0ea0 Tcpip - ok
12:38:43.0601 0x0ea0 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:38:43.0647 0x0ea0 TCPIP6 - ok
12:38:43.0710 0x0ea0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:38:43.0710 0x0ea0 tcpipreg - ok
12:38:43.0741 0x0ea0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:38:43.0741 0x0ea0 TDPIPE - ok
12:38:43.0772 0x0ea0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:38:43.0772 0x0ea0 TDTCP - ok
12:38:43.0803 0x0ea0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:38:43.0819 0x0ea0 tdx - ok
12:38:43.0850 0x0ea0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:38:43.0850 0x0ea0 TermDD - ok
12:38:43.0928 0x0ea0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:38:43.0959 0x0ea0 TermService - ok
12:38:44.0006 0x0ea0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:38:44.0022 0x0ea0 Themes - ok
12:38:44.0037 0x0ea0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:38:44.0053 0x0ea0 THREADORDER - ok
12:38:44.0069 0x0ea0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:38:44.0084 0x0ea0 TrkWks - ok
12:38:44.0147 0x0ea0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:44.0162 0x0ea0 TrustedInstaller - ok
12:38:44.0209 0x0ea0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:44.0209 0x0ea0 tssecsrv - ok
12:38:44.0256 0x0ea0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:38:44.0256 0x0ea0 TsUsbFlt - ok
12:38:44.0303 0x0ea0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:38:44.0318 0x0ea0 tunnel - ok
12:38:44.0349 0x0ea0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:38:44.0349 0x0ea0 uagp35 - ok
12:38:44.0365 0x0ea0 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:38:44.0381 0x0ea0 UBHelper - ok
12:38:44.0443 0x0ea0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:38:44.0443 0x0ea0 udfs - ok
12:38:44.0490 0x0ea0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:38:44.0490 0x0ea0 UI0Detect - ok
12:38:44.0521 0x0ea0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:38:44.0537 0x0ea0 uliagpkx - ok
12:38:44.0583 0x0ea0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:38:44.0583 0x0ea0 umbus - ok
12:38:44.0615 0x0ea0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:38:44.0615 0x0ea0 UmPass - ok
12:38:44.0677 0x0ea0 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:38:44.0693 0x0ea0 Updater Service - ok
12:38:44.0755 0x0ea0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:38:44.0771 0x0ea0 upnphost - ok
12:38:44.0817 0x0ea0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:38:44.0817 0x0ea0 usbaudio - ok
12:38:44.0864 0x0ea0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:44.0880 0x0ea0 usbccgp - ok
12:38:44.0911 0x0ea0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:38:44.0911 0x0ea0 usbcir - ok
12:38:44.0958 0x0ea0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:38:44.0958 0x0ea0 usbehci - ok
12:38:45.0020 0x0ea0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:38:45.0036 0x0ea0 usbhub - ok
12:38:45.0067 0x0ea0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:38:45.0067 0x0ea0 usbohci - ok
12:38:45.0114 0x0ea0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:38:45.0114 0x0ea0 usbprint - ok
12:38:45.0161 0x0ea0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:45.0161 0x0ea0 USBSTOR - ok
12:38:45.0192 0x0ea0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:38:45.0192 0x0ea0 usbuhci - ok
12:38:45.0239 0x0ea0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:38:45.0254 0x0ea0 usbvideo - ok
12:38:45.0270 0x0ea0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:38:45.0285 0x0ea0 UxSms - ok
12:38:45.0301 0x0ea0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:38:45.0301 0x0ea0 VaultSvc - ok
12:38:45.0348 0x0ea0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:38:45.0348 0x0ea0 vdrvroot - ok
12:38:45.0457 0x0ea0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:38:45.0473 0x0ea0 vds - ok
12:38:45.0519 0x0ea0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:45.0519 0x0ea0 vga - ok
12:38:45.0551 0x0ea0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:38:45.0551 0x0ea0 VgaSave - ok
12:38:45.0597 0x0ea0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:38:45.0613 0x0ea0 vhdmp - ok
12:38:45.0660 0x0ea0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:38:45.0660 0x0ea0 viaide - ok
12:38:45.0675 0x0ea0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:38:45.0691 0x0ea0 volmgr - ok
12:38:45.0753 0x0ea0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:38:45.0769 0x0ea0 volmgrx - ok
12:38:45.0800 0x0ea0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:38:45.0800 0x0ea0 volsnap - ok
12:38:45.0831 0x0ea0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:45.0847 0x0ea0 vsmraid - ok
12:38:45.0956 0x0ea0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:38:45.0987 0x0ea0 VSS - ok
12:38:46.0019 0x0ea0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:46.0019 0x0ea0 vwifibus - ok
12:38:46.0034 0x0ea0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:46.0034 0x0ea0 vwififlt - ok
12:38:46.0097 0x0ea0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:38:46.0128 0x0ea0 W32Time - ok
12:38:46.0159 0x0ea0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:38:46.0159 0x0ea0 WacomPen - ok
12:38:46.0190 0x0ea0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:38:46.0190 0x0ea0 WANARP - ok
12:38:46.0190 0x0ea0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:38:46.0206 0x0ea0 Wanarpv6 - ok
12:38:46.0331 0x0ea0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:38:46.0393 0x0ea0 WatAdminSvc - ok
12:38:46.0580 0x0ea0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:38:46.0611 0x0ea0 wbengine - ok
12:38:46.0658 0x0ea0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:38:46.0674 0x0ea0 WbioSrvc - ok
12:38:46.0721 0x0ea0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:38:46.0736 0x0ea0 wcncsvc - ok
12:38:46.0752 0x0ea0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:46.0752 0x0ea0 WcsPlugInService - ok
12:38:46.0783 0x0ea0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:38:46.0783 0x0ea0 Wd - ok
12:38:46.0845 0x0ea0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:38:46.0861 0x0ea0 Wdf01000 - ok
12:38:46.0908 0x0ea0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:38:46.0923 0x0ea0 WdiServiceHost - ok
12:38:46.0939 0x0ea0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:38:46.0939 0x0ea0 WdiSystemHost - ok
12:38:46.0986 0x0ea0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:38:47.0001 0x0ea0 WebClient - ok
12:38:47.0033 0x0ea0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:38:47.0033 0x0ea0 Wecsvc - ok
12:38:47.0079 0x0ea0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:38:47.0079 0x0ea0 wercplsupport - ok
12:38:47.0095 0x0ea0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:38:47.0095 0x0ea0 WerSvc - ok
12:38:47.0126 0x0ea0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:47.0126 0x0ea0 WfpLwf - ok
12:38:47.0157 0x0ea0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:38:47.0157 0x0ea0 WIMMount - ok
12:38:47.0173 0x0ea0 WinDefend - ok
12:38:47.0189 0x0ea0 WinHttpAutoProxySvc - ok
12:38:47.0267 0x0ea0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:38:47.0282 0x0ea0 Winmgmt - ok
12:38:47.0407 0x0ea0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:38:47.0485 0x0ea0 WinRM - ok
12:38:47.0579 0x0ea0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:47.0579 0x0ea0 WinUsb - ok
12:38:47.0688 0x0ea0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:38:47.0703 0x0ea0 Wlansvc - ok
12:38:47.0875 0x0ea0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:47.0937 0x0ea0 wlidsvc - ok
12:38:47.0984 0x0ea0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:38:47.0984 0x0ea0 WmiAcpi - ok
12:38:48.0031 0x0ea0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:38:48.0047 0x0ea0 wmiApSrv - ok
12:38:48.0078 0x0ea0 WMPNetworkSvc - ok
12:38:48.0109 0x0ea0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:38:48.0125 0x0ea0 WPCSvc - ok
12:38:48.0156 0x0ea0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:38:48.0171 0x0ea0 WPDBusEnum - ok
12:38:48.0203 0x0ea0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:38:48.0203 0x0ea0 ws2ifsl - ok
12:38:48.0234 0x0ea0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:38:48.0234 0x0ea0 wscsvc - ok
12:38:48.0234 0x0ea0 WSearch - ok
12:38:48.0405 0x0ea0 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:38:48.0515 0x0ea0 wuauserv - ok
12:38:48.0577 0x0ea0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:38:48.0593 0x0ea0 WudfPf - ok
12:38:48.0624 0x0ea0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:48.0639 0x0ea0 WUDFRd - ok
12:38:48.0671 0x0ea0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:38:48.0671 0x0ea0 wudfsvc - ok
12:38:48.0733 0x0ea0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:38:48.0749 0x0ea0 WwanSvc - ok
12:38:48.0764 0x0ea0 ================ Scan global ===============================
12:38:48.0811 0x0ea0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:48.0858 0x0ea0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:48.0889 0x0ea0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:48.0920 0x0ea0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:48.0967 0x0ea0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:48.0983 0x0ea0 [ Global ] - ok
12:38:48.0983 0x0ea0 ================ Scan MBR ==================================
12:38:48.0998 0x0ea0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:49.0497 0x0ea0 \Device\Harddisk0\DR0 - ok
12:38:49.0497 0x0ea0 ================ Scan VBR ==================================
12:38:49.0513 0x0ea0 [ E37277CA43758313B81E90E86B850A72 ] \Device\Harddisk0\DR0\Partition1
12:38:49.0591 0x0ea0 \Device\Harddisk0\DR0\Partition1 - ok
12:38:49.0591 0x0ea0 [ 5CEE1D84F9F64EB58772E1615BA28FC6 ] \Device\Harddisk0\DR0\Partition2
12:38:49.0591 0x0ea0 \Device\Harddisk0\DR0\Partition2 - ok
12:38:49.0622 0x0ea0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
12:38:49.0622 0x0ea0 Win FW state via NFP2: enabled
12:38:52.0477 0x0ea0 ============================================================
12:38:52.0477 0x0ea0 Scan finished
12:38:52.0477 0x0ea0 ============================================================
12:38:52.0493 0x0d7c Detected object count: 0
12:38:52.0493 0x0d7c Actual detected object count: 0
12:41:10.0303 0x1098 ============================================================
12:41:10.0303 0x1098 Scan started
12:41:10.0303 0x1098 Mode: Manual;
12:41:10.0303 0x1098 ============================================================
12:41:10.0303 0x1098 KSN ping started
12:41:14.0812 0x1098 KSN ping finished: true
12:41:15.0170 0x1098 ================ Scan system memory ========================
12:41:15.0170 0x1098 System memory - ok
12:41:15.0170 0x1098 ================ Scan services =============================
12:41:15.0358 0x1098 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:41:15.0373 0x1098 1394ohci - ok
12:41:15.0436 0x1098 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:41:15.0436 0x1098 ACPI - ok
12:41:15.0467 0x1098 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:41:15.0467 0x1098 AcpiPmi - ok
12:41:15.0545 0x1098 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:41:15.0545 0x1098 AdobeARMservice - ok
12:41:15.0670 0x1098 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:41:15.0685 0x1098 AdobeFlashPlayerUpdateSvc - ok
12:41:15.0732 0x1098 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:41:15.0763 0x1098 adp94xx - ok
12:41:15.0794 0x1098 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:41:15.0810 0x1098 adpahci - ok
12:41:15.0826 0x1098 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:41:15.0826 0x1098 adpu320 - ok
12:41:15.0872 0x1098 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:41:15.0872 0x1098 AeLookupSvc - ok
12:41:15.0935 0x1098 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:41:15.0966 0x1098 AFD - ok
12:41:16.0013 0x1098 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:41:16.0013 0x1098 agp440 - ok
12:41:16.0060 0x1098 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:41:16.0060 0x1098 ALG - ok
12:41:16.0091 0x1098 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:41:16.0106 0x1098 aliide - ok
12:41:16.0138 0x1098 [ 671D9DCA48DA807780D8409C18ED0AE0, 0502328A9334EF9703547619EC3CB2532AAE33460AD85EFEBD461899C602A7AA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:41:16.0153 0x1098 AMD External Events Utility - ok
12:41:16.0184 0x1098 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:41:16.0184 0x1098 amdide - ok
12:41:16.0216 0x1098 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:41:16.0216 0x1098 AmdK8 - ok
12:41:16.0512 0x1098 [ D3E6B2E1394D93FE9DB0BA24814B0D8F, C4B00C280B562E4DD4F1DF56CFBFCFB486224006585A71B0827BF271AE163DD6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
12:41:16.0684 0x1098 amdkmdag - ok
12:41:16.0746 0x1098 [ CC4D915D786D3DA973B2EA9B95D59A29, 8089D5CB60A26784EB164D49A7EF907D7053D614F04B50C9A9672605FFA16164 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:41:16.0762 0x1098 amdkmdap - ok
12:41:16.0777 0x1098 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:41:16.0777 0x1098 AmdPPM - ok
12:41:16.0808 0x1098 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:41:16.0808 0x1098 amdsata - ok
12:41:16.0840 0x1098 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:41:16.0855 0x1098 amdsbs - ok
12:41:16.0871 0x1098 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:41:16.0871 0x1098 amdxata - ok
12:41:16.0902 0x1098 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:41:16.0902 0x1098 AppID - ok
12:41:16.0949 0x1098 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:41:16.0949 0x1098 AppIDSvc - ok
12:41:16.0980 0x1098 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:41:16.0996 0x1098 Appinfo - ok
12:41:17.0027 0x1098 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:41:17.0027 0x1098 arc - ok
12:41:17.0058 0x1098 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:41:17.0058 0x1098 arcsas - ok
12:41:17.0167 0x1098 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:41:17.0183 0x1098 aspnet_state - ok
12:41:17.0214 0x1098 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:41:17.0214 0x1098 AsyncMac - ok
12:41:17.0245 0x1098 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:41:17.0245 0x1098 atapi - ok
12:41:17.0370 0x1098 [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:41:17.0432 0x1098 athr - ok
12:41:17.0448 0x1098 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:41:17.0448 0x1098 AtiPcie - ok
12:41:17.0510 0x1098 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:41:17.0526 0x1098 AudioEndpointBuilder - ok
12:41:17.0557 0x1098 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:41:17.0573 0x1098 AudioSrv - ok
12:41:17.0604 0x1098 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:41:17.0620 0x1098 AxInstSV - ok
12:41:17.0682 0x1098 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:41:17.0698 0x1098 b06bdrv - ok
12:41:17.0729 0x1098 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:41:17.0729 0x1098 b57nd60a - ok
12:41:17.0791 0x1098 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:41:17.0791 0x1098 BDESVC - ok
12:41:17.0822 0x1098 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:41:17.0822 0x1098 Beep - ok
12:41:17.0900 0x1098 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:41:17.0916 0x1098 BFE - ok
12:41:17.0994 0x1098 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:41:18.0025 0x1098 BITS - ok
12:41:18.0041 0x1098 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:41:18.0041 0x1098 blbdrive - ok
12:41:18.0103 0x1098 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:41:18.0103 0x1098 bowser - ok
12:41:18.0150 0x1098 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:41:18.0150 0x1098 BrFiltLo - ok
12:41:18.0150 0x1098 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:41:18.0150 0x1098 BrFiltUp - ok
12:41:18.0197 0x1098 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:41:18.0212 0x1098 Browser - ok
12:41:18.0228 0x1098 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:41:18.0228 0x1098 Brserid - ok
12:41:18.0244 0x1098 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:41:18.0244 0x1098 BrSerWdm - ok
12:41:18.0244 0x1098 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:41:18.0244 0x1098 BrUsbMdm - ok
12:41:18.0259 0x1098 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:41:18.0259 0x1098 BrUsbSer - ok
12:41:18.0259 0x1098 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:41:18.0275 0x1098 BTHMODEM - ok
12:41:18.0290 0x1098 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:41:18.0290 0x1098 bthserv - ok
12:41:18.0306 0x1098 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:41:18.0322 0x1098 cdfs - ok
12:41:18.0353 0x1098 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:41:18.0368 0x1098 cdrom - ok
12:41:18.0415 0x1098 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:41:18.0415 0x1098 CertPropSvc - ok
12:41:18.0446 0x1098 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:41:18.0462 0x1098 circlass - ok
12:41:18.0493 0x1098 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:41:18.0493 0x1098 CLFS - ok
12:41:18.0571 0x1098 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:41:18.0587 0x1098 clr_optimization_v2.0.50727_32 - ok
12:41:18.0634 0x1098 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:41:18.0634 0x1098 clr_optimization_v2.0.50727_64 - ok
12:41:18.0712 0x1098 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:18.0712 0x1098 clr_optimization_v4.0.30319_32 - ok
12:41:18.0743 0x1098 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:41:18.0743 0x1098 clr_optimization_v4.0.30319_64 - ok
12:41:18.0758 0x1098 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:41:18.0758 0x1098 CmBatt - ok
12:41:18.0790 0x1098 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:41:18.0790 0x1098 cmdide - ok
12:41:18.0836 0x1098 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:41:18.0852 0x1098 CNG - ok
12:41:18.0883 0x1098 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:41:18.0883 0x1098 Compbatt - ok
12:41:18.0930 0x1098 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:41:18.0930 0x1098 CompositeBus - ok
12:41:18.0946 0x1098 COMSysApp - ok
12:41:18.0961 0x1098 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:41:18.0961 0x1098 crcdisk - ok
12:41:19.0008 0x1098 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:41:19.0008 0x1098 CryptSvc - ok
12:41:19.0070 0x1098 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:41:19.0102 0x1098 DcomLaunch - ok
12:41:19.0164 0x1098 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:41:19.0180 0x1098 defragsvc - ok
12:41:19.0211 0x1098 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:41:19.0211 0x1098 DfsC - ok
12:41:19.0242 0x1098 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:41:19.0258 0x1098 Dhcp - ok
12:41:19.0273 0x1098 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:41:19.0289 0x1098 discache - ok
12:41:19.0304 0x1098 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:41:19.0304 0x1098 Disk - ok
12:41:19.0320 0x1098 dkab_device - ok
12:41:19.0351 0x1098 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:41:19.0351 0x1098 Dnscache - ok
12:41:19.0414 0x1098 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:41:19.0429 0x1098 dot3svc - ok
12:41:19.0476 0x1098 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:41:19.0476 0x1098 DPS - ok
12:41:19.0507 0x1098 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:41:19.0507 0x1098 drmkaud - ok
12:41:19.0585 0x1098 [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:41:19.0601 0x1098 DsiWMIService - ok
12:41:19.0694 0x1098 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:41:19.0726 0x1098 DXGKrnl - ok
12:41:19.0741 0x1098 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:41:19.0757 0x1098 EapHost - ok
12:41:19.0928 0x1098 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:41:20.0006 0x1098 ebdrv - ok
12:41:20.0084 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:41:20.0084 0x1098 EFS - ok
12:41:20.0194 0x1098 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:41:20.0225 0x1098 ehRecvr - ok
12:41:20.0272 0x1098 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:41:20.0272 0x1098 ehSched - ok
12:41:20.0334 0x1098 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:41:20.0365 0x1098 elxstor - ok
12:41:20.0490 0x1098 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:41:20.0521 0x1098 ePowerSvc - ok
12:41:20.0552 0x1098 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:41:20.0552 0x1098 ErrDev - ok
12:41:20.0615 0x1098 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:41:20.0630 0x1098 EventSystem - ok
12:41:20.0677 0x1098 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:41:20.0677 0x1098 exfat - ok
12:41:20.0708 0x1098 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:41:20.0708 0x1098 fastfat - ok
12:41:20.0786 0x1098 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:41:20.0833 0x1098 Fax - ok
12:41:20.0864 0x1098 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:41:20.0864 0x1098 fdc - ok
12:41:20.0896 0x1098 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:41:20.0911 0x1098 fdPHost - ok
12:41:20.0927 0x1098 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:41:20.0927 0x1098 FDResPub - ok
12:41:20.0958 0x1098 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:41:20.0958 0x1098 FileInfo - ok
12:41:20.0974 0x1098 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:41:20.0974 0x1098 Filetrace - ok
12:41:21.0052 0x1098 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:41:21.0083 0x1098 FLEXnet Licensing Service - ok
12:41:21.0098 0x1098 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:41:21.0098 0x1098 flpydisk - ok
12:41:21.0145 0x1098 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:41:21.0145 0x1098 FltMgr - ok
12:41:21.0223 0x1098 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:41:21.0254 0x1098 FontCache - ok
12:41:21.0317 0x1098 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:41:21.0317 0x1098 FontCache3.0.0.0 - ok
12:41:21.0364 0x1098 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:41:21.0364 0x1098 FsDepends - ok
12:41:21.0395 0x1098 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:41:21.0395 0x1098 Fs_Rec - ok
12:41:21.0442 0x1098 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:41:21.0457 0x1098 fvevol - ok
12:41:21.0488 0x1098 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:41:21.0504 0x1098 gagp30kx - ok
12:41:21.0551 0x1098 [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
12:41:21.0566 0x1098 GameConsoleService - ok
12:41:21.0660 0x1098 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:41:21.0691 0x1098 gpsvc - ok
12:41:21.0738 0x1098 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:41:21.0738 0x1098 GREGService - ok
12:41:21.0769 0x1098 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:41:21.0769 0x1098 hamachi - ok
12:41:21.0800 0x1098 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:41:21.0800 0x1098 hcw85cir - ok
12:41:21.0847 0x1098 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:41:21.0847 0x1098 HdAudAddService - ok
12:41:21.0894 0x1098 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:41:21.0894 0x1098 HDAudBus - ok
12:41:21.0910 0x1098 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:41:21.0910 0x1098 HidBatt - ok
12:41:21.0910 0x1098 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:41:21.0925 0x1098 HidBth - ok
12:41:21.0925 0x1098 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:41:21.0925 0x1098 HidIr - ok
12:41:21.0956 0x1098 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:41:21.0956 0x1098 hidserv - ok
12:41:22.0003 0x1098 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:41:22.0003 0x1098 HidUsb - ok
12:41:22.0034 0x1098 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:41:22.0050 0x1098 hkmsvc - ok
12:41:22.0097 0x1098 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:41:22.0112 0x1098 HomeGroupListener - ok
12:41:22.0144 0x1098 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:41:22.0159 0x1098 HomeGroupProvider - ok
12:41:22.0190 0x1098 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:41:22.0190 0x1098 HpSAMD - ok
12:41:22.0253 0x1098 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:41:22.0268 0x1098 HTTP - ok
12:41:22.0300 0x1098 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:41:22.0300 0x1098 hwpolicy - ok
12:41:22.0346 0x1098 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:41:22.0362 0x1098 i8042prt - ok
12:41:22.0456 0x1098 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:41:22.0487 0x1098 iaStorV - ok
12:41:22.0580 0x1098 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:41:22.0643 0x1098 idsvc - ok
12:41:22.0658 0x1098 IEEtwCollectorService - ok
12:41:22.0690 0x1098 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:41:22.0705 0x1098 iirsp - ok
12:41:22.0799 0x1098 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:41:22.0830 0x1098 IKEEXT - ok
12:41:22.0986 0x1098 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:41:23.0048 0x1098 IntcAzAudAddService - ok
12:41:23.0080 0x1098 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:41:23.0095 0x1098 intelide - ok
12:41:23.0126 0x1098 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:41:23.0126 0x1098 intelppm - ok
12:41:23.0173 0x1098 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:41:23.0173 0x1098 IPBusEnum - ok
12:41:23.0204 0x1098 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:41:23.0220 0x1098 IpFilterDriver - ok
12:41:23.0298 0x1098 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:41:23.0314 0x1098 iphlpsvc - ok
12:41:23.0360 0x1098 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:41:23.0376 0x1098 IPMIDRV - ok
12:41:23.0407 0x1098 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:41:23.0423 0x1098 IPNAT - ok
12:41:23.0438 0x1098 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:41:23.0438 0x1098 IRENUM - ok
12:41:23.0485 0x1098 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:41:23.0485 0x1098 isapnp - ok
12:41:23.0532 0x1098 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:41:23.0532 0x1098 iScsiPrt - ok
12:41:23.0594 0x1098 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:41:23.0610 0x1098 k57nd60a - ok
12:41:23.0626 0x1098 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:41:23.0626 0x1098 kbdclass - ok
12:41:23.0657 0x1098 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:41:23.0657 0x1098 kbdhid - ok
12:41:23.0672 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:41:23.0672 0x1098 KeyIso - ok
12:41:23.0704 0x1098 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:41:23.0704 0x1098 KSecDD - ok
12:41:23.0719 0x1098 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:41:23.0735 0x1098 KSecPkg - ok
12:41:23.0766 0x1098 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:41:23.0766 0x1098 ksthunk - ok
12:41:23.0813 0x1098 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:41:23.0844 0x1098 KtmRm - ok
12:41:23.0891 0x1098 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:41:23.0906 0x1098 LanmanServer - ok
12:41:23.0938 0x1098 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:41:23.0938 0x1098 LanmanWorkstation - ok
12:41:23.0953 0x1098 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:41:23.0953 0x1098 lltdio - ok
12:41:24.0016 0x1098 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:41:24.0031 0x1098 lltdsvc - ok
12:41:24.0047 0x1098 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:41:24.0047 0x1098 lmhosts - ok
12:41:24.0062 0x1098 LMIGuardianSvc - ok
12:41:24.0094 0x1098 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:41:24.0094 0x1098 LSI_FC - ok
12:41:24.0109 0x1098 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:41:24.0109 0x1098 LSI_SAS - ok
12:41:24.0125 0x1098 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:41:24.0125 0x1098 LSI_SAS2 - ok
12:41:24.0140 0x1098 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:41:24.0140 0x1098 LSI_SCSI - ok
12:41:24.0156 0x1098 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:41:24.0172 0x1098 luafv - ok
12:41:24.0203 0x1098 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:41:24.0203 0x1098 Mcx2Svc - ok
12:41:24.0218 0x1098 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:41:24.0234 0x1098 megasas - ok
12:41:24.0250 0x1098 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:41:24.0250 0x1098 MegaSR - ok
12:41:24.0281 0x1098 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:41:24.0281 0x1098 MMCSS - ok
12:41:24.0312 0x1098 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:41:24.0312 0x1098 Modem - ok
12:41:24.0328 0x1098 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:41:24.0328 0x1098 monitor - ok
12:41:24.0343 0x1098 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:41:24.0343 0x1098 mouclass - ok
12:41:24.0390 0x1098 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:41:24.0390 0x1098 mouhid - ok
12:41:24.0437 0x1098 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:41:24.0437 0x1098 mountmgr - ok
12:41:24.0484 0x1098 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:41:24.0499 0x1098 MozillaMaintenance - ok
12:41:24.0530 0x1098 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:41:24.0562 0x1098 MpFilter - ok
12:41:24.0593 0x1098 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:41:24.0608 0x1098 mpio - ok
12:41:24.0640 0x1098 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:41:24.0640 0x1098 mpsdrv - ok
12:41:24.0718 0x1098 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:41:24.0780 0x1098 MpsSvc - ok
12:41:24.0811 0x1098 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:41:24.0811 0x1098 MRxDAV - ok
12:41:24.0858 0x1098 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:41:24.0874 0x1098 mrxsmb - ok
12:41:24.0905 0x1098 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:41:24.0905 0x1098 mrxsmb10 - ok
12:41:24.0936 0x1098 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:41:24.0936 0x1098 mrxsmb20 - ok
12:41:24.0967 0x1098 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:41:24.0967 0x1098 msahci - ok
12:41:24.0998 0x1098 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:41:25.0014 0x1098 msdsm - ok
12:41:25.0061 0x1098 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:41:25.0076 0x1098 MSDTC - ok
12:41:25.0139 0x1098 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:41:25.0139 0x1098 Msfs - ok
12:41:25.0154 0x1098 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:41:25.0154 0x1098 mshidkmdf - ok
12:41:25.0201 0x1098 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:41:25.0201 0x1098 msisadrv - ok
12:41:25.0248 0x1098 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:41:25.0264 0x1098 MSiSCSI - ok
12:41:25.0279 0x1098 msiserver - ok
12:41:25.0295 0x1098 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:41:25.0295 0x1098 MSKSSRV - ok
12:41:25.0357 0x1098 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:41:25.0373 0x1098 MsMpSvc - ok
12:41:25.0388 0x1098 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:41:25.0388 0x1098 MSPCLOCK - ok
12:41:25.0404 0x1098 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:41:25.0420 0x1098 MSPQM - ok
12:41:25.0482 0x1098 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:41:25.0498 0x1098 MsRPC - ok
12:41:25.0529 0x1098 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:41:25.0529 0x1098 mssmbios - ok
12:41:25.0560 0x1098 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:41:25.0560 0x1098 MSTEE - ok
12:41:25.0576 0x1098 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:41:25.0576 0x1098 MTConfig - ok
12:41:25.0591 0x1098 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:41:25.0591 0x1098 Mup - ok
12:41:25.0622 0x1098 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:41:25.0622 0x1098 mwlPSDFilter - ok
12:41:25.0622 0x1098 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:41:25.0638 0x1098 mwlPSDNServ - ok
12:41:25.0654 0x1098 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:41:25.0654 0x1098 mwlPSDVDisk - ok
12:41:25.0716 0x1098 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
12:41:25.0716 0x1098 MWLService - ok
12:41:25.0778 0x1098 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:41:25.0794 0x1098 napagent - ok
12:41:25.0841 0x1098 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:41:25.0841 0x1098 NativeWifiP - ok
12:41:25.0934 0x1098 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:41:25.0966 0x1098 NDIS - ok
12:41:25.0997 0x1098 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:41:25.0997 0x1098 NdisCap - ok
12:41:26.0012 0x1098 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:41:26.0012 0x1098 NdisTapi - ok
12:41:26.0028 0x1098 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:41:26.0028 0x1098 Ndisuio - ok
12:41:26.0075 0x1098 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:41:26.0075 0x1098 NdisWan - ok
12:41:26.0122 0x1098 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:41:26.0122 0x1098 NDProxy - ok
12:41:26.0153 0x1098 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:41:26.0168 0x1098 NetBIOS - ok
12:41:26.0215 0x1098 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:41:26.0231 0x1098 NetBT - ok
12:41:26.0262 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:41:26.0262 0x1098 Netlogon - ok
12:41:26.0324 0x1098 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:41:26.0340 0x1098 Netman - ok
12:41:26.0418 0x1098 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:26.0434 0x1098 NetMsmqActivator - ok
12:41:26.0449 0x1098 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:26.0449 0x1098 NetPipeActivator - ok
12:41:26.0512 0x1098 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:41:26.0543 0x1098 netprofm - ok
12:41:26.0574 0x1098 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:26.0574 0x1098 NetTcpActivator - ok
12:41:26.0590 0x1098 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:26.0590 0x1098 NetTcpPortSharing - ok
12:41:26.0636 0x1098 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:41:26.0636 0x1098 nfrd960 - ok
12:41:26.0683 0x1098 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:41:26.0683 0x1098 NisDrv - ok
12:41:26.0746 0x1098 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
12:41:26.0746 0x1098 NisSrv - ok
12:41:26.0793 0x1098 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:41:26.0808 0x1098 NlaSvc - ok
12:41:26.0824 0x1098 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:41:26.0824 0x1098 Npfs - ok
12:41:26.0855 0x1098 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:41:26.0855 0x1098 nsi - ok
12:41:26.0871 0x1098 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:41:26.0871 0x1098 nsiproxy - ok
12:41:26.0995 0x1098 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:41:27.0058 0x1098 Ntfs - ok
12:41:27.0261 0x1098 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:41:27.0276 0x1098 NTI IScheduleSvc - ok
12:41:27.0307 0x1098 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:41:27.0307 0x1098 NTIDrvr - ok
12:41:27.0323 0x1098 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:41:27.0323 0x1098 Null - ok
12:41:27.0354 0x1098 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:41:27.0354 0x1098 nvraid - ok
12:41:27.0385 0x1098 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:41:27.0401 0x1098 nvstor - ok
12:41:27.0448 0x1098 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:41:27.0448 0x1098 nv_agp - ok
12:41:27.0463 0x1098 obpedscx - ok
12:41:27.0588 0x1098 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:41:27.0588 0x1098 odserv - ok
12:41:27.0619 0x1098 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:41:27.0619 0x1098 ohci1394 - ok
12:41:27.0666 0x1098 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:41:27.0682 0x1098 ose - ok
12:41:27.0729 0x1098 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:41:27.0744 0x1098 p2pimsvc - ok
12:41:27.0791 0x1098 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:41:27.0807 0x1098 p2psvc - ok
12:41:27.0853 0x1098 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:41:27.0853 0x1098 Parport - ok
12:41:27.0885 0x1098 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:41:27.0885 0x1098 partmgr - ok
12:41:27.0931 0x1098 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:41:27.0947 0x1098 PcaSvc - ok
12:41:28.0009 0x1098 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:41:28.0025 0x1098 pci - ok
12:41:28.0056 0x1098 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:41:28.0056 0x1098 pciide - ok
12:41:28.0119 0x1098 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:41:28.0134 0x1098 pcmcia - ok
12:41:28.0150 0x1098 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:41:28.0150 0x1098 pcw - ok
12:41:28.0197 0x1098 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:41:28.0228 0x1098 PEAUTH - ok
12:41:28.0321 0x1098 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:41:28.0321 0x1098 PerfHost - ok
12:41:28.0462 0x1098 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:41:28.0493 0x1098 pla - ok
12:41:28.0555 0x1098 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:41:28.0587 0x1098 PlugPlay - ok
12:41:28.0618 0x1098 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:41:28.0618 0x1098 PNRPAutoReg - ok
12:41:28.0665 0x1098 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:41:28.0665 0x1098 PNRPsvc - ok
12:41:28.0727 0x1098 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:41:28.0727 0x1098 PolicyAgent - ok
12:41:28.0774 0x1098 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:41:28.0774 0x1098 Power - ok
12:41:28.0805 0x1098 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:41:28.0805 0x1098 PptpMiniport - ok
12:41:28.0852 0x1098 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:41:28.0852 0x1098 Processor - ok
12:41:28.0899 0x1098 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:41:28.0914 0x1098 ProfSvc - ok
12:41:28.0930 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:41:28.0930 0x1098 ProtectedStorage - ok
12:41:28.0977 0x1098 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:41:28.0992 0x1098 Psched - ok
12:41:29.0086 0x1098 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:41:29.0117 0x1098 ql2300 - ok
12:41:29.0133 0x1098 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:41:29.0148 0x1098 ql40xx - ok
12:41:29.0195 0x1098 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:41:29.0195 0x1098 QWAVE - ok
12:41:29.0226 0x1098 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:41:29.0226 0x1098 QWAVEdrv - ok
12:41:29.0242 0x1098 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:41:29.0242 0x1098 RasAcd - ok
12:41:29.0273 0x1098 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:41:29.0273 0x1098 RasAgileVpn - ok
12:41:29.0304 0x1098 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:41:29.0304 0x1098 RasAuto - ok
12:41:29.0335 0x1098 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:41:29.0335 0x1098 Rasl2tp - ok
12:41:29.0382 0x1098 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:41:29.0398 0x1098 RasMan - ok
12:41:29.0429 0x1098 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:41:29.0429 0x1098 RasPppoe - ok
12:41:29.0476 0x1098 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:41:29.0476 0x1098 RasSstp - ok
12:41:29.0538 0x1098 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:41:29.0554 0x1098 rdbss - ok
12:41:29.0569 0x1098 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:41:29.0569 0x1098 rdpbus - ok
12:41:29.0585 0x1098 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:41:29.0601 0x1098 RDPCDD - ok
12:41:29.0601 0x1098 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:41:29.0601 0x1098 RDPENCDD - ok
12:41:29.0632 0x1098 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:41:29.0632 0x1098 RDPREFMP - ok
12:41:29.0679 0x1098 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:41:29.0694 0x1098 RDPWD - ok
12:41:29.0741 0x1098 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:41:29.0741 0x1098 rdyboost - ok
12:41:29.0772 0x1098 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:41:29.0788 0x1098 RemoteAccess - ok
12:41:29.0835 0x1098 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:41:29.0835 0x1098 RemoteRegistry - ok
12:41:29.0866 0x1098 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:41:29.0881 0x1098 RpcEptMapper - ok
12:41:29.0897 0x1098 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:41:29.0897 0x1098 RpcLocator - ok
12:41:29.0944 0x1098 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:41:29.0991 0x1098 RpcSs - ok
12:41:30.0022 0x1098 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:41:30.0022 0x1098 rspndr - ok
12:41:30.0084 0x1098 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:41:30.0100 0x1098 RSUSBSTOR - ok
12:41:30.0147 0x1098 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:41:30.0162 0x1098 RTHDMIAzAudService - ok
12:41:30.0178 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:41:30.0178 0x1098 SamSs - ok
12:41:30.0209 0x1098 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:41:30.0225 0x1098 sbp2port - ok
12:41:30.0271 0x1098 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:41:30.0287 0x1098 SCardSvr - ok
12:41:30.0318 0x1098 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:41:30.0318 0x1098 scfilter - ok
12:41:30.0427 0x1098 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:41:30.0443 0x1098 Schedule - ok
12:41:30.0490 0x1098 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:41:30.0505 0x1098 SCPolicySvc - ok
12:41:30.0552 0x1098 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:41:30.0552 0x1098 SDRSVC - ok
12:41:30.0583 0x1098 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:41:30.0583 0x1098 secdrv - ok
12:41:30.0615 0x1098 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:41:30.0615 0x1098 seclogon - ok
12:41:30.0646 0x1098 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:41:30.0646 0x1098 SENS - ok
12:41:30.0677 0x1098 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:41:30.0677 0x1098 SensrSvc - ok
12:41:30.0708 0x1098 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:41:30.0708 0x1098 Serenum - ok
12:41:30.0724 0x1098 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:41:30.0724 0x1098 Serial - ok
12:41:30.0755 0x1098 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:41:30.0755 0x1098 sermouse - ok
12:41:30.0833 0x1098 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:41:30.0849 0x1098 SessionEnv - ok
12:41:30.0864 0x1098 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:41:30.0864 0x1098 sffdisk - ok
12:41:30.0880 0x1098 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:41:30.0880 0x1098 sffp_mmc - ok
12:41:30.0895 0x1098 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:41:30.0895 0x1098 sffp_sd - ok
12:41:30.0927 0x1098 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:41:30.0927 0x1098 sfloppy - ok
12:41:30.0989 0x1098 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:41:31.0005 0x1098 SharedAccess - ok
12:41:31.0067 0x1098 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:41:31.0098 0x1098 ShellHWDetection - ok
12:41:31.0114 0x1098 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:41:31.0114 0x1098 SiSRaid2 - ok
12:41:31.0129 0x1098 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:41:31.0129 0x1098 SiSRaid4 - ok
12:41:31.0176 0x1098 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:41:31.0192 0x1098 SkypeUpdate - ok
12:41:31.0239 0x1098 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:41:31.0254 0x1098 Smb - ok
12:41:31.0285 0x1098 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:41:31.0301 0x1098 SNMPTRAP - ok
12:41:31.0317 0x1098 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:41:31.0317 0x1098 spldr - ok
12:41:31.0379 0x1098 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:41:31.0426 0x1098 Spooler - ok
12:41:31.0597 0x1098 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:41:31.0691 0x1098 sppsvc - ok
12:41:31.0722 0x1098 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:41:31.0738 0x1098 sppuinotify - ok
12:41:31.0785 0x1098 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:41:31.0800 0x1098 srv - ok
12:41:31.0831 0x1098 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:41:31.0847 0x1098 srv2 - ok
12:41:31.0878 0x1098 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:41:31.0878 0x1098 srvnet - ok
12:41:31.0925 0x1098 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:41:31.0925 0x1098 SSDPSRV - ok
12:41:31.0941 0x1098 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:41:31.0941 0x1098 SstpSvc - ok
12:41:32.0003 0x1098 [ C3D855CC0A8E5E373FDFCF4F743C5C9D, 8DFDD2470DCCC63FCF1621B6B3A996285C75EE330BE8AC905B2176E5DE52C150 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:41:32.0003 0x1098 Steam Client Service - ok
12:41:32.0034 0x1098 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:41:32.0050 0x1098 stexstor - ok
12:41:32.0112 0x1098 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:41:32.0128 0x1098 stisvc - ok
12:41:32.0237 0x1098 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:41:32.0237 0x1098 swenum - ok
12:41:32.0362 0x1098 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:41:32.0393 0x1098 swprv - ok
12:41:32.0533 0x1098 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:41:32.0549 0x1098 SynTP - ok
12:41:32.0736 0x1098 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:41:32.0783 0x1098 SysMain - ok
12:41:32.0814 0x1098 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:41:32.0830 0x1098 TabletInputService - ok
12:41:32.0861 0x1098 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:41:32.0892 0x1098 TapiSrv - ok
12:41:32.0939 0x1098 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:41:32.0939 0x1098 TBS - ok
12:41:33.0064 0x1098 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:41:33.0111 0x1098 Tcpip - ok
12:41:33.0189 0x1098 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:41:33.0235 0x1098 TCPIP6 - ok
12:41:33.0282 0x1098 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:41:33.0282 0x1098 tcpipreg - ok
12:41:33.0313 0x1098 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:41:33.0313 0x1098 TDPIPE - ok
12:41:33.0345 0x1098 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:41:33.0345 0x1098 TDTCP - ok
12:41:33.0391 0x1098 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:41:33.0391 0x1098 tdx - ok
12:41:33.0423 0x1098 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:41:33.0423 0x1098 TermDD - ok
12:41:33.0516 0x1098 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:41:33.0563 0x1098 TermService - ok
12:41:33.0610 0x1098 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:41:33.0625 0x1098 Themes - ok
12:41:33.0641 0x1098 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:41:33.0657 0x1098 THREADORDER - ok
12:41:33.0672 0x1098 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:41:33.0688 0x1098 TrkWks - ok
12:41:33.0735 0x1098 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:41:33.0735 0x1098 TrustedInstaller - ok
12:41:33.0781 0x1098 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:41:33.0781 0x1098 tssecsrv - ok
12:41:33.0828 0x1098 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:41:33.0828 0x1098 TsUsbFlt - ok
12:41:33.0875 0x1098 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:41:33.0891 0x1098 tunnel - ok
12:41:33.0922 0x1098 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:41:33.0922 0x1098 uagp35 - ok
12:41:33.0937 0x1098 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:41:33.0937 0x1098 UBHelper - ok
12:41:34.0000 0x1098 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:41:34.0015 0x1098 udfs - ok
12:41:34.0062 0x1098 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:41:34.0062 0x1098 UI0Detect - ok
12:41:34.0093 0x1098 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:41:34.0109 0x1098 uliagpkx - ok
12:41:34.0140 0x1098 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:41:34.0156 0x1098 umbus - ok
12:41:34.0171 0x1098 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:41:34.0171 0x1098 UmPass - ok
12:41:34.0234 0x1098 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:41:34.0249 0x1098 Updater Service - ok
12:41:34.0327 0x1098 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:41:34.0343 0x1098 upnphost - ok
12:41:34.0405 0x1098 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:41:34.0421 0x1098 usbaudio - ok
12:41:34.0468 0x1098 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:41:34.0483 0x1098 usbccgp - ok
12:41:34.0515 0x1098 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:41:34.0530 0x1098 usbcir - ok
12:41:34.0577 0x1098 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:41:34.0577 0x1098 usbehci - ok
12:41:34.0655 0x1098 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:41:34.0671 0x1098 usbhub - ok
12:41:34.0717 0x1098 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:41:34.0717 0x1098 usbohci - ok
12:41:34.0764 0x1098 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:41:34.0764 0x1098 usbprint - ok
12:41:34.0811 0x1098 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:41:34.0811 0x1098 USBSTOR - ok
12:41:34.0842 0x1098 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:41:34.0842 0x1098 usbuhci - ok
12:41:34.0889 0x1098 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:41:34.0889 0x1098 usbvideo - ok
12:41:34.0920 0x1098 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:41:34.0936 0x1098 UxSms - ok
12:41:34.0951 0x1098 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:41:34.0951 0x1098 VaultSvc - ok
12:41:34.0983 0x1098 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:41:34.0998 0x1098 vdrvroot - ok
12:41:35.0076 0x1098 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:41:35.0107 0x1098 vds - ok
12:41:35.0154 0x1098 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:41:35.0170 0x1098 vga - ok
12:41:35.0185 0x1098 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:41:35.0185 0x1098 VgaSave - ok
12:41:35.0232 0x1098 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:41:35.0248 0x1098 vhdmp - ok
12:41:35.0295 0x1098 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:41:35.0295 0x1098 viaide - ok
12:41:35.0310 0x1098 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:41:35.0326 0x1098 volmgr - ok
12:41:35.0388 0x1098 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:41:35.0404 0x1098 volmgrx - ok
12:41:35.0466 0x1098 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:41:35.0466 0x1098 volsnap - ok
12:41:35.0513 0x1098 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:41:35.0529 0x1098 vsmraid - ok
12:41:35.0622 0x1098 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:41:35.0653 0x1098 VSS - ok
12:41:35.0685 0x1098 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:41:35.0685 0x1098 vwifibus - ok
12:41:35.0700 0x1098 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:41:35.0700 0x1098 vwififlt - ok
12:41:35.0731 0x1098 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:41:35.0747 0x1098 W32Time - ok
12:41:35.0778 0x1098 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:41:35.0778 0x1098 WacomPen - ok
12:41:35.0794 0x1098 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:41:35.0809 0x1098 WANARP - ok
12:41:35.0809 0x1098 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:41:35.0809 0x1098 Wanarpv6 - ok
12:41:35.0903 0x1098 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:41:35.0965 0x1098 WatAdminSvc - ok
12:41:36.0168 0x1098 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:41:36.0215 0x1098 wbengine - ok
12:41:36.0277 0x1098 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:41:36.0293 0x1098 WbioSrvc - ok
12:41:36.0340 0x1098 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:41:36.0355 0x1098 wcncsvc - ok
12:41:36.0387 0x1098 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:41:36.0387 0x1098 WcsPlugInService - ok
12:41:36.0433 0x1098 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:41:36.0433 0x1098 Wd - ok
12:41:36.0527 0x1098 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:41:36.0543 0x1098 Wdf01000 - ok
12:41:36.0605 0x1098 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:41:36.0605 0x1098 WdiServiceHost - ok
12:41:36.0605 0x1098 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:41:36.0621 0x1098 WdiSystemHost - ok
12:41:36.0667 0x1098 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:41:36.0683 0x1098 WebClient - ok
12:41:36.0730 0x1098 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:41:36.0745 0x1098 Wecsvc - ok
12:41:36.0777 0x1098 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:41:36.0777 0x1098 wercplsupport - ok
12:41:36.0792 0x1098 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:41:36.0808 0x1098 WerSvc - ok
12:41:36.0839 0x1098 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:41:36.0839 0x1098 WfpLwf - ok
12:41:36.0855 0x1098 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:41:36.0855 0x1098 WIMMount - ok
12:41:36.0886 0x1098 WinDefend - ok
12:41:36.0901 0x1098 WinHttpAutoProxySvc - ok
12:41:36.0995 0x1098 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:41:37.0011 0x1098 Winmgmt - ok
12:41:37.0135 0x1098 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:41:37.0182 0x1098 WinRM - ok
12:41:37.0276 0x1098 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:41:37.0291 0x1098 WinUsb - ok
12:41:37.0385 0x1098 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:41:37.0432 0x1098 Wlansvc - ok
12:41:37.0619 0x1098 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:37.0681 0x1098 wlidsvc - ok
12:41:37.0775 0x1098 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:41:37.0791 0x1098 WmiAcpi - ok
12:41:37.0837 0x1098 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:41:37.0853 0x1098 wmiApSrv - ok
12:41:37.0884 0x1098 WMPNetworkSvc - ok
12:41:37.0915 0x1098 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:41:37.0931 0x1098 WPCSvc - ok
12:41:37.0962 0x1098 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:41:37.0978 0x1098 WPDBusEnum - ok
12:41:38.0009 0x1098 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:41:38.0009 0x1098 ws2ifsl - ok
12:41:38.0025 0x1098 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:41:38.0025 0x1098 wscsvc - ok
12:41:38.0040 0x1098 WSearch - ok
12:41:38.0196 0x1098 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:41:38.0259 0x1098 wuauserv - ok
12:41:38.0399 0x1098 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:41:38.0399 0x1098 WudfPf - ok
12:41:38.0430 0x1098 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:41:38.0446 0x1098 WUDFRd - ok
12:41:38.0493 0x1098 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:41:38.0493 0x1098 wudfsvc - ok
12:41:38.0571 0x1098 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:41:38.0586 0x1098 WwanSvc - ok
12:41:38.0602 0x1098 ================ Scan global ===============================
12:41:38.0633 0x1098 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:41:38.0711 0x1098 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:38.0727 0x1098 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:38.0773 0x1098 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:41:38.0820 0x1098 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:41:38.0836 0x1098 [ Global ] - ok
12:41:38.0836 0x1098 ================ Scan MBR ==================================
12:41:38.0851 0x1098 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:41:39.0429 0x1098 \Device\Harddisk0\DR0 - ok
12:41:39.0429 0x1098 ================ Scan VBR ==================================
12:41:39.0444 0x1098 [ E37277CA43758313B81E90E86B850A72 ] \Device\Harddisk0\DR0\Partition1
12:41:39.0491 0x1098 \Device\Harddisk0\DR0\Partition1 - ok
12:41:39.0491 0x1098 [ 5CEE1D84F9F64EB58772E1615BA28FC6 ] \Device\Harddisk0\DR0\Partition2
12:41:39.0507 0x1098 \Device\Harddisk0\DR0\Partition2 - ok
12:41:39.0522 0x1098 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
12:41:39.0538 0x1098 Win FW state via NFP2: enabled
12:41:42.0393 0x1098 ============================================================
12:41:42.0393 0x1098 Scan finished
12:41:42.0393 0x1098 ============================================================
12:41:42.0408 0x12d4 Detected object count: 0
12:41:42.0408 0x12d4 Actual detected object count: 0
Ok, so that is all of the TDSSKiller.txt log.
ComboFix.txt
ComboFix 14-03-24.01 - Bob 03/24/2014 20:52:08.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2305 [GMT -4:00]
Running from: c:\users\Bob\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-02-25 to 2014-03-25 )))))))))))))))))))))))))))))))
.
.
2014-03-25 01:32 . 2014-03-25 01:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-23 22:15 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA47D435-74EA-4C67-944B-C64B9652C794}\mpengine.dll
2014-03-21 20:48 . 2014-03-22 14:50 -------- d-----w- C:\FRST
2014-03-21 11:22 . 2014-03-14 20:35 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-03-21 11:22 . 2014-03-14 20:35 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D22BF887-C83A-43A7-AD04-29A795D8D7C0}\gapaengine.dll
2014-03-21 11:22 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-20 12:30 . 2014-03-20 12:34 -------- d-----w- c:\program files (x86)\ERUNT
2014-03-14 20:33 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-14 20:33 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-14 20:33 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-14 20:33 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-14 20:31 . 2014-03-14 20:31 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-03-14 20:31 . 2014-03-14 20:31 -------- d-----w- c:\program files\Microsoft Security Client
2014-03-14 19:43 . 2014-03-14 19:44 -------- d-----w- C:\50afdc55646263780c
2014-03-13 17:21 . 2014-03-13 17:21 -------- d-----w- c:\users\Bob\AppData\Local\Macromedia
2014-03-09 12:16 . 2014-02-04 23:09 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-03-09 11:48 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8D1492DC-CAD1-4835-85BC-6685686EAE8C}\mpengine.dll
2014-02-26 16:46 . 2014-02-26 16:46 -------- d-----w- c:\windows\Migration
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 17:03 . 2012-08-20 13:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:03 . 2012-08-20 13:45 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-19 07:33 . 2012-08-19 18:40 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 obpedscx;obpedscx;c:\windows\system32\drivers\obpedscx.sys;c:\windows\SYSNATIVE\drivers\obpedscx.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 dkab_device;dkab_device;c:\windows\system32\DKabcoms.exe;c:\windows\SYSNATIVE\DKabcoms.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R4 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R4 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 17:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
FF - ProfilePath - c:\users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1803198997-23066263-2989206535-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1803198997-23066263-2989206535-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-03-25 02:48:49
ComboFix-quarantined-files.txt 2014-03-25 06:48
.
Pre-Run: 138,639,278,080 bytes free
Post-Run: 147,057,278,976 bytes free
.
- - End Of File - - 86EBF30EBD71DA6AB1B6B32A2CF0460B
A36C5E4F47E84449FF07ED3517B43A31
VirusTool
I searched my hard drive but could not find the obpedscx.sys file you requested I scan.
Hi barlee,
VirusTool
I searched my hard drive but could not find the obpedscx.sys file you requested I scan.
The file may be hidden, please unhide files and folders and attempt the VirusTotal step again. If the file can still not be found, go ahead and rehide the files and folders.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Show Hidden Files & Folders in Windows 7
To show hidden files, just click on the Organize button in any folder, and then select “Folder and Search Options” from the menu.
Click the View tab, and then you should select “Show hidden files and folders” in the list.
Then click OK.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) VirusTotal
Please go to: VirusTotal (http://www.virustotal.com/en/index.html)
http://i204.photobucket.com/albums/bb106/Juliet702/virustotal2-SWI.png
Click the Browse button and search for the following file: C:\Windows\system32\drivers\obpedscx.sys
Click Open
Then click Send File
Please be patient while the file is scanned.
Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now"
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Uninstall via Programs and Features
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
ooVoo
ooVoo Toolbar
Update for Zip Opener
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) System Configuration - selective startup
Go to the Start Orb http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html) type "msconfig" (without quotes) in the search box.
When the System Configuration window appears, on the General tab, click the Selective Startup button.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/SystemConfig-SelectiveStartup_zps4cfa5e57.gif (http://s1269.photobucket.com/user/OCD-WTT/media/SystemConfig-SelectiveStartup_zps4cfa5e57.gif.html)
Next select the Startup tab
http://i1269.photobucket.com/albums/jj590/OCD-WTT/SystemConfig-StartupTab_zps2e1a2f20.gif (http://s1269.photobucket.com/user/OCD-WTT/media/SystemConfig-StartupTab_zps2e1a2f20.gif.html)
Locate the following items and remove the check-mark from the box.
McAfee Security Scan Plus
PowerReg Scheduler V3.exe
ooVoo.exe
Click Apply, then click OK
http://i1269.photobucket.com/albums/jj590/OCD-WTT/SystemConfig-Apply-OK_zps7a365e01.gif (http://s1269.photobucket.com/user/OCD-WTT/media/SystemConfig-Apply-OK_zps7a365e01.gif.html)
Close msconfig, you will be prompted to restart, do so at this time.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\Jordan\AppData\Local\Temp\siqusiw\sveirfr\wow.dll ATTENTION! ====> ZeroAccess?
GroupPolicyUsers\S-1-5-21-1803198997-23066263-2989206535-1003\User: Group Policy restriction detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406?appid=394
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
ooVoo toolbar, powered by Ask.com Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.0.25589 - Ask.com) <==== ATTENTION
Update for Zip Opener (HKCU\...\DSite) (Version: - ) <==== ATTENTION
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
=========================
In your next post please provide the following:
VirusTotal results, if available
Fixlog.txt
OCD,
VirusTotal
I verified that 'show hidden files' is enabled and I still don't find the file obpedscx.sys.
Uninstall Programs
Done - I uninstalled the listed programs.
Selective Startup
Done
FRST Fix
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Bob at 2014-03-25 21:39:26 Run:1
Running from C:\Users\Bob\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\Jordan\AppData\Local\Temp\siqusiw\sveirfr\wow.dll ATTENTION! ====> ZeroAccess?
GroupPolicyUsers\S-1-5-21-1803198997-23066263-2989206535-1003\User: Group Policy restriction detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406?appid=394
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
ooVoo toolbar, powered by Ask.com Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.0.25589 - Ask.com) <==== ATTENTION
Update for Zip Opener (HKCU\...\DSite) (Version: - ) <==== ATTENTION
*****************
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key not found.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1803198997-23066263-2989206535-1003\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
The system needed a reboot.
==== End of Fixlog ====
Hi barlee,
Re-run Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) it should of been saved to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
FRST.txt
Any change in performance?
OCD,
FRST.txt
I reran the Farbar Recovery Scan Tool while logged in as the user who was experiencing the most problems. Here is the log file
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jordan (ATTENTION: The logged in user is not administrator) on LAPTOP-JORDAN on 26-03-2014 06:17:32
Running from C:\Users\Jordan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1803198997-23066263-2989206535-1003\...\Run: [ROBLOX Corporation Update] - regsvr32.exe "C:\Users\Jordan\AppData\Local\ROBLOX Corporation\OGSDeviceDX9.dll"
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406?appid=394
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=6564558371054311&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.6.1 64.134.255.2 64.134.255.10
FireFox:
========
FF ProfilePath: C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default
FF DefaultSearchEngine: Search Results
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Search Results
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6564558371054311&o=APN10645&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\searchplugins\Search_Results.xml
FF Extension: WebToSave - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\{f80bc79c-ab5e-418a-a0be-3d9e66b4e976} [2013-09-01]
FF Extension: Video Downloader - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\chbnserfrc@chbnserfrc.org.xpi [2013-04-27]
FF Extension: New Tab - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi [2013-05-20]
==================== Services (Whitelisted) =================
S3 dkab_device; C:\Windows\system32\DKabcoms.exe [476568 2006-10-21] ( )
S3 dkab_device; C:\Windows\SysWOW64\DKabcoms.exe [508824 2006-10-21] ( )
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S1 obpedscx; \??\C:\Windows\system32\drivers\obpedscx.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-26 06:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-24 12:51 - 2014-03-25 02:48 - 00000000 ____D () C:\Qoobox
2014-03-24 12:51 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-24 12:51 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-24 12:51 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-23 18:08 - 2014-03-23 18:11 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:32 - 2014-03-22 13:37 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:26 - 2014-03-22 11:29 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:39 - 2014-03-22 10:50 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-22 10:13 - 2014-03-26 06:17 - 00010622 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-21 16:48 - 2014-03-26 06:17 - 00000000 ____D () C:\FRST
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 08:37 - 2014-03-25 02:47 - 00000000 ____D () C:\Windows\ERDNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:30 - 2014-03-20 08:34 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-14 16:34 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 16:34 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 16:34 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 16:34 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 16:34 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 16:34 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 16:34 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 16:34 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 16:34 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 16:34 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 16:34 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 16:34 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 16:34 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 16:34 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 16:34 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 16:34 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 16:34 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 16:34 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 16:34 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 16:34 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 16:34 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 16:34 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 16:34 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 16:34 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 16:34 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 16:34 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 16:34 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 16:34 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 16:34 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:30 - 2014-02-14 12:11 - 00000426 _____ () C:\AVScanner.ini
2014-03-14 15:44 - 2014-03-14 16:47 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 15:43 - 2014-03-14 15:44 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:37 - 2014-03-14 15:38 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 13:53 - 2014-03-25 21:45 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-14 13:48 - 2014-03-25 21:41 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-14 11:09 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:09 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:08 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-09 12:41 - 2014-03-09 12:42 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:35 - 2014-03-09 12:36 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 11:53 - 2014-03-25 21:32 - 00000000 ____D () C:\Windows\pss
2014-03-09 08:16 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-09 08:11 - 2014-03-09 08:13 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-03-26 06:17 - 2014-03-22 10:13 - 00010622 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-26 06:17 - 2014-03-21 16:48 - 00000000 ____D () C:\FRST
2014-03-26 06:13 - 2012-08-19 16:12 - 01207643 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 06:03 - 2012-08-20 09:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-25 23:03 - 2012-08-20 09:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-25 23:03 - 2012-08-20 09:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-25 21:48 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-25 21:48 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-25 21:45 - 2014-03-14 13:53 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-25 21:45 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Skype
2014-03-25 21:45 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\Jordan
2014-03-25 21:41 - 2014-03-14 13:48 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-25 21:41 - 2012-08-19 13:58 - 00000000 ____D () C:\Users\Bob
2014-03-25 21:40 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-25 21:40 - 2009-07-14 00:51 - 00094787 _____ () C:\Windows\setupact.log
2014-03-25 21:39 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-25 21:32 - 2014-03-09 11:53 - 00000000 ____D () C:\Windows\pss
2014-03-25 21:26 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 21:11 - 2012-08-19 16:09 - 00157282 _____ () C:\Windows\PFRO.log
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-25 02:48 - 2014-03-24 12:51 - 00000000 ____D () C:\Qoobox
2014-03-25 02:48 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-03-25 02:47 - 2014-03-20 08:37 - 00000000 ____D () C:\Windows\ERDNT
2014-03-25 02:44 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-23 18:11 - 2014-03-23 18:08 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:37 - 2014-03-22 13:32 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:29 - 2014-03-22 11:26 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:50 - 2014-03-22 10:39 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-21 07:13 - 2014-03-26 06:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 08:34 - 2014-03-20 08:30 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-15 04:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-15 03:25 - 2009-07-14 00:45 - 00338000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 16:59 - 2012-08-19 19:03 - 00000000 ____D () C:\Users\Jordan\AppData\Roaming\Skype
2014-03-14 16:47 - 2014-03-14 15:44 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 15:44 - 2014-03-14 15:43 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:38 - 2014-03-14 15:37 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 15:23 - 2013-12-24 00:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 12:11 - 2012-08-19 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-14 12:06 - 2012-08-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble
2014-03-14 11:20 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:20 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-14 11:19 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:19 - 2013-08-21 13:25 - 00000000 ____D () C:\Users\Jordan\Documents\FLVS English I Virtual Backpack
2014-03-09 12:42 - 2014-03-09 12:41 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:36 - 2014-03-09 12:35 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 09:39 - 2012-08-19 14:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 08:13 - 2014-03-09 08:11 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:49 - 2012-08-19 15:01 - 00000000 ____D () C:\Users\Jordan\AppData\Local\Mozilla
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-04 01:33 - 2013-07-22 20:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 01:33 - 2012-08-19 19:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-01 02:05 - 2014-03-14 16:34 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-14 16:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-14 16:34 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-14 16:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-14 16:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-14 16:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-14 16:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-14 16:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-14 16:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-14 16:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-14 16:34 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-14 16:34 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-14 16:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-14 16:34 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-14 16:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-14 16:34 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-14 16:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-14 16:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-14 16:34 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-14 16:34 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-14 16:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-14 16:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-14 16:34 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-14 16:34 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-14 16:34 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-14 16:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-14 16:34 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-14 16:34 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-14 16:34 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-14 16:34 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-14 16:34 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-14 16:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-14 16:34 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-14 16:34 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:34 - 2013-08-21 13:41 - 00000000 ____D () C:\Users\Public\Documents\TT Algebra 2
2014-02-26 14:20 - 2009-07-14 01:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-26 12:49 - 2013-08-18 13:30 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Performance
I let the computer run all night and I no longer see the large number of dllhost.exe *32 processes and the PC is running much better. I really appreciate your help!!!!!!!
Hi barlee,
I reran the Farbar Recovery Scan Tool while logged in as the user who was experiencing the most problems.
Please run all scans from the administrator account.
=========================
I let the computer run all night and I no longer see the large number of dllhost.exe *32 processes and the PC is running much better.
It's important that you follow through with the remainder of the steps I will outline. Absence of symptoms doesn't necessarily translate into malware free. We are making progress so please stay with me until I give you the "all clean" sign. :bigthumb:
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool
Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Once the program has loaded, select the Update tab to get the latest updates before performing the scan.
Select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner
*Note:
It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".
= = = = = = = = = = = = = = = = = = = =
Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)
(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply
Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.
=========================
In your next post please provide the following:
AdwCleaner[S0].txt
JRT.txt
MBAM log
ESET's log.txt
How's the computer running, any symptoms?
OCD,
FRST.txt
I reran teh Farbar Recovery Scan Tool while logged in under an administrator account. Here's the log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Bob (administrator) on LAPTOP-JORDAN on 27-03-2014 10:35:17
Running from C:\Users\Bob\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1803198997-23066263-2989206535-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Backyard Football 2006 Registration.lnk
ShortcutTarget: Backyard Football 2006 Registration.lnk -> C:\Users\Bob\AppData\Local\Temp\{1C88E143-CB25-4E92-B8E5-94A34EDC9B93}\{17FE8A6F-9842-43E1-B274-9E2B08DE1035}\ATR1.EXE (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
==================== Services (Whitelisted) =================
S3 dkab_device; C:\Windows\system32\DKabcoms.exe [476568 2006-10-21] ( )
S3 dkab_device; C:\Windows\SysWOW64\DKabcoms.exe [508824 2006-10-21] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S1 obpedscx; \??\C:\Windows\system32\drivers\obpedscx.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-27 10:34 - 2014-03-27 10:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Bob\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:33 - 2014-03-27 10:33 - 01038974 _____ (Thisisu) C:\Users\Bob\Downloads\JRT.exe
2014-03-27 10:32 - 2014-03-27 10:33 - 01950720 _____ () C:\Users\Bob\Desktop\AdwCleaner.exe
2014-03-26 06:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-26 06:09 - 2014-03-27 10:35 - 00010314 _____ () C:\Users\Bob\Desktop\FRST.txt
2014-03-25 06:20 - 2014-03-25 06:20 - 00369295 _____ () C:\Users\Bob\Desktop\TDSSKiller.txt
2014-03-25 06:01 - 2014-03-25 06:01 - 00014057 _____ () C:\Users\Bob\Desktop\combofix.txt
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-24 12:51 - 2014-03-25 02:48 - 00000000 ____D () C:\Qoobox
2014-03-24 12:51 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-24 12:51 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-24 12:51 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-24 07:26 - 2014-03-24 07:26 - 00000000 ____D () C:\Users\Bob\Desktop\TDSSKiller
2014-03-24 07:25 - 2014-03-24 07:25 - 04113320 _____ () C:\Users\Bob\Downloads\tdsskiller.zip
2014-03-23 18:08 - 2014-03-23 18:11 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:32 - 2014-03-22 13:37 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:30 - 2014-03-24 12:50 - 05192353 ____R (Swearware) C:\Users\Bob\Desktop\ComboFix.exe
2014-03-22 11:26 - 2014-03-22 11:29 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:39 - 2014-03-22 10:50 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-22 10:13 - 2014-03-26 06:18 - 00031283 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-21 16:48 - 2014-03-27 10:35 - 00000000 ____D () C:\FRST
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Bob\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 21:10 - 2014-03-20 21:10 - 00001947 _____ () C:\Users\Bob\Desktop\aswMBR.txt
2014-03-20 21:10 - 2014-03-20 21:10 - 00000512 _____ () C:\Users\Bob\Desktop\MBR.dat
2014-03-20 11:30 - 2014-03-20 11:30 - 00002808 _____ () C:\Users\Bob\Desktop\attach.zip
2014-03-20 11:06 - 2014-03-20 11:06 - 00008311 _____ () C:\Users\Bob\Desktop\attach.txt
2014-03-20 11:06 - 2014-03-20 11:05 - 00008923 _____ () C:\Users\Bob\Desktop\dds.txt
2014-03-20 08:37 - 2014-03-25 02:47 - 00000000 ____D () C:\Windows\ERDNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Bob\Desktop\ERUNT.lnk
2014-03-20 08:30 - 2014-03-20 08:34 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-14 16:34 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 16:34 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 16:34 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 16:34 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 16:34 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 16:34 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 16:34 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 16:34 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 16:34 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 16:34 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 16:34 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 16:34 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 16:34 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 16:34 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 16:34 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 16:34 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 16:34 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 16:34 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 16:34 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 16:34 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 16:34 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 16:34 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 16:34 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 16:34 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 16:34 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 16:34 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 16:34 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 16:34 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 16:34 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:30 - 2014-02-14 12:11 - 00000426 _____ () C:\AVScanner.ini
2014-03-14 16:03 - 2014-03-14 16:04 - 13670584 _____ (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe
2014-03-14 15:44 - 2014-03-14 16:47 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 15:43 - 2014-03-14 15:44 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:37 - 2014-03-14 15:38 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 13:53 - 2014-03-25 21:45 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-14 13:48 - 2014-03-25 21:41 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-14 11:09 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:09 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:08 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-13 13:21 - 2014-03-13 13:21 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 12:41 - 2014-03-09 12:42 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:35 - 2014-03-09 12:36 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 11:53 - 2014-03-25 21:32 - 00000000 ____D () C:\Windows\pss
2014-03-09 08:16 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-09 08:11 - 2014-03-09 08:13 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-03-27 10:36 - 2014-03-26 06:09 - 00010314 _____ () C:\Users\Bob\Desktop\FRST.txt
2014-03-27 10:35 - 2014-03-21 16:48 - 00000000 ____D () C:\FRST
2014-03-27 10:34 - 2014-03-27 10:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Bob\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:33 - 2014-03-27 10:33 - 01038974 _____ (Thisisu) C:\Users\Bob\Downloads\JRT.exe
2014-03-27 10:33 - 2014-03-27 10:32 - 01950720 _____ () C:\Users\Bob\Desktop\AdwCleaner.exe
2014-03-27 10:17 - 2012-08-19 16:12 - 01250967 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 10:03 - 2012-08-20 09:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 21:43 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 21:43 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 21:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 21:35 - 2009-07-14 00:51 - 00094843 _____ () C:\Windows\setupact.log
2014-03-26 07:05 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Skype
2014-03-26 06:18 - 2014-03-22 10:13 - 00031283 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-25 23:03 - 2012-08-20 09:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-25 23:03 - 2012-08-20 09:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-25 23:03 - 2012-08-20 09:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-25 21:45 - 2014-03-14 13:53 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-25 21:45 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\Jordan
2014-03-25 21:41 - 2014-03-14 13:48 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-25 21:41 - 2012-08-19 13:58 - 00000000 ____D () C:\Users\Bob
2014-03-25 21:39 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-25 21:32 - 2014-03-09 11:53 - 00000000 ____D () C:\Windows\pss
2014-03-25 21:32 - 2012-08-19 14:02 - 00000000 ___RD () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 21:26 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 21:11 - 2012-08-19 16:09 - 00157282 _____ () C:\Windows\PFRO.log
2014-03-25 06:20 - 2014-03-25 06:20 - 00369295 _____ () C:\Users\Bob\Desktop\TDSSKiller.txt
2014-03-25 06:01 - 2014-03-25 06:01 - 00014057 _____ () C:\Users\Bob\Desktop\combofix.txt
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-25 02:48 - 2014-03-24 12:51 - 00000000 ____D () C:\Qoobox
2014-03-25 02:48 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-03-25 02:47 - 2014-03-20 08:37 - 00000000 ____D () C:\Windows\ERDNT
2014-03-25 02:44 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-24 12:50 - 2014-03-22 11:30 - 05192353 ____R (Swearware) C:\Users\Bob\Desktop\ComboFix.exe
2014-03-24 07:26 - 2014-03-24 07:26 - 00000000 ____D () C:\Users\Bob\Desktop\TDSSKiller
2014-03-24 07:25 - 2014-03-24 07:25 - 04113320 _____ () C:\Users\Bob\Downloads\tdsskiller.zip
2014-03-23 18:11 - 2014-03-23 18:08 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:37 - 2014-03-22 13:32 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:29 - 2014-03-22 11:26 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:50 - 2014-03-22 10:39 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-21 07:13 - 2014-03-26 06:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Bob\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 21:10 - 2014-03-20 21:10 - 00001947 _____ () C:\Users\Bob\Desktop\aswMBR.txt
2014-03-20 21:10 - 2014-03-20 21:10 - 00000512 _____ () C:\Users\Bob\Desktop\MBR.dat
2014-03-20 11:30 - 2014-03-20 11:30 - 00002808 _____ () C:\Users\Bob\Desktop\attach.zip
2014-03-20 11:06 - 2014-03-20 11:06 - 00008311 _____ () C:\Users\Bob\Desktop\attach.txt
2014-03-20 11:05 - 2014-03-20 11:06 - 00008923 _____ () C:\Users\Bob\Desktop\dds.txt
2014-03-20 08:34 - 2014-03-20 08:30 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Bob\Desktop\ERUNT.lnk
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-15 04:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-15 03:25 - 2009-07-14 00:45 - 00338000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 16:59 - 2012-08-19 19:03 - 00000000 ____D () C:\Users\Jordan\AppData\Roaming\Skype
2014-03-14 16:47 - 2014-03-14 15:44 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:04 - 2014-03-14 16:03 - 13670584 _____ (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe
2014-03-14 15:44 - 2014-03-14 15:43 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:38 - 2014-03-14 15:37 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 15:23 - 2013-12-24 00:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 13:48 - 2012-12-05 17:12 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-14 12:11 - 2012-08-19 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-14 12:06 - 2012-08-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble
2014-03-14 11:20 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:20 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-14 11:19 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:19 - 2013-08-21 13:25 - 00000000 ____D () C:\Users\Jordan\Documents\FLVS English I Virtual Backpack
2014-03-13 13:21 - 2014-03-13 13:21 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 12:42 - 2014-03-09 12:41 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:36 - 2014-03-09 12:35 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 09:42 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Local\LogMeIn Hamachi
2014-03-09 09:39 - 2012-08-19 14:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 08:13 - 2014-03-09 08:11 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:49 - 2012-08-19 15:01 - 00000000 ____D () C:\Users\Jordan\AppData\Local\Mozilla
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-09 07:46 - 2012-08-19 14:41 - 00000000 ____D () C:\Users\Bob\AppData\Local\Mozilla
2014-03-09 07:43 - 2012-08-19 14:02 - 00001417 _____ () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 01:33 - 2013-07-22 20:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 01:33 - 2012-08-19 19:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-01 02:05 - 2014-03-14 16:34 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-14 16:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-14 16:34 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-14 16:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-14 16:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-14 16:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-14 16:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-14 16:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-14 16:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-14 16:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-14 16:34 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-14 16:34 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-14 16:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-14 16:34 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-14 16:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-14 16:34 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-14 16:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-14 16:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-14 16:34 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-14 16:34 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-14 16:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-14 16:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-14 16:34 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-14 16:34 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-14 16:34 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-14 16:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-14 16:34 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-14 16:34 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-14 16:34 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-14 16:34 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-14 16:34 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-14 16:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-14 16:34 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-14 16:34 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:34 - 2013-08-21 13:41 - 00000000 ____D () C:\Users\Public\Documents\TT Algebra 2
2014-02-26 14:20 - 2009-07-14 01:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-26 12:49 - 2013-08-18 13:30 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-21 07:39
==================== End Of Log ============================
AdwCleaner[S0].txt
# AdwCleaner v3.022 - Report created 27/03/2014 at 10:43:20
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Bob - LAPTOP-JORDAN
# Running from : C:\Users\Bob\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Jordan\AppData\Local\iLivid
Folder Deleted : C:\Users\Jordan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\Extensions\{f80bc79c-ab5e-418a-a0be-3d9e66b4e976}
File Deleted : C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\searchplugins\Search_Results.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v15.0.1 (en-US)
[ File : C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default\prefs.js ]
[ File : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\s0ltswrk.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Line Deleted : user_pref("browser.search.order.1", "Search Results");
Line Deleted : user_pref("browser.search.selectedEngine", "Search Results");
Line Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6564558371054311&o=APN10645&q=");
*************************
AdwCleaner[R0].txt - [2231 octets] - [27/03/2014 10:39:22]
AdwCleaner[S0].txt - [2188 octets] - [27/03/2014 10:43:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2248 octets] ##########
JRT.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Bob on Thu 03/27/2014 at 10:49:43.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\qlnbmrfl.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/27/2014 at 10:58:31.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MBAM Log
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 3/27/2014
Scan Time: 11:18:50 AM
Logfile: Malware Log.txt
Administrator: Yes
Version: 2.00.0.1000
Malware Database: v2014.03.27.04
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bob
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 275329
Time Elapsed: 13 min, 57 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1803198997-23066263-2989206535-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [f24e5cac0675241219eb09711de66b95],
Registry Values: 2
VirTool.Vbcrypt, HKU\S-1-5-21-1803198997-23066263-2989206535-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ROBLOX Corporation Update, regsvr32.exe "C:\Users\Jordan\AppData\Local\ROBLOX Corporation\OGSDeviceDX9.dll", Quarantined, [cc74a860f08b63d3000d515316eae31d]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1803198997-23066263-2989206535-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0T0E0C1F2R0U2Y1R, Quarantined, [f24e5cac0675241219eb09711de66b95]
Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-1803198997-23066263-2989206535-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.searchnu.com/406?appid=394, Good: (http://www.google.com), Bad: (http://www.searchnu.com/406?appid=394),Replaced,[e45ca56396e5a294abddd037ae56a45c]
Folders: 0
(No malicious items detected)
Files: 1
VirTool.Vbcrypt, C:\Users\Jordan\AppData\Local\ROBLOX Corporation\OGSDeviceDX9.dll, Quarantined, [cc74a860f08b63d3000d515316eae31d],
Physical Sectors: 0
(No malicious items detected)
(end)
ESET's log
C:\Users\Jordan\Downloads\ZipOpenerSetup.exe Win32/InstallCore.BN potentially unwanted application
Computer Performance
PC still appears to be running much better. I do not see the dllhost.exe *32 processes appearing in the task manager.
Hi barlee,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
S1 obpedscx; \??\C:\Windows\system32\drivers\obpedscx.sys [X]
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Delete a File/Folder
Using Windows Explorer (Windows Key + E), locate the following files/folders, and DELETE them (if still present):
C:\Users\Jordan\Downloads\ZipOpenerSetup.exe <-- delete the file, if present
Exit Explorer
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
fixlog.txt
new FRST.txt
Any remaining issues?
FRST Fix Script
Ran successfully
Here is Fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Bob at 2014-03-28 07:14:49 Run:2
Running from C:\Users\Bob\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S1 obpedscx; \??\C:\Windows\system32\drivers\obpedscx.sys [X]
*****************
obpedscx => Service deleted successfully.
==== End of Fixlog ====
Delete Folder
Deleted ZipOpenerSetup.exe
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Bob (administrator) on LAPTOP-JORDAN on 28-03-2014 07:25:10
Running from C:\Users\Bob\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] - C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-08-13] ()
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1803198997-23066263-2989206535-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Backyard Football 2006 Registration.lnk
ShortcutTarget: Backyard Football 2006 Registration.lnk -> C:\Users\Bob\AppData\Local\Temp\{1C88E143-CB25-4E92-B8E5-94A34EDC9B93}\{17FE8A6F-9842-43E1-B274-9E2B08DE1035}\ATR1.EXE (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
==================== Services (Whitelisted) =================
S3 dkab_device; C:\Windows\system32\DKabcoms.exe [476568 2006-10-21] ( )
S3 dkab_device; C:\Windows\SysWOW64\DKabcoms.exe [508824 2006-10-21] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-27 13:19 - 2014-03-27 13:19 - 00000100 _____ () C:\Users\Bob\Downloads\ESETScan.txt
2014-03-27 11:26 - 2014-03-27 11:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-27 11:25 - 2014-03-27 11:26 - 02347384 _____ (ESET) C:\Users\Bob\Downloads\esetsmartinstaller_enu.exe
2014-03-27 11:02 - 2014-03-28 07:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 11:02 - 2014-03-27 11:02 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-27 11:02 - 2014-03-27 11:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 11:02 - 2014-03-27 11:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 11:02 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 11:02 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-27 11:02 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-27 10:58 - 2014-03-27 10:58 - 00000760 _____ () C:\Users\Bob\Desktop\JRT.txt
2014-03-27 10:49 - 2014-03-27 10:49 - 00000000 ____D () C:\Windows\ERUNT
2014-03-27 10:48 - 2014-03-27 10:48 - 00002328 _____ () C:\Users\Bob\Downloads\AdwCleaner[S0].txt
2014-03-27 10:39 - 2014-03-27 10:43 - 00000000 ____D () C:\AdwCleaner
2014-03-27 10:34 - 2014-03-27 10:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Bob\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:33 - 2014-03-27 10:33 - 01038974 _____ (Thisisu) C:\Users\Bob\Desktop\JRT.exe
2014-03-27 10:32 - 2014-03-27 10:33 - 01950720 _____ () C:\Users\Bob\Desktop\AdwCleaner.exe
2014-03-26 06:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-26 06:09 - 2014-03-28 07:25 - 00010881 _____ () C:\Users\Bob\Desktop\FRST.txt
2014-03-25 06:20 - 2014-03-25 06:20 - 00369295 _____ () C:\Users\Bob\Desktop\TDSSKiller.txt
2014-03-25 06:01 - 2014-03-25 06:01 - 00014057 _____ () C:\Users\Bob\Desktop\combofix.txt
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-24 12:51 - 2014-03-25 02:48 - 00000000 ____D () C:\Qoobox
2014-03-24 12:51 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-24 12:51 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-24 12:51 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-24 12:51 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-24 07:26 - 2014-03-24 07:26 - 00000000 ____D () C:\Users\Bob\Desktop\TDSSKiller
2014-03-24 07:25 - 2014-03-24 07:25 - 04113320 _____ () C:\Users\Bob\Downloads\tdsskiller.zip
2014-03-23 18:08 - 2014-03-23 18:11 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:32 - 2014-03-22 13:37 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:30 - 2014-03-24 12:50 - 05192353 ____R (Swearware) C:\Users\Bob\Desktop\ComboFix.exe
2014-03-22 11:26 - 2014-03-22 11:29 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:39 - 2014-03-22 10:50 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-22 10:13 - 2014-03-26 06:18 - 00031283 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-21 16:48 - 2014-03-28 07:25 - 00000000 ____D () C:\FRST
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Bob\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 21:10 - 2014-03-20 21:10 - 00001947 _____ () C:\Users\Bob\Desktop\aswMBR.txt
2014-03-20 21:10 - 2014-03-20 21:10 - 00000512 _____ () C:\Users\Bob\Desktop\MBR.dat
2014-03-20 11:30 - 2014-03-20 11:30 - 00002808 _____ () C:\Users\Bob\Desktop\attach.zip
2014-03-20 11:06 - 2014-03-20 11:06 - 00008311 _____ () C:\Users\Bob\Desktop\attach.txt
2014-03-20 11:06 - 2014-03-20 11:05 - 00008923 _____ () C:\Users\Bob\Desktop\dds.txt
2014-03-20 08:37 - 2014-03-27 11:21 - 00000000 ____D () C:\Windows\ERDNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Bob\Desktop\ERUNT.lnk
2014-03-20 08:30 - 2014-03-20 08:34 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-14 16:34 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 16:34 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 16:34 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 16:34 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 16:34 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 16:34 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 16:34 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 16:34 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 16:34 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 16:34 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 16:34 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 16:34 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 16:34 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 16:34 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 16:34 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 16:34 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 16:34 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 16:34 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 16:34 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 16:34 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 16:34 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 16:34 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 16:34 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 16:34 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 16:34 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 16:34 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 16:34 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 16:34 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 16:34 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 16:34 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 16:34 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 16:34 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 16:34 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 16:34 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 16:34 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 16:34 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 16:33 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:30 - 2014-02-14 12:11 - 00000426 _____ () C:\AVScanner.ini
2014-03-14 16:03 - 2014-03-14 16:04 - 13670584 _____ (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe
2014-03-14 15:44 - 2014-03-14 16:47 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 15:43 - 2014-03-14 15:44 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:37 - 2014-03-14 15:38 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 13:53 - 2014-03-25 21:45 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-14 13:48 - 2014-03-25 21:41 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-14 11:09 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:09 - 2014-03-14 11:19 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:08 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-13 13:21 - 2014-03-13 13:21 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 12:41 - 2014-03-09 12:42 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:35 - 2014-03-09 12:36 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 11:53 - 2014-03-25 21:32 - 00000000 ____D () C:\Windows\pss
2014-03-09 08:16 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-09 08:11 - 2014-03-09 08:13 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-03-28 07:25 - 2014-03-26 06:09 - 00010881 _____ () C:\Users\Bob\Desktop\FRST.txt
2014-03-28 07:25 - 2014-03-21 16:48 - 00000000 ____D () C:\FRST
2014-03-28 07:25 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 07:25 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 07:21 - 2012-08-19 16:12 - 01342700 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 07:19 - 2014-03-27 11:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-28 07:17 - 2012-08-19 16:09 - 00158006 _____ () C:\Windows\PFRO.log
2014-03-28 07:17 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 07:17 - 2009-07-14 00:51 - 00095011 _____ () C:\Windows\setupact.log
2014-03-28 07:03 - 2012-08-20 09:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 03:24 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Skype
2014-03-27 16:58 - 2012-08-19 14:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-27 13:19 - 2014-03-27 13:19 - 00000100 _____ () C:\Users\Bob\Downloads\ESETScan.txt
2014-03-27 11:26 - 2014-03-27 11:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-27 11:26 - 2014-03-27 11:25 - 02347384 _____ (ESET) C:\Users\Bob\Downloads\esetsmartinstaller_enu.exe
2014-03-27 11:21 - 2014-03-20 08:37 - 00000000 ____D () C:\Windows\ERDNT
2014-03-27 11:18 - 2013-10-24 15:20 - 00000000 ____D () C:\Users\Jordan\AppData\Local\ROBLOX Corporation
2014-03-27 11:02 - 2014-03-27 11:02 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-27 11:02 - 2014-03-27 11:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 11:02 - 2014-03-27 11:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-27 10:58 - 2014-03-27 10:58 - 00000760 _____ () C:\Users\Bob\Desktop\JRT.txt
2014-03-27 10:49 - 2014-03-27 10:49 - 00000000 ____D () C:\Windows\ERUNT
2014-03-27 10:48 - 2014-03-27 10:48 - 00002328 _____ () C:\Users\Bob\Downloads\AdwCleaner[S0].txt
2014-03-27 10:43 - 2014-03-27 10:39 - 00000000 ____D () C:\AdwCleaner
2014-03-27 10:34 - 2014-03-27 10:34 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Bob\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 10:33 - 2014-03-27 10:33 - 01038974 _____ (Thisisu) C:\Users\Bob\Desktop\JRT.exe
2014-03-27 10:33 - 2014-03-27 10:32 - 01950720 _____ () C:\Users\Bob\Desktop\AdwCleaner.exe
2014-03-26 06:18 - 2014-03-22 10:13 - 00031283 _____ () C:\Users\Jordan\Desktop\FRST.txt
2014-03-25 23:03 - 2012-08-20 09:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-25 23:03 - 2012-08-20 09:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-25 23:03 - 2012-08-20 09:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-25 21:45 - 2014-03-14 13:53 - 00000282 __RSH () C:\Users\Jordan\ntuser.pol
2014-03-25 21:45 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\Jordan
2014-03-25 21:41 - 2014-03-14 13:48 - 00000008 __RSH () C:\Users\Bob\ntuser.pol
2014-03-25 21:41 - 2012-08-19 13:58 - 00000000 ____D () C:\Users\Bob
2014-03-25 21:39 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-25 21:32 - 2014-03-09 11:53 - 00000000 ____D () C:\Windows\pss
2014-03-25 21:32 - 2012-08-19 14:02 - 00000000 ___RD () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 21:26 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 06:20 - 2014-03-25 06:20 - 00369295 _____ () C:\Users\Bob\Desktop\TDSSKiller.txt
2014-03-25 06:01 - 2014-03-25 06:01 - 00014057 _____ () C:\Users\Bob\Desktop\combofix.txt
2014-03-25 02:48 - 2014-03-25 02:48 - 00014057 _____ () C:\ComboFix.txt
2014-03-25 02:48 - 2014-03-24 12:51 - 00000000 ____D () C:\Qoobox
2014-03-25 02:48 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-03-25 02:44 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-24 12:50 - 2014-03-22 11:30 - 05192353 ____R (Swearware) C:\Users\Bob\Desktop\ComboFix.exe
2014-03-24 07:26 - 2014-03-24 07:26 - 00000000 ____D () C:\Users\Bob\Desktop\TDSSKiller
2014-03-24 07:25 - 2014-03-24 07:25 - 04113320 _____ () C:\Users\Bob\Downloads\tdsskiller.zip
2014-03-23 18:11 - 2014-03-23 18:08 - 00004586 _____ () C:\Users\Jordan\Desktop\Rkill.txt
2014-03-23 18:07 - 2014-03-23 18:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jordan\Desktop\rkill.exe
2014-03-22 13:37 - 2014-03-22 13:32 - 04110135 _____ () C:\Users\Jordan\Downloads\tdsskiller(1).zip
2014-03-22 11:29 - 2014-03-22 11:26 - 02218636 _____ () C:\Users\Jordan\Downloads\tdsskiller.zip
2014-03-22 10:50 - 2014-03-22 10:39 - 00030227 _____ () C:\Users\Jordan\Desktop\Addition.txt
2014-03-21 07:13 - 2014-03-26 06:13 - 02157056 _____ (Farbar) C:\Users\Jordan\Desktop\FRST64.exe
2014-03-21 07:13 - 2014-03-21 07:13 - 02157056 _____ (Farbar) C:\Users\Bob\Desktop\FRST64.exe
2014-03-21 07:12 - 2014-03-21 07:12 - 00987448 _____ () C:\Users\Jordan\Desktop\SecurityCheck.exe
2014-03-20 21:10 - 2014-03-20 21:10 - 00001947 _____ () C:\Users\Bob\Desktop\aswMBR.txt
2014-03-20 21:10 - 2014-03-20 21:10 - 00000512 _____ () C:\Users\Bob\Desktop\MBR.dat
2014-03-20 11:30 - 2014-03-20 11:30 - 00002808 _____ () C:\Users\Bob\Desktop\attach.zip
2014-03-20 11:06 - 2014-03-20 11:06 - 00008311 _____ () C:\Users\Bob\Desktop\attach.txt
2014-03-20 11:05 - 2014-03-20 11:06 - 00008923 _____ () C:\Users\Bob\Desktop\dds.txt
2014-03-20 08:34 - 2014-03-20 08:30 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Jordan\Desktop\ERUNT.lnk
2014-03-20 08:33 - 2014-03-20 08:33 - 00000909 _____ () C:\Users\Bob\Desktop\ERUNT.lnk
2014-03-19 13:46 - 2014-03-19 13:46 - 04745728 _____ (AVAST Software) C:\Users\Jordan\Desktop\aswMBR.exe
2014-03-19 13:44 - 2014-03-19 13:44 - 00688992 ____R (Swearware) C:\Users\Jordan\Desktop\dds.com
2014-03-19 13:33 - 2014-03-19 13:33 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Desktop\erunt-setup.exe
2014-03-15 04:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-15 03:25 - 2009-07-14 00:45 - 00338000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 03:24 - 2013-08-19 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 16:59 - 2012-08-19 19:03 - 00000000 ____D () C:\Users\Jordan\AppData\Roaming\Skype
2014-03-14 16:47 - 2014-03-14 15:44 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-14 16:31 - 2014-03-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-14 16:04 - 2014-03-14 16:03 - 13670584 _____ (Microsoft Corporation) C:\Users\Bob\Downloads\mseinstall.exe
2014-03-14 15:44 - 2014-03-14 15:43 - 00000000 ____D () C:\50afdc55646263780c
2014-03-14 15:38 - 2014-03-14 15:37 - 13670584 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\mseinstall.exe
2014-03-14 15:23 - 2013-12-24 00:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 13:48 - 2012-12-05 17:12 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-14 12:11 - 2012-08-19 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-14 12:06 - 2012-08-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble
2014-03-14 11:20 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Spanish II
2014-03-14 11:20 - 2014-03-14 11:08 - 00000000 ____D () C:\Users\Jordan\Documents\Honors English I
2014-03-14 11:19 - 2014-03-14 11:09 - 00000000 ____D () C:\Users\Jordan\Documents\Honors Biology
2014-03-14 11:19 - 2013-08-21 13:25 - 00000000 ____D () C:\Users\Jordan\Documents\FLVS English I Virtual Backpack
2014-03-13 13:21 - 2014-03-13 13:21 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 12:42 - 2014-03-09 12:41 - 00688992 _____ (Swearware) C:\Users\Jordan\Downloads\dds.com
2014-03-09 12:36 - 2014-03-09 12:35 - 00791393 _____ (Lars Hederer ) C:\Users\Jordan\Downloads\erunt-setup.exe
2014-03-09 09:42 - 2013-11-11 14:01 - 00000000 ____D () C:\Users\Bob\AppData\Local\LogMeIn Hamachi
2014-03-09 08:13 - 2014-03-09 08:11 - 25640672 _____ (Microsoft Corporation) C:\Users\Jordan\Downloads\Windows-KB890830-x64-V5.9.exe
2014-03-09 07:49 - 2012-08-19 15:01 - 00000000 ____D () C:\Users\Jordan\AppData\Local\Mozilla
2014-03-09 07:46 - 2014-03-09 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-09 07:46 - 2012-08-19 14:41 - 00000000 ____D () C:\Users\Bob\AppData\Local\Mozilla
2014-03-09 07:43 - 2012-08-19 14:02 - 00001417 _____ () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 09:26 - 2014-03-27 11:02 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-27 11:02 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-27 11:02 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 01:33 - 2013-07-22 20:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 01:33 - 2012-08-19 19:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-01 02:05 - 2014-03-14 16:34 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-14 16:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-14 16:34 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-14 16:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-14 16:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-14 16:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-14 16:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-14 16:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-14 16:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-14 16:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-14 16:34 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-14 16:34 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-14 16:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-14 16:34 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-14 16:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-14 16:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-14 16:34 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-14 16:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-14 16:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-14 16:34 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-14 16:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-14 16:34 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-14 16:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-14 16:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-14 16:34 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-14 16:34 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-14 16:34 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-14 16:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-14 16:34 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-14 16:34 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-14 16:34 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-14 16:34 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-14 16:34 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-14 16:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-14 16:34 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-14 16:34 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-14 16:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:34 - 2013-08-21 13:41 - 00000000 ____D () C:\Users\Public\Documents\TT Algebra 2
2014-02-26 14:20 - 2009-07-14 01:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-26 12:49 - 2013-08-18 13:30 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-21 07:39
==================== End Of Log ============================
Any Remaining Issues
None that I can detect. The computer has been running smoothly non-stop for about 36 hours now.
Hi barlee,
None that I can detect. The computer has been running smoothly non-stop for about 36 hours now.
Your log appears to be clean.
We have a few items to take care of before we get to the All Clean Speech.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Remove Disinfection Tools
Download Delfix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Tick the following boxes:
Remove disinfection tools
Create registry backup
Purge system restore
http://i1269.photobucket.com/albums/jj590/OCD-WTT/Delfix_zpsa4372efd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Delfix_zpsa4372efd.gif.html)
Click Run
Any other tools and files found can simply be deleted or uninstall via the Control Panel.
= = = = = = = = = = = = = = = = = = = =
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Uninstall Combofix
The following will implement important cleanup procedures as well as reset System Restore points:
Click on the Start button http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html) and then in the Search field enter combofix /uninstall, as shown in the image below with the blue arrow.
Please note that there is a space between combofix and /uninstall.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/CFwindows-7-start-menu_zps188282d2.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/CFwindows-7-start-menu_zps188282d2.jpg.html)
Once you have typed this in, press Enter on your keyboard. A Open File security warning will appear asking if you are sure you want to run ComboFix. Please click on the Run button to start the program.
ComboFix will now uninstall itself from your computer and remove any backups and quarantined files. When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Removing/Uninstalling AdwCleaner:
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) You can now delete any tools and/or logs remaining on your desktop.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Uninstall via Programs and Features
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
Java 7 Update 10
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Update Java
Get the current version of Java (Version 7 Update 51) by going to http://java.com/en/download/installed.jsp
Select the Verify Java Version button and follow the onscreen instructions to update if necessary.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Disable Java in Web Browsers
There is a vulnerability with regards to Java and web browsers. Therefore, we recommend to disable java in web browsers.
More information can be found here: http://www.techsupportforum.com/forums/f50/disable-java-in-browsers-683721.html
Click on the Start button and then click on the Control Panel option.
In the Control Panel Search enter Java Control Panel.
Click on the Java icon to open the Java Control Panel.
Disable Java through the Java Control Panel
In the Java Control Panel, click on the Security tab.
Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser.
Click Apply. When the Windows User Account Control (UAC) dialog appears, allow permissions to make the changes.
Click OK in the Java Plug-in confirmation window.
Restart the browser for changes to take effect.
=========================
With the above items taken care of let's move on to the All Clean part of the process.
The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.
This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.
Here are some tips to reduce the potential for spyware infection in the future:
Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:
NoScript (https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss)
AdBlockPlus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/)
Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
Free Anti-Virus
Avast Free Antivirus (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html)
Avira Free Antivirus 2013 (http://download.cnet.com/Avira-Free-Antivirus-2013/3000-2239_4-10322935.html)
PC Tools AntiVirus Free (http://download.cnet.com/PC-Tools-AntiVirus-Free/3000-2239_4-10625067.html)
Ad-Aware Free Antivirus + (http://download.cnet.com/Ad-Aware-Free-Antivirus/3000-8022_4-10045910.html)
Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/forums/tutorial60.html).
Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)
Comodo Firewall (http://download.cnet.com/Comodo-Firewall/3000-10435_4-75181464.html)
Make sure you keep your Windows OS current. Windows XP users can visit Windows update (http://v4.windowsupdate.microsoft.com/en/default.asp) regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.
Consider a custom hosts file such as MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.htm). This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 (http://www.mvps.org/winhelp2002/hosts.htm)
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.
WOT (http://www.mywot.com/) (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
OCD,
I've completed the items listed in your last post and I've taken the extra safety procedures outlined in the All Clean process. Thanks again.
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.