Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91700 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

I don't know maybe malware what I do? [Solved]

malware virus

  • This topic is locked This topic is locked
31 replies to this topic

#1 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 15 June 2014 - 09:05 AM

Hi everyone 

I would like to share with you my problem. My computer has a problem applying windows updates. For example at first couldn't make a restore point , at second every time that was shuting down was trying to apply the windows updates but with no success. So I assumed that may be a virus or malware and downloaded a couple of free antivirus programs, but I cannot install them (due to a proble - log) even though a time in the past I was successful installing them. What I do now? 

By the way I tried OTL so I have some lof files.

Thanks for your time

Attached Files


    Advertisements

Register to Remove


#2 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 15 June 2014 - 09:41 AM

I moved your topic to a more appropriate forum seeing as how you have virus/malware problems.   :)  
 
Hi and Welcome!!   
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 
Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 

81mYIKe.jpg  AdwCleaner
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------
 

N4qAiMQ.jpgFRST
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
----------
 

weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------


Posted Image
 
 

#3 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 15 June 2014 - 02:55 PM

Hi Jeff thanks for your response... Actually Adw found some suspicious files so I deleted right away. So now about the logs you asked me to give you...

AdwCleaner[R2]

# AdwCleaner v3.212 - Report created 15/06/2014 at 23:46:49
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Νίκος - NICK-THE-GREEK
# Running from : E:\Τα Αρχεία\Anti Malware\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\ProgramData\systemk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Startup_urls] : hxxp://www.default-search.net?sid=476&aid=147&itype=n&ver=12302&tm=324&src=hmp
Found [Startup_urls] : hxxp://www.default-search.net?sid=476&aid=147&itype=a&ver=12692&tm=324&src=hmp
 
*************************
 
AdwCleaner[R0].txt - [10775 octets] - [15/06/2014 23:12:04]
AdwCleaner[R1].txt - [1732 octets] - [15/06/2014 23:24:13]
AdwCleaner[R2].txt - [1593 octets] - [15/06/2014 23:46:49]
AdwCleaner[S0].txt - [9803 octets] - [15/06/2014 23:22:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1713 octets] ##########
 
 
FRST
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Νίκος (administrator) on NICK-THE-GREEK on 15-06-2014 23:48:23
Running from E:\Τα Αρχεία\Anti Malware
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Greek
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(BitTorrent Inc.) C:\Users\Νίκος\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Dropbox, Inc.) C:\Users\Νίκος\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-12-04] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1672371835-1477520047-1789977004-1000\...\Run: [uTorrent] => C:\Users\Νίκος\AppData\Roaming\uTorrent\uTorrent.exe [1267536 2014-06-12] (BitTorrent Inc.)
HKU\S-1-5-21-1672371835-1477520047-1789977004-1000\...\Run: [GoogleChromeAutoLaunch_571D22E49CCFB829BACD91D4C5AB2D91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Νίκος\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Νίκος\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\systemk\sysapcrt.dll
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.e-shop.gr
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {B43E4D8D-4662-40D6-8F64-3A9C0ACE97AF} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.gr/
CHR StartupUrls: "hxxp://www.google.gr/", "hxxp://www.default-search.net?sid=476&aid=147&itype=n&ver=12302&tm=324&src=hmp", "hxxp://www.default-search.net?sid=476&aid=147&itype=a&ver=12692&tm=324&src=hmp"
CHR Extension: (Google Docs) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-07]
CHR Extension: (Google Drive) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-07]
CHR Extension: (YouTube) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-07]
CHR Extension: (Google Search) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-07]
CHR Extension: (AdBlock) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-07]
CHR Extension: (PDF To Word Converter) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\kijcidehmghliocaelamimgiaiogcjal [2014-04-01]
CHR Extension: (Πορτοφόλι Google) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-07]
CHR Extension: (Bloxorz) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-07]
 
==================== Services (Whitelisted) =================
 
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49560 2012-09-17] (Asmedia Technology)
S3 drtxzqnm; C:\Windows\System32\Drivers\drtxzqnm.sys [423240 2014-06-15] (AVAST Software)
S3 hsjzfvjk; C:\Windows\System32\Drivers\hsjzfvjk.sys [423240 2014-06-15] (AVAST Software)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
S3 jqaiimcs; C:\Windows\System32\Drivers\jqaiimcs.sys [423240 2014-06-15] (AVAST Software)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 qfphbyli; C:\Windows\System32\Drivers\qfphbyli.sys [423240 2014-06-14] (AVAST Software)
S1 MpKslebb8eb5e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{80921F45-E94E-4862-9D4D-383285032197}\MpKslebb8eb5e.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\Avg2014
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-15 23:40 - 2014-06-15 23:42 - 00000000 ____D () C:\windows\LastGood
2014-06-15 23:26 - 2014-06-15 23:48 - 00000000 ____D () C:\FRST
2014-06-15 23:12 - 2014-06-15 23:47 - 00000000 ____D () C:\AdwCleaner
2014-06-15 23:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-15 23:03 - 2014-06-15 23:03 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\drtxzqnm.sys
2014-06-15 17:28 - 2014-06-15 17:28 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\hsjzfvjk.sys
2014-06-15 17:00 - 2014-06-15 23:42 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-15 17:00 - 2014-06-15 17:00 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\MFAData
2014-06-15 16:49 - 2014-06-15 16:49 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\jqaiimcs.sys
2014-06-15 16:42 - 2014-06-15 16:42 - 00003536 ____N () C:\bootsqm.dat
2014-06-14 22:05 - 2014-06-14 22:05 - 00002124 _____ () C:\Users\Νίκος\Desktop\Microsoft Security Essentials.lnk
2014-06-14 21:05 - 2014-06-14 21:05 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\QuickScan
2014-06-14 20:59 - 2014-06-14 20:59 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\qfphbyli.sys
2014-06-14 20:56 - 2014-06-14 20:59 - 94714880 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup.exe
2014-06-12 19:57 - 2014-06-08 12:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-12 19:57 - 2014-06-08 12:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-11 18:11 - 2014-06-11 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-06-09 21:17 - 2014-06-14 15:54 - 00000000 ____D () C:\Users\Νίκος\Downloads\The 40 Year Old Virgin [Unrated] (2005)
2014-05-30 23:38 - 2014-06-04 19:30 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-05-27 21:02 - 2014-05-27 21:02 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-27 21:02 - 2014-05-27 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Δήλωση χρήστη Canon MG2400 series
2014-05-27 21:00 - 2014-05-27 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
2014-05-27 21:00 - 2014-05-27 21:00 - 00000000 ____D () C:\Program Files\Canon
2014-05-21 15:31 - 2014-05-21 15:31 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\Spoon
2014-05-21 15:31 - 2011-12-09 08:56 - 01931256 _____ (Codejock Software) C:\windows\SysWOW64\Codejock.Controls.Unicode.v15.2.1.ocx
2014-05-21 15:31 - 2011-12-09 08:56 - 00587768 _____ (Codejock Software) C:\windows\SysWOW64\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2014-05-21 15:31 - 2011-12-09 08:55 - 02775032 _____ (Codejock Software) C:\windows\SysWOW64\Codejock.CommandBars.Unicode.v15.2.1.ocx
2014-05-21 15:31 - 2009-12-29 11:35 - 02536072 _____ (gdpicture.com) C:\windows\SysWOW64\gdpicturepro5.ocx
2014-05-21 15:31 - 2009-12-29 11:35 - 02524808 _____ (gdpicture.com) C:\windows\SysWOW64\gdimgplug.dll
2014-05-21 15:31 - 2009-07-14 02:03 - 01722880 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2014-05-19 20:52 - 2014-05-19 20:52 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-05-19 20:52 - 2014-05-19 20:52 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-05-19 20:41 - 2014-05-19 20:41 - 00000000 __SHD () C:\Users\Νίκος\AppData\Local\EmieUserList
2014-05-19 20:41 - 2014-05-19 20:41 - 00000000 __SHD () C:\Users\Νίκος\AppData\Local\EmieSiteList
2014-05-19 00:06 - 2014-06-15 23:23 - 00000000 ____D () C:\ProgramData\systemk
 
==================== One Month Modified Files and Folders =======
 
2014-06-15 23:48 - 2014-06-15 23:26 - 00000000 ____D () C:\FRST
2014-06-15 23:48 - 2013-11-22 17:49 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\Temp
2014-06-15 23:47 - 2014-06-15 23:12 - 00000000 ____D () C:\AdwCleaner
2014-06-15 23:46 - 2013-11-22 19:16 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\uTorrent
2014-06-15 23:45 - 2013-11-22 17:48 - 01865762 _____ () C:\windows\WindowsUpdate.log
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\Avg2014
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-15 23:42 - 2014-06-15 23:42 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-15 23:42 - 2014-06-15 23:40 - 00000000 ____D () C:\windows\LastGood
2014-06-15 23:42 - 2014-06-15 17:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-15 23:42 - 2013-11-25 04:42 - 00003118 _____ () C:\windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-06-15 23:42 - 2013-11-25 04:42 - 00003092 _____ () C:\windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-06-15 23:42 - 2013-11-25 04:42 - 00003090 _____ () C:\windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-06-15 23:42 - 2013-11-25 04:42 - 00003062 _____ () C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-06-15 23:42 - 2013-11-25 04:42 - 00003060 _____ () C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-06-15 23:42 - 2009-07-14 07:51 - 00169059 _____ () C:\windows\setupact.log
2014-06-15 23:41 - 2009-07-14 07:45 - 00021888 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 23:41 - 2009-07-14 07:45 - 00021888 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 23:38 - 2013-11-21 17:48 - 00606732 _____ () C:\windows\system32\perfh008.dat
2014-06-15 23:38 - 2013-11-21 17:48 - 00110928 _____ () C:\windows\system32\perfc008.dat
2014-06-15 23:38 - 2009-07-14 08:13 - 01488880 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-15 23:36 - 2014-04-15 20:07 - 00000000 ___RD () C:\Users\Νίκος\Dropbox
2014-06-15 23:36 - 2014-04-15 20:07 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\DropboxMaster
2014-06-15 23:36 - 2014-04-15 20:05 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\Dropbox
2014-06-15 23:35 - 2014-01-07 20:50 - 00001178 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 23:34 - 2009-07-14 08:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-15 23:23 - 2014-05-19 00:06 - 00000000 ____D () C:\ProgramData\systemk
2014-06-15 23:23 - 2010-11-21 06:47 - 00711722 _____ () C:\windows\PFRO.log
2014-06-15 23:17 - 2013-11-21 18:47 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 23:03 - 2014-06-15 23:03 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\drtxzqnm.sys
2014-06-15 23:03 - 2014-01-07 20:50 - 00001182 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 22:17 - 2013-12-21 21:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Temp
2014-06-15 17:28 - 2014-06-15 17:28 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\hsjzfvjk.sys
2014-06-15 17:06 - 2014-02-09 17:33 - 00000000 ____D () C:\Program Files (x86)\Arena
2014-06-15 17:00 - 2014-06-15 17:00 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\MFAData
2014-06-15 16:49 - 2014-06-15 16:49 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\jqaiimcs.sys
2014-06-15 16:42 - 2014-06-15 16:42 - 00003536 ____N () C:\bootsqm.dat
2014-06-15 16:32 - 2013-11-23 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-15 12:02 - 2009-07-14 08:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-06-14 23:38 - 2013-11-25 04:10 - 00000000 ____D () C:\Users\Νίκος\.maplesoft
2014-06-14 22:49 - 2009-07-14 06:20 - 00000000 ____D () C:\windows\system32\NDF
2014-06-14 22:05 - 2014-06-14 22:05 - 00002124 _____ () C:\Users\Νίκος\Desktop\Microsoft Security Essentials.lnk
2014-06-14 21:05 - 2014-06-14 21:05 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\QuickScan
2014-06-14 20:59 - 2014-06-14 20:59 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\qfphbyli.sys
2014-06-14 20:59 - 2014-06-14 20:56 - 94714880 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup.exe
2014-06-14 20:59 - 2013-11-22 20:01 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-14 20:55 - 2013-11-23 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-06-14 20:55 - 2013-11-23 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-14 16:07 - 2013-11-22 22:06 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-14 15:54 - 2014-06-09 21:17 - 00000000 ____D () C:\Users\Νίκος\Downloads\The 40 Year Old Virgin [Unrated] (2005)
2014-06-13 02:17 - 2013-11-23 21:44 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 02:16 - 2013-11-23 21:44 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 02:15 - 2014-05-06 16:10 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-13 01:05 - 2014-01-07 20:51 - 00002196 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 18:11 - 2014-06-11 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-06-11 18:11 - 2013-12-21 21:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-06-08 12:13 - 2014-06-12 19:57 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 12:08 - 2014-06-12 19:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-06 13:32 - 2014-03-04 10:18 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-06 13:32 - 2014-03-04 10:18 - 00001097 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-04 19:30 - 2014-05-30 23:38 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-05-31 19:37 - 2009-07-14 08:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-05-31 16:30 - 2009-07-14 08:08 - 00032502 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-05-28 01:20 - 2014-04-15 20:07 - 00001031 _____ () C:\Users\Νίκος\Desktop\Dropbox.lnk
2014-05-28 01:20 - 2014-04-15 20:07 - 00000000 ____D () C:\Users\Νίκος\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 01:20 - 2013-11-22 17:49 - 00000000 ___RD () C:\Users\Νίκος\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 21:02 - 2014-05-27 21:02 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-27 21:02 - 2014-05-27 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Δήλωση χρήστη Canon MG2400 series
2014-05-27 21:02 - 2013-11-22 18:57 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-05-27 21:02 - 2013-11-22 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-27 21:02 - 2013-11-22 18:52 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-27 21:00 - 2014-05-27 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
2014-05-27 21:00 - 2014-05-27 21:00 - 00000000 ____D () C:\Program Files\Canon
2014-05-21 15:31 - 2014-05-21 15:31 - 00000000 ____D () C:\Users\Νίκος\AppData\Local\Spoon
2014-05-21 15:13 - 2013-12-21 21:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Canon
2014-05-19 20:52 - 2014-05-19 20:52 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-05-19 20:52 - 2014-05-19 20:52 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-05-19 20:41 - 2014-05-19 20:41 - 00000000 __SHD () C:\Users\Νίκος\AppData\Local\EmieUserList
2014-05-19 20:41 - 2014-05-19 20:41 - 00000000 __SHD () C:\Users\Νίκος\AppData\Local\EmieSiteList
2014-05-19 20:23 - 2009-07-14 06:20 - 00000000 ____D () C:\windows\rescache
2014-05-19 18:57 - 2013-12-21 21:09 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 18:57 - 2013-12-21 21:09 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
 
Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Guest\AppData\Local\Temp\SPSetup.exe
C:\Users\Νίκος\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Νίκος\AppData\Local\Temp\CPUID.dll
C:\Users\Νίκος\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpicfryc.dll
C:\Users\Νίκος\AppData\Local\Temp\Maint000.exe
C:\Users\Νίκος\AppData\Local\Temp\Maint001.exe
C:\Users\Νίκος\AppData\Local\Temp\Maint002.exe
C:\Users\Νίκος\AppData\Local\Temp\Maint003.exe
C:\Users\Νίκος\AppData\Local\Temp\MouseKeyboardCenterx64_1032.exe
C:\Users\Νίκος\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Νίκος\AppData\Local\Temp\nsaEAD8.exe
C:\Users\Νίκος\AppData\Local\Temp\nsaEE33.exe
C:\Users\Νίκος\AppData\Local\Temp\nskCED.exe
C:\Users\Νίκος\AppData\Local\Temp\nspA9B.exe
C:\Users\Νίκος\AppData\Local\Temp\nsx7CF.tmp.exe
C:\Users\Νίκος\AppData\Local\Temp\safeguard.exe
C:\Users\Νίκος\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Νίκος\AppData\Local\Temp\SIntf16.dll
C:\Users\Νίκος\AppData\Local\Temp\SIntf32.dll
C:\Users\Νίκος\AppData\Local\Temp\SIntfNT.dll
C:\Users\Νίκος\AppData\Local\Temp\sp-downloader.exe
C:\Users\Νίκος\AppData\Local\Temp\ubi38FB.tmp.exe
C:\Users\Νίκος\AppData\Local\Temp\{1C69B023-04B3-43C4-B3A3-3F7CD9EE5AF5}-31.0.1650.57_chrome_installer.exe
C:\Users\Νίκος\AppData\Local\Temp\{DDFDCC83-8F1E-42E0-92B4-DFBE02EF18B4}.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-09 20:44
 
==================== End Of Log ============================
 
TDSSKiller.3.0.0.39_15.06.2014_23.50.04_log
 
23:50:04.0370 0x0a70  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
23:50:04.0371 0x0a70  UEFI system
23:50:06.0242 0x0a70  ============================================================
23:50:06.0242 0x0a70  Current date / time: 2014/06/15 23:50:06.0242
23:50:06.0242 0x0a70  SystemInfo:
23:50:06.0242 0x0a70  
23:50:06.0242 0x0a70  OS Version: 6.1.7601 ServicePack: 1.0
23:50:06.0242 0x0a70  Product type: Workstation
23:50:06.0242 0x0a70  ComputerName: NICK-THE-GREEK
23:50:06.0242 0x0a70  UserName: Νίκος
23:50:06.0242 0x0a70  Windows directory: C:\windows
23:50:06.0242 0x0a70  System windows directory: C:\windows
23:50:06.0242 0x0a70  Running under WOW64
23:50:06.0242 0x0a70  Processor architecture: Intel x64
23:50:06.0242 0x0a70  Number of processors: 4
23:50:06.0242 0x0a70  Page size: 0x1000
23:50:06.0242 0x0a70  Boot type: Normal boot
23:50:06.0242 0x0a70  ============================================================
23:50:06.0243 0x0a70  BG loaded
23:50:06.0336 0x0a70  System UUID: {B4AE7A6D-4DF2-C1E0-C461-F558EE6D2B56}
23:50:06.0629 0x0a70  Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 ( 59.63 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:50:06.0639 0x0a70  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:50:06.0642 0x0a70  ============================================================
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0:
23:50:06.0642 0x0a70  GPT partitions:
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {043D5706-08EC-4380-B9F0-144A4AA60D3F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF5000
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4189DF63-4091-4B42-8D77-C0F13F23CA9A}, Name: EFI system partition, StartLBA 0xF5800, BlocksNum 0x32000
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {87A77AD5-87EA-482F-8B3C-FCDA0BC2FF74}, Name: Microsoft reserved partition, StartLBA 0x127800, BlocksNum 0x40000
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C13E7391-E5B0-41B4-B095-E57646D0E047}, Name: Basic data partition, StartLBA 0x167800, BlocksNum 0x6AF9800
23:50:06.0642 0x0a70  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0A7483B3-D3D3-4706-A681-9AE268687234}, Name: Basic data partition, StartLBA 0x6C61000, BlocksNum 0xADF800
23:50:06.0642 0x0a70  MBR partitions:
23:50:06.0642 0x0a70  \Device\Harddisk1\DR1:
23:50:06.0642 0x0a70  MBR partitions:
23:50:06.0643 0x0a70  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:50:06.0643 0x0a70  ============================================================
23:50:06.0648 0x0a70  E: <-> \Device\Harddisk1\DR1\Partition1
23:50:06.0649 0x0a70  C: <-> \Device\Harddisk0\DR0\Partition4
23:50:06.0649 0x0a70  ============================================================
23:50:06.0649 0x0a70  Initialize success
23:50:06.0649 0x0a70  ============================================================
23:50:07.0847 0x095c  ============================================================
23:50:07.0847 0x095c  Scan started
23:50:07.0847 0x095c  Mode: Manual; 
23:50:07.0847 0x095c  ============================================================
23:50:07.0847 0x095c  KSN ping started
23:50:15.0092 0x095c  KSN ping finished: true
23:50:15.0323 0x095c  ================ Scan system memory ========================
23:50:15.0323 0x095c  System memory - ok
23:50:15.0323 0x095c  ================ Scan services =============================
23:50:15.0355 0x095c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
23:50:15.0358 0x095c  1394ohci - ok
23:50:15.0372 0x095c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
23:50:15.0376 0x095c  ACPI - ok
23:50:15.0379 0x095c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
23:50:15.0379 0x095c  AcpiPmi - ok
23:50:15.0384 0x095c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:50:15.0385 0x095c  AdobeARMservice - ok
23:50:15.0410 0x095c  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:50:15.0413 0x095c  AdobeFlashPlayerUpdateSvc - ok
23:50:15.0424 0x095c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
23:50:15.0430 0x095c  adp94xx - ok
23:50:15.0438 0x095c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
23:50:15.0442 0x095c  adpahci - ok
23:50:15.0447 0x095c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
23:50:15.0449 0x095c  adpu320 - ok
23:50:15.0454 0x095c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
23:50:15.0455 0x095c  AeLookupSvc - ok
23:50:15.0465 0x095c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
23:50:15.0472 0x095c  AFD - ok
23:50:15.0475 0x095c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
23:50:15.0476 0x095c  agp440 - ok
23:50:15.0479 0x095c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
23:50:15.0480 0x095c  ALG - ok
23:50:15.0483 0x095c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
23:50:15.0484 0x095c  aliide - ok
23:50:15.0486 0x095c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
23:50:15.0486 0x095c  amdide - ok
23:50:15.0489 0x095c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
23:50:15.0490 0x095c  AmdK8 - ok
23:50:15.0494 0x095c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
23:50:15.0495 0x095c  AmdPPM - ok
23:50:15.0498 0x095c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
23:50:15.0500 0x095c  amdsata - ok
23:50:15.0505 0x095c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
23:50:15.0507 0x095c  amdsbs - ok
23:50:15.0509 0x095c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
23:50:15.0510 0x095c  amdxata - ok
23:50:15.0513 0x095c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
23:50:15.0514 0x095c  AppID - ok
23:50:15.0517 0x095c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
23:50:15.0518 0x095c  AppIDSvc - ok
23:50:15.0521 0x095c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
23:50:15.0522 0x095c  Appinfo - ok
23:50:15.0526 0x095c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
23:50:15.0527 0x095c  arc - ok
23:50:15.0531 0x095c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
23:50:15.0532 0x095c  arcsas - ok
23:50:15.0535 0x095c  [ 64EC096828FC6FE9BF3F46CEACBE595D, 5CA59BA25CA65F01EE6BF4AE8F89110E464E8F17DC8788AF155D4F6D3A1C6D7B ] asahci64        C:\windows\system32\drivers\asahci64.sys
23:50:15.0536 0x095c  asahci64 - ok
23:50:15.0546 0x095c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:50:15.0547 0x095c  aspnet_state - ok
23:50:15.0550 0x095c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
23:50:15.0551 0x095c  AsyncMac - ok
23:50:15.0553 0x095c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
23:50:15.0554 0x095c  atapi - ok
23:50:15.0580 0x095c  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\windows\system32\DRIVERS\athrx.sys
23:50:15.0599 0x095c  athr - ok
23:50:15.0614 0x095c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:50:15.0622 0x095c  AudioEndpointBuilder - ok
23:50:15.0634 0x095c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
23:50:15.0642 0x095c  AudioSrv - ok
23:50:15.0646 0x095c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
23:50:15.0648 0x095c  AxInstSV - ok
23:50:15.0657 0x095c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
23:50:15.0663 0x095c  b06bdrv - ok
23:50:15.0670 0x095c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
23:50:15.0673 0x095c  b57nd60a - ok
23:50:15.0678 0x095c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
23:50:15.0680 0x095c  BDESVC - ok
23:50:15.0683 0x095c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
23:50:15.0683 0x095c  Beep - ok
23:50:15.0697 0x095c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
23:50:15.0706 0x095c  BFE - ok
23:50:15.0721 0x095c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
23:50:15.0732 0x095c  BITS - ok
23:50:15.0736 0x095c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
23:50:15.0736 0x095c  blbdrive - ok
23:50:15.0739 0x095c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
23:50:15.0741 0x095c  bowser - ok
23:50:15.0743 0x095c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
23:50:15.0743 0x095c  BrFiltLo - ok
23:50:15.0745 0x095c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
23:50:15.0746 0x095c  BrFiltUp - ok
23:50:15.0750 0x095c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
23:50:15.0752 0x095c  Browser - ok
23:50:15.0758 0x095c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
23:50:15.0761 0x095c  Brserid - ok
23:50:15.0765 0x095c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
23:50:15.0765 0x095c  BrSerWdm - ok
23:50:15.0768 0x095c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
23:50:15.0768 0x095c  BrUsbMdm - ok
23:50:15.0771 0x095c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
23:50:15.0771 0x095c  BrUsbSer - ok
23:50:15.0774 0x095c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
23:50:15.0775 0x095c  BTHMODEM - ok
23:50:15.0779 0x095c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
23:50:15.0780 0x095c  bthserv - ok
23:50:15.0784 0x095c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
23:50:15.0785 0x095c  cdfs - ok
23:50:15.0790 0x095c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\drivers\cdrom.sys
23:50:15.0792 0x095c  cdrom - ok
23:50:15.0796 0x095c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
23:50:15.0797 0x095c  CertPropSvc - ok
23:50:15.0800 0x095c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
23:50:15.0801 0x095c  circlass - ok
23:50:15.0808 0x095c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
23:50:15.0813 0x095c  CLFS - ok
23:50:15.0817 0x095c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:50:15.0818 0x095c  clr_optimization_v2.0.50727_32 - ok
23:50:15.0823 0x095c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:50:15.0824 0x095c  clr_optimization_v2.0.50727_64 - ok
23:50:15.0833 0x095c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:50:15.0835 0x095c  clr_optimization_v4.0.30319_32 - ok
23:50:15.0839 0x095c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:50:15.0841 0x095c  clr_optimization_v4.0.30319_64 - ok
23:50:15.0843 0x095c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
23:50:15.0844 0x095c  CmBatt - ok
23:50:15.0846 0x095c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
23:50:15.0847 0x095c  cmdide - ok
23:50:15.0856 0x095c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
23:50:15.0861 0x095c  CNG - ok
23:50:15.0864 0x095c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
23:50:15.0865 0x095c  Compbatt - ok
23:50:15.0867 0x095c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
23:50:15.0868 0x095c  CompositeBus - ok
23:50:15.0870 0x095c  COMSysApp - ok
23:50:15.0892 0x095c  [ DE349A1897AC17B9A4EED03B1481CF4F, 39CE25350C3B1819602F9CA4EBF736518BDBADEFC3113A5DF7F3233B819FD534 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
23:50:15.0896 0x095c  cphs - ok
23:50:15.0899 0x095c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
23:50:15.0899 0x095c  crcdisk - ok
23:50:15.0905 0x095c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
23:50:15.0908 0x095c  CryptSvc - ok
23:50:15.0911 0x095c  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
23:50:15.0912 0x095c  dc3d - ok
23:50:15.0922 0x095c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
23:50:15.0930 0x095c  DcomLaunch - ok
23:50:15.0937 0x095c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
23:50:15.0940 0x095c  defragsvc - ok
23:50:15.0944 0x095c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
23:50:15.0946 0x095c  DfsC - ok
23:50:15.0952 0x095c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
23:50:15.0956 0x095c  Dhcp - ok
23:50:15.0960 0x095c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
23:50:15.0960 0x095c  discache - ok
23:50:15.0963 0x095c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
23:50:15.0964 0x095c  Disk - ok
23:50:15.0969 0x095c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
23:50:15.0972 0x095c  Dnscache - ok
23:50:15.0978 0x095c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
23:50:15.0981 0x095c  dot3svc - ok
23:50:15.0986 0x095c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
23:50:15.0988 0x095c  DPS - ok
23:50:15.0991 0x095c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
23:50:15.0992 0x095c  drmkaud - ok
23:50:16.0001 0x095c  [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] drtxzqnm        C:\windows\system32\drivers\drtxzqnm.sys
23:50:16.0006 0x095c  drtxzqnm - ok
23:50:16.0024 0x095c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
23:50:16.0035 0x095c  DXGKrnl - ok
23:50:16.0040 0x095c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
23:50:16.0041 0x095c  EapHost - ok
23:50:16.0092 0x095c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
23:50:16.0129 0x095c  ebdrv - ok
23:50:16.0136 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
23:50:16.0137 0x095c  EFS - ok
23:50:16.0150 0x095c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
23:50:16.0158 0x095c  ehRecvr - ok
23:50:16.0162 0x095c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
23:50:16.0163 0x095c  ehSched - ok
23:50:16.0174 0x095c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
23:50:16.0180 0x095c  elxstor - ok
23:50:16.0183 0x095c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
23:50:16.0183 0x095c  ErrDev - ok
23:50:16.0193 0x095c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
23:50:16.0198 0x095c  EventSystem - ok
23:50:16.0203 0x095c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
23:50:16.0206 0x095c  exfat - ok
23:50:16.0211 0x095c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
23:50:16.0213 0x095c  fastfat - ok
23:50:16.0226 0x095c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
23:50:16.0235 0x095c  Fax - ok
23:50:16.0238 0x095c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
23:50:16.0238 0x095c  fdc - ok
23:50:16.0241 0x095c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
23:50:16.0241 0x095c  fdPHost - ok
23:50:16.0244 0x095c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
23:50:16.0245 0x095c  FDResPub - ok
23:50:16.0248 0x095c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
23:50:16.0249 0x095c  FileInfo - ok
23:50:16.0251 0x095c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
23:50:16.0251 0x095c  Filetrace - ok
23:50:16.0254 0x095c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
23:50:16.0254 0x095c  flpydisk - ok
23:50:16.0260 0x095c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
23:50:16.0264 0x095c  FltMgr - ok
23:50:16.0284 0x095c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
23:50:16.0298 0x095c  FontCache - ok
23:50:16.0302 0x095c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:50:16.0303 0x095c  FontCache3.0.0.0 - ok
23:50:16.0306 0x095c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
23:50:16.0306 0x095c  FsDepends - ok
23:50:16.0309 0x095c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
23:50:16.0309 0x095c  Fs_Rec - ok
23:50:16.0315 0x095c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
23:50:16.0317 0x095c  fvevol - ok
23:50:16.0321 0x095c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
23:50:16.0321 0x095c  gagp30kx - ok
23:50:16.0335 0x095c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
23:50:16.0344 0x095c  gpsvc - ok
23:50:16.0351 0x095c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:50:16.0352 0x095c  gupdate - ok
23:50:16.0355 0x095c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:50:16.0356 0x095c  gupdatem - ok
23:50:16.0359 0x095c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
23:50:16.0359 0x095c  hcw85cir - ok
23:50:16.0367 0x095c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:50:16.0371 0x095c  HdAudAddService - ok
23:50:16.0375 0x095c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
23:50:16.0377 0x095c  HDAudBus - ok
23:50:16.0380 0x095c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
23:50:16.0380 0x095c  HidBatt - ok
23:50:16.0383 0x095c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
23:50:16.0385 0x095c  HidBth - ok
23:50:16.0388 0x095c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
23:50:16.0388 0x095c  HidIr - ok
23:50:16.0391 0x095c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
23:50:16.0392 0x095c  hidserv - ok
23:50:16.0395 0x095c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
23:50:16.0395 0x095c  HidUsb - ok
23:50:16.0398 0x095c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
23:50:16.0400 0x095c  hkmsvc - ok
23:50:16.0405 0x095c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:50:16.0409 0x095c  HomeGroupListener - ok
23:50:16.0414 0x095c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:50:16.0417 0x095c  HomeGroupProvider - ok
23:50:16.0420 0x095c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
23:50:16.0422 0x095c  HpSAMD - ok
23:50:16.0431 0x095c  [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] hsjzfvjk        C:\windows\system32\drivers\hsjzfvjk.sys
23:50:16.0436 0x095c  hsjzfvjk - ok
23:50:16.0449 0x095c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
23:50:16.0458 0x095c  HTTP - ok
23:50:16.0461 0x095c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
23:50:16.0462 0x095c  hwpolicy - ok
23:50:16.0465 0x095c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
23:50:16.0467 0x095c  i8042prt - ok
23:50:16.0478 0x095c  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
23:50:16.0486 0x095c  iaStorA - ok
23:50:16.0489 0x095c  [ B9D5AE799CB622C144AE5399C55EF29B, 5C2858590436EEDDE029C5448AEC3ACBB1C0FCED23F305302BAF831C6EC1654A ] iaStorF         C:\windows\system32\drivers\iaStorF.sys
23:50:16.0490 0x095c  iaStorF - ok
23:50:16.0498 0x095c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
23:50:16.0502 0x095c  iaStorV - ok
23:50:16.0518 0x095c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:50:16.0528 0x095c  idsvc - ok
23:50:16.0531 0x095c  IEEtwCollectorService - ok
23:50:16.0597 0x095c  [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
23:50:16.0644 0x095c  igfx - ok
23:50:16.0651 0x095c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
23:50:16.0652 0x095c  iirsp - ok
23:50:16.0657 0x095c  [ C5E4602D85029C666A42890A3B2DFA45, 0D462704C507A83CB447AA0DF8A9FFAE2A16DD2D6882798E26C03F8B2C8A2C62 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
23:50:16.0658 0x095c  IJPLMSVC - ok
23:50:16.0673 0x095c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
23:50:16.0683 0x095c  IKEEXT - ok
23:50:16.0743 0x095c  [ FA2B7507CD49908B2260949E52F8B9FE, 0EA0B3B25A3B668CA18313E34138DADA5C9835E476A1BFC56588B946DF0A92E0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
23:50:16.0785 0x095c  IntcAzAudAddService - ok
23:50:16.0799 0x095c  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
23:50:16.0804 0x095c  IntcDAud - ok
23:50:16.0806 0x095c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
23:50:16.0807 0x095c  intelide - ok
23:50:16.0809 0x095c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
23:50:16.0810 0x095c  intelppm - ok
23:50:16.0814 0x095c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
23:50:16.0815 0x095c  IPBusEnum - ok
23:50:16.0819 0x095c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
23:50:16.0820 0x095c  IpFilterDriver - ok
23:50:16.0830 0x095c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
23:50:16.0837 0x095c  iphlpsvc - ok
23:50:16.0840 0x095c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
23:50:16.0841 0x095c  IPMIDRV - ok
23:50:16.0845 0x095c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
23:50:16.0846 0x095c  IPNAT - ok
23:50:16.0849 0x095c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
23:50:16.0850 0x095c  IRENUM - ok
23:50:16.0852 0x095c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
23:50:16.0853 0x095c  isapnp - ok
23:50:16.0859 0x095c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
23:50:16.0862 0x095c  iScsiPrt - ok
23:50:16.0865 0x095c  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\windows\system32\drivers\ISCTD64.sys
23:50:16.0866 0x095c  ISCT - ok
23:50:16.0869 0x095c  [ 7A4D015FF432645C55C162DADAEA143E, 21A4B1D52028E02E63EB348F8A98A426E5B07B897FE153CCB4ACE7692385BEC5 ] iusb3hcs        C:\windows\system32\drivers\iusb3hcs.sys
23:50:16.0869 0x095c  iusb3hcs - ok
23:50:16.0876 0x095c  [ 5D6164479F6F900ACD287FDC6935532E, 6CA16351458E07687ED93A8B6131826D886B9B276BF62617711502665B3127B3 ] iusb3hub        C:\windows\system32\drivers\iusb3hub.sys
23:50:16.0881 0x095c  iusb3hub - ok
23:50:16.0895 0x095c  [ 9F5687C7EFA906E4F33586D393F7C257, 27295FACA7841A5E1DF8964C4C20B4CC889743A1088068E194B4C59B24E41D21 ] iusb3xhc        C:\windows\system32\drivers\iusb3xhc.sys
23:50:16.0904 0x095c  iusb3xhc - ok
23:50:16.0914 0x095c  [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] jqaiimcs        C:\windows\system32\drivers\jqaiimcs.sys
23:50:16.0918 0x095c  jqaiimcs - ok
23:50:16.0922 0x095c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
23:50:16.0923 0x095c  kbdclass - ok
23:50:16.0925 0x095c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
23:50:16.0926 0x095c  kbdhid - ok
23:50:16.0928 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
23:50:16.0929 0x095c  KeyIso - ok
23:50:16.0933 0x095c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
23:50:16.0934 0x095c  KSecDD - ok
23:50:16.0938 0x095c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
23:50:16.0940 0x095c  KSecPkg - ok
23:50:16.0943 0x095c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
23:50:16.0943 0x095c  ksthunk - ok
23:50:16.0950 0x095c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
23:50:16.0955 0x095c  KtmRm - ok
23:50:16.0961 0x095c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
23:50:16.0964 0x095c  LanmanServer - ok
23:50:16.0969 0x095c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:50:16.0971 0x095c  LanmanWorkstation - ok
23:50:16.0975 0x095c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
23:50:16.0976 0x095c  lltdio - ok
23:50:16.0982 0x095c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
23:50:16.0986 0x095c  lltdsvc - ok
23:50:16.0989 0x095c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
23:50:16.0990 0x095c  lmhosts - ok
23:50:16.0994 0x095c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
23:50:16.0996 0x095c  LSI_FC - ok
23:50:16.0999 0x095c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
23:50:17.0001 0x095c  LSI_SAS - ok
23:50:17.0004 0x095c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
23:50:17.0005 0x095c  LSI_SAS2 - ok
23:50:17.0008 0x095c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
23:50:17.0010 0x095c  LSI_SCSI - ok
23:50:17.0014 0x095c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
23:50:17.0015 0x095c  luafv - ok
23:50:17.0019 0x095c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
23:50:17.0020 0x095c  Mcx2Svc - ok
23:50:17.0023 0x095c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
23:50:17.0024 0x095c  megasas - ok
23:50:17.0030 0x095c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
23:50:17.0033 0x095c  MegaSR - ok
23:50:17.0037 0x095c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\windows\system32\drivers\HECIx64.sys
23:50:17.0038 0x095c  MEIx64 - ok
23:50:17.0043 0x095c  Microsoft SharePoint Workspace Audit Service - ok
23:50:17.0046 0x095c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
23:50:17.0048 0x095c  MMCSS - ok
23:50:17.0051 0x095c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
23:50:17.0052 0x095c  Modem - ok
23:50:17.0054 0x095c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
23:50:17.0054 0x095c  monitor - ok
23:50:17.0057 0x095c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
23:50:17.0058 0x095c  mouclass - ok
23:50:17.0060 0x095c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
23:50:17.0061 0x095c  mouhid - ok
23:50:17.0064 0x095c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
23:50:17.0066 0x095c  mountmgr - ok
23:50:17.0073 0x095c  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
23:50:17.0076 0x095c  MpFilter - ok
23:50:17.0081 0x095c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
23:50:17.0083 0x095c  mpio - ok
23:50:17.0087 0x095c  MpKslebb8eb5e - ok
23:50:17.0090 0x095c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
23:50:17.0091 0x095c  mpsdrv - ok
23:50:17.0106 0x095c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
23:50:17.0116 0x095c  MpsSvc - ok
23:50:17.0121 0x095c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
23:50:17.0122 0x095c  MRxDAV - ok
23:50:17.0127 0x095c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
23:50:17.0129 0x095c  mrxsmb - ok
23:50:17.0135 0x095c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
23:50:17.0139 0x095c  mrxsmb10 - ok
23:50:17.0143 0x095c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
23:50:17.0145 0x095c  mrxsmb20 - ok
23:50:17.0147 0x095c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
23:50:17.0148 0x095c  msahci - ok
23:50:17.0152 0x095c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
23:50:17.0154 0x095c  msdsm - ok
23:50:17.0158 0x095c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
23:50:17.0160 0x095c  MSDTC - ok
23:50:17.0164 0x095c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
23:50:17.0165 0x095c  Msfs - ok
23:50:17.0167 0x095c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
23:50:17.0168 0x095c  mshidkmdf - ok
23:50:17.0170 0x095c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
23:50:17.0170 0x095c  msisadrv - ok
23:50:17.0175 0x095c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
23:50:17.0177 0x095c  MSiSCSI - ok
23:50:17.0179 0x095c  msiserver - ok
23:50:17.0181 0x095c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
23:50:17.0182 0x095c  MSKSSRV - ok
23:50:17.0186 0x095c  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:50:17.0186 0x095c  MsMpSvc - ok
23:50:17.0190 0x095c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
23:50:17.0190 0x095c  MSPCLOCK - ok
23:50:17.0192 0x095c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
23:50:17.0192 0x095c  MSPQM - ok
23:50:17.0200 0x095c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
23:50:17.0204 0x095c  MsRPC - ok
23:50:17.0208 0x095c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
23:50:17.0209 0x095c  mssmbios - ok
23:50:17.0211 0x095c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
23:50:17.0211 0x095c  MSTEE - ok
23:50:17.0214 0x095c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
23:50:17.0215 0x095c  MTConfig - ok
23:50:17.0218 0x095c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
23:50:17.0219 0x095c  Mup - ok
23:50:17.0227 0x095c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
23:50:17.0233 0x095c  napagent - ok
23:50:17.0241 0x095c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
23:50:17.0244 0x095c  NativeWifiP - ok
23:50:17.0261 0x095c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
23:50:17.0273 0x095c  NDIS - ok
23:50:17.0276 0x095c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
23:50:17.0277 0x095c  NdisCap - ok
23:50:17.0279 0x095c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
23:50:17.0279 0x095c  NdisTapi - ok
23:50:17.0282 0x095c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
23:50:17.0283 0x095c  Ndisuio - ok
23:50:17.0287 0x095c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
23:50:17.0289 0x095c  NdisWan - ok
23:50:17.0293 0x095c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
23:50:17.0294 0x095c  NDProxy - ok
23:50:17.0296 0x095c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
23:50:17.0297 0x095c  NetBIOS - ok
23:50:17.0303 0x095c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
23:50:17.0306 0x095c  NetBT - ok
23:50:17.0308 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
23:50:17.0309 0x095c  Netlogon - ok
23:50:17.0317 0x095c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
23:50:17.0321 0x095c  Netman - ok
23:50:17.0330 0x095c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:50:17.0332 0x095c  NetMsmqActivator - ok
23:50:17.0336 0x095c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:50:17.0337 0x095c  NetPipeActivator - ok
23:50:17.0347 0x095c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
23:50:17.0352 0x095c  netprofm - ok
23:50:17.0357 0x095c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:50:17.0358 0x095c  NetTcpActivator - ok
23:50:17.0362 0x095c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:50:17.0364 0x095c  NetTcpPortSharing - ok
23:50:17.0367 0x095c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
23:50:17.0367 0x095c  nfrd960 - ok
23:50:17.0372 0x095c  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
23:50:17.0374 0x095c  NisDrv - ok
23:50:17.0381 0x095c  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:50:17.0385 0x095c  NisSrv - ok
23:50:17.0392 0x095c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
23:50:17.0396 0x095c  NlaSvc - ok
23:50:17.0399 0x095c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
23:50:17.0400 0x095c  Npfs - ok
23:50:17.0403 0x095c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
23:50:17.0404 0x095c  nsi - ok
23:50:17.0406 0x095c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
23:50:17.0407 0x095c  nsiproxy - ok
23:50:17.0436 0x095c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
23:50:17.0454 0x095c  Ntfs - ok
23:50:17.0458 0x095c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
23:50:17.0458 0x095c  Null - ok
23:50:17.0462 0x095c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
23:50:17.0464 0x095c  nvraid - ok
23:50:17.0468 0x095c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
23:50:17.0470 0x095c  nvstor - ok
23:50:17.0475 0x095c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
23:50:17.0476 0x095c  nv_agp - ok
23:50:17.0480 0x095c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
23:50:17.0481 0x095c  ohci1394 - ok
23:50:17.0486 0x095c  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:50:17.0488 0x095c  ose64 - ok
23:50:17.0566 0x095c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:50:17.0620 0x095c  osppsvc - ok
23:50:17.0634 0x095c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
23:50:17.0638 0x095c  p2pimsvc - ok
23:50:17.0647 0x095c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
23:50:17.0653 0x095c  p2psvc - ok
23:50:17.0657 0x095c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
23:50:17.0658 0x095c  Parport - ok
23:50:17.0661 0x095c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
23:50:17.0662 0x095c  partmgr - ok
23:50:17.0667 0x095c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
23:50:17.0670 0x095c  PcaSvc - ok
23:50:17.0675 0x095c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
23:50:17.0677 0x095c  pci - ok
23:50:17.0679 0x095c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
23:50:17.0680 0x095c  pciide - ok
23:50:17.0685 0x095c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
23:50:17.0687 0x095c  pcmcia - ok
23:50:17.0690 0x095c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
23:50:17.0691 0x095c  pcw - ok
23:50:17.0702 0x095c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
23:50:17.0710 0x095c  PEAUTH - ok
23:50:17.0731 0x095c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
23:50:17.0732 0x095c  PerfHost - ok
23:50:17.0757 0x095c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
23:50:17.0774 0x095c  pla - ok
23:50:17.0784 0x095c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
23:50:17.0789 0x095c  PlugPlay - ok
23:50:17.0791 0x095c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
23:50:17.0792 0x095c  PNRPAutoReg - ok
23:50:17.0799 0x095c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
23:50:17.0803 0x095c  PNRPsvc - ok
23:50:17.0806 0x095c  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\windows\system32\DRIVERS\point64.sys
23:50:17.0807 0x095c  Point64 - ok
23:50:17.0817 0x095c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
23:50:17.0823 0x095c  PolicyAgent - ok
23:50:17.0830 0x095c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
23:50:17.0833 0x095c  Power - ok
23:50:17.0837 0x095c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
23:50:17.0838 0x095c  PptpMiniport - ok
23:50:17.0841 0x095c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
23:50:17.0842 0x095c  Processor - ok
23:50:17.0847 0x095c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
23:50:17.0850 0x095c  ProfSvc - ok
23:50:17.0853 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
23:50:17.0854 0x095c  ProtectedStorage - ok
23:50:17.0858 0x095c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
23:50:17.0859 0x095c  Psched - ok
23:50:17.0869 0x095c  [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] qfphbyli        C:\windows\system32\drivers\qfphbyli.sys
23:50:17.0873 0x095c  qfphbyli - ok
23:50:17.0899 0x095c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
23:50:17.0916 0x095c  ql2300 - ok
23:50:17.0921 0x095c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
23:50:17.0922 0x095c  ql40xx - ok
23:50:17.0928 0x095c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
23:50:17.0932 0x095c  QWAVE - ok
23:50:17.0935 0x095c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
23:50:17.0936 0x095c  QWAVEdrv - ok
23:50:17.0937 0x095c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
23:50:17.0938 0x095c  RasAcd - ok
23:50:17.0941 0x095c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
23:50:17.0942 0x095c  RasAgileVpn - ok
23:50:17.0945 0x095c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
23:50:17.0947 0x095c  RasAuto - ok
23:50:17.0951 0x095c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
23:50:17.0953 0x095c  Rasl2tp - ok
23:50:17.0960 0x095c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
23:50:17.0964 0x095c  RasMan - ok
23:50:17.0968 0x095c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
23:50:17.0969 0x095c  RasPppoe - ok
23:50:17.0972 0x095c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
23:50:17.0973 0x095c  RasSstp - ok
23:50:17.0979 0x095c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
23:50:17.0983 0x095c  rdbss - ok
23:50:17.0986 0x095c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
23:50:17.0986 0x095c  rdpbus - ok
23:50:17.0988 0x095c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
23:50:17.0989 0x095c  RDPCDD - ok
23:50:17.0992 0x095c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
23:50:17.0992 0x095c  RDPENCDD - ok
23:50:17.0995 0x095c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
23:50:17.0995 0x095c  RDPREFMP - ok
23:50:18.0000 0x095c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
23:50:18.0000 0x095c  RdpVideoMiniport - ok
23:50:18.0006 0x095c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
23:50:18.0008 0x095c  RDPWD - ok
23:50:18.0013 0x095c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
23:50:18.0015 0x095c  rdyboost - ok
23:50:18.0019 0x095c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
23:50:18.0021 0x095c  RemoteAccess - ok
23:50:18.0025 0x095c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
23:50:18.0028 0x095c  RemoteRegistry - ok
23:50:18.0031 0x095c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
23:50:18.0032 0x095c  RpcEptMapper - ok
23:50:18.0035 0x095c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
23:50:18.0036 0x095c  RpcLocator - ok
23:50:18.0045 0x095c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
23:50:18.0052 0x095c  RpcSs - ok
23:50:18.0056 0x095c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
23:50:18.0057 0x095c  rspndr - ok
23:50:18.0072 0x095c  [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
23:50:18.0082 0x095c  RTL8167 - ok
23:50:18.0085 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
23:50:18.0086 0x095c  SamSs - ok
23:50:18.0090 0x095c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
23:50:18.0091 0x095c  sbp2port - ok
23:50:18.0096 0x095c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
23:50:18.0099 0x095c  SCardSvr - ok
23:50:18.0103 0x095c  [ 20AE08C7072DD0263651F7E6D60D0ACD, AF7981F5909B5B928F2D935E40C858E65F32C85433E0C9927557ADB29EFC98CC ] SCDEmu          C:\windows\system32\drivers\SCDEmu.sys
23:50:18.0104 0x095c  SCDEmu - ok
23:50:18.0107 0x095c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
23:50:18.0107 0x095c  scfilter - ok
23:50:18.0126 0x095c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
23:50:18.0140 0x095c  Schedule - ok
23:50:18.0144 0x095c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
23:50:18.0145 0x095c  SCPolicySvc - ok
23:50:18.0149 0x095c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
23:50:18.0152 0x095c  SDRSVC - ok
23:50:18.0155 0x095c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
23:50:18.0155 0x095c  secdrv - ok
23:50:18.0158 0x095c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
23:50:18.0159 0x095c  seclogon - ok
23:50:18.0162 0x095c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
23:50:18.0164 0x095c  SENS - ok
23:50:18.0167 0x095c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
23:50:18.0168 0x095c  SensrSvc - ok
23:50:18.0170 0x095c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
23:50:18.0171 0x095c  Serenum - ok
23:50:18.0174 0x095c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
23:50:18.0175 0x095c  Serial - ok
23:50:18.0178 0x095c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
23:50:18.0179 0x095c  sermouse - ok
23:50:18.0185 0x095c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
23:50:18.0187 0x095c  SessionEnv - ok
23:50:18.0190 0x095c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
23:50:18.0190 0x095c  sffdisk - ok
23:50:18.0192 0x095c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
23:50:18.0193 0x095c  sffp_mmc - ok
23:50:18.0195 0x095c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
23:50:18.0196 0x095c  sffp_sd - ok
23:50:18.0198 0x095c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
23:50:18.0199 0x095c  sfloppy - ok
23:50:18.0206 0x095c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
23:50:18.0211 0x095c  SharedAccess - ok
23:50:18.0218 0x095c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:50:18.0223 0x095c  ShellHWDetection - ok
23:50:18.0227 0x095c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
23:50:18.0228 0x095c  SiSRaid2 - ok
23:50:18.0231 0x095c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
23:50:18.0232 0x095c  SiSRaid4 - ok
23:50:18.0238 0x095c  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:50:18.0240 0x095c  SkypeUpdate - ok
23:50:18.0243 0x095c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
23:50:18.0244 0x095c  Smb - ok
23:50:18.0248 0x095c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
23:50:18.0249 0x095c  SNMPTRAP - ok
23:50:18.0252 0x095c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
23:50:18.0252 0x095c  spldr - ok
23:50:18.0263 0x095c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
23:50:18.0270 0x095c  Spooler - ok
23:50:18.0326 0x095c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
23:50:18.0366 0x095c  sppsvc - ok
23:50:18.0373 0x095c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
23:50:18.0375 0x095c  sppuinotify - ok
23:50:18.0384 0x095c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
23:50:18.0389 0x095c  srv - ok
23:50:18.0398 0x095c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
23:50:18.0403 0x095c  srv2 - ok
23:50:18.0407 0x095c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
23:50:18.0409 0x095c  srvnet - ok
23:50:18.0415 0x095c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
23:50:18.0418 0x095c  SSDPSRV - ok
23:50:18.0421 0x095c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
23:50:18.0423 0x095c  SstpSvc - ok
23:50:18.0425 0x095c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
23:50:18.0426 0x095c  stexstor - ok
23:50:18.0437 0x095c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
23:50:18.0444 0x095c  stisvc - ok
23:50:18.0447 0x095c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
23:50:18.0447 0x095c  swenum - ok
23:50:18.0457 0x095c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
23:50:18.0464 0x095c  swprv - ok
23:50:18.0493 0x095c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
23:50:18.0514 0x095c  SysMain - ok
23:50:18.0518 0x095c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
23:50:18.0520 0x095c  TabletInputService - ok
23:50:18.0528 0x095c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
23:50:18.0532 0x095c  TapiSrv - ok
23:50:18.0535 0x095c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
23:50:18.0537 0x095c  TBS - ok
23:50:18.0567 0x095c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
23:50:18.0589 0x095c  Tcpip - ok
23:50:18.0621 0x095c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
23:50:18.0643 0x095c  TCPIP6 - ok
23:50:18.0648 0x095c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
23:50:18.0649 0x095c  tcpipreg - ok
23:50:18.0652 0x095c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
23:50:18.0653 0x095c  TDPIPE - ok
23:50:18.0655 0x095c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
23:50:18.0656 0x095c  TDTCP - ok
23:50:18.0659 0x095c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
23:50:18.0661 0x095c  tdx - ok
23:50:18.0745 0x095c  [ AB2CB86BB4046B6C68A95EDC2760F9DC, 9E99CAE125CEE04940BB1D7E0ADE18F9D69F19A98B5BE09923BAC143323C08DC ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
23:50:18.0803 0x095c  TeamViewer9 - ok
23:50:18.0813 0x095c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
23:50:18.0814 0x095c  TermDD - ok
23:50:18.0817 0x095c  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\windows\system32\drivers\terminpt.sys
23:50:18.0817 0x095c  terminpt - ok
23:50:18.0831 0x095c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
23:50:18.0840 0x095c  TermService - ok
23:50:18.0844 0x095c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
23:50:18.0845 0x095c  Themes - ok
23:50:18.0848 0x095c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
23:50:18.0849 0x095c  THREADORDER - ok
23:50:18.0853 0x095c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
23:50:18.0855 0x095c  TrkWks - ok
23:50:18.0860 0x095c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:50:18.0862 0x095c  TrustedInstaller - ok
23:50:18.0866 0x095c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
23:50:18.0867 0x095c  tssecsrv - ok
23:50:18.0870 0x095c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
23:50:18.0871 0x095c  TsUsbFlt - ok
23:50:18.0873 0x095c  [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
23:50:18.0874 0x095c  TsUsbGD - ok
23:50:18.0878 0x095c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
23:50:18.0879 0x095c  tunnel - ok
23:50:18.0882 0x095c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
23:50:18.0883 0x095c  uagp35 - ok
23:50:18.0890 0x095c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
23:50:18.0894 0x095c  udfs - ok
23:50:18.0898 0x095c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
23:50:18.0900 0x095c  UI0Detect - ok
23:50:18.0903 0x095c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
23:50:18.0904 0x095c  uliagpkx - ok
23:50:18.0906 0x095c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
23:50:18.0907 0x095c  umbus - ok
23:50:18.0910 0x095c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
23:50:18.0910 0x095c  UmPass - ok
23:50:18.0917 0x095c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
23:50:18.0922 0x095c  upnphost - ok
23:50:18.0926 0x095c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
23:50:18.0927 0x095c  usbccgp - ok
23:50:18.0931 0x095c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
23:50:18.0932 0x095c  usbcir - ok
23:50:18.0935 0x095c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
23:50:18.0936 0x095c  usbehci - ok
23:50:18.0944 0x095c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
23:50:18.0948 0x095c  usbhub - ok
23:50:18.0950 0x095c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
23:50:18.0951 0x095c  usbohci - ok
23:50:18.0954 0x095c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
23:50:18.0955 0x095c  usbprint - ok
23:50:18.0958 0x095c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
23:50:18.0958 0x095c  usbscan - ok
23:50:18.0962 0x095c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
23:50:18.0963 0x095c  USBSTOR - ok
23:50:18.0965 0x095c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
23:50:18.0966 0x095c  usbuhci - ok
23:50:18.0969 0x095c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
23:50:18.0970 0x095c  UxSms - ok
23:50:18.0973 0x095c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
23:50:18.0973 0x095c  VaultSvc - ok
23:50:18.0976 0x095c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
23:50:18.0976 0x095c  vdrvroot - ok
23:50:18.0987 0x095c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
23:50:18.0994 0x095c  vds - ok
23:50:18.0997 0x095c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
23:50:18.0998 0x095c  vga - ok
23:50:19.0001 0x095c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
23:50:19.0001 0x095c  VgaSave - ok
23:50:19.0007 0x095c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
23:50:19.0009 0x095c  vhdmp - ok
23:50:19.0012 0x095c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
23:50:19.0012 0x095c  viaide - ok
23:50:19.0015 0x095c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
23:50:19.0016 0x095c  volmgr - ok
23:50:19.0023 0x095c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
23:50:19.0027 0x095c  volmgrx - ok
23:50:19.0034 0x095c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
23:50:19.0037 0x095c  volsnap - ok
23:50:19.0042 0x095c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
23:50:19.0044 0x095c  vsmraid - ok
23:50:19.0070 0x095c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
23:50:19.0090 0x095c  VSS - ok
23:50:19.0094 0x095c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
23:50:19.0094 0x095c  vwifibus - ok
23:50:19.0097 0x095c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
23:50:19.0098 0x095c  vwififlt - ok
23:50:19.0101 0x095c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
23:50:19.0102 0x095c  vwifimp - ok
23:50:19.0110 0x095c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
23:50:19.0115 0x095c  W32Time - ok
23:50:19.0119 0x095c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
23:50:19.0120 0x095c  WacomPen - ok
23:50:19.0124 0x095c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
23:50:19.0125 0x095c  WANARP - ok
23:50:19.0128 0x095c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
23:50:19.0129 0x095c  Wanarpv6 - ok
23:50:19.0152 0x095c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
23:50:19.0168 0x095c  WatAdminSvc - ok
23:50:19.0194 0x095c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
23:50:19.0212 0x095c  wbengine - ok
23:50:19.0219 0x095c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
23:50:19.0222 0x095c  WbioSrvc - ok
23:50:19.0229 0x095c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
23:50:19.0234 0x095c  wcncsvc - ok
23:50:19.0237 0x095c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:50:19.0238 0x095c  WcsPlugInService - ok
23:50:19.0240 0x095c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
23:50:19.0241 0x095c  Wd - ok
23:50:19.0254 0x095c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
23:50:19.0263 0x095c  Wdf01000 - ok
23:50:19.0268 0x095c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
23:50:19.0270 0x095c  WdiServiceHost - ok
23:50:19.0273 0x095c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
23:50:19.0275 0x095c  WdiSystemHost - ok
23:50:19.0281 0x095c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
23:50:19.0285 0x095c  WebClient - ok
23:50:19.0291 0x095c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
23:50:19.0295 0x095c  Wecsvc - ok
23:50:19.0298 0x095c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
23:50:19.0300 0x095c  wercplsupport - ok
23:50:19.0304 0x095c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
23:50:19.0305 0x095c  WerSvc - ok
23:50:19.0308 0x095c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
23:50:19.0308 0x095c  WfpLwf - ok
23:50:19.0310 0x095c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
23:50:19.0311 0x095c  WIMMount - ok
23:50:19.0313 0x095c  WinDefend - ok
23:50:19.0316 0x095c  WinHttpAutoProxySvc - ok
23:50:19.0325 0x095c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
23:50:19.0329 0x095c  Winmgmt - ok
23:50:19.0361 0x095c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
23:50:19.0386 0x095c  WinRM - ok
23:50:19.0393 0x095c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
23:50:19.0394 0x095c  WinUSB - ok
23:50:19.0409 0x095c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
23:50:19.0420 0x095c  Wlansvc - ok
23:50:19.0424 0x095c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
23:50:19.0424 0x095c  WmiAcpi - ok
23:50:19.0430 0x095c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
23:50:19.0432 0x095c  wmiApSrv - ok
23:50:19.0434 0x095c  WMPNetworkSvc - ok
23:50:19.0437 0x095c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
23:50:19.0438 0x095c  WPCSvc - ok
23:50:19.0442 0x095c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
23:50:19.0444 0x095c  WPDBusEnum - ok
23:50:19.0446 0x095c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
23:50:19.0447 0x095c  ws2ifsl - ok
23:50:19.0450 0x095c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
23:50:19.0452 0x095c  wscsvc - ok
23:50:19.0454 0x095c  WSearch - ok
23:50:19.0495 0x095c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
23:50:19.0525 0x095c  wuauserv - ok
23:50:19.0533 0x095c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
23:50:19.0534 0x095c  WudfPf - ok
23:50:19.0539 0x095c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
23:50:19.0542 0x095c  WUDFRd - ok
23:50:19.0545 0x095c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
23:50:19.0547 0x095c  wudfsvc - ok
23:50:19.0553 0x095c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
23:50:19.0556 0x095c  WwanSvc - ok
23:50:19.0560 0x095c  ================ Scan global ===============================
23:50:19.0563 0x095c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
23:50:19.0568 0x095c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
23:50:19.0576 0x095c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
23:50:19.0581 0x095c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
23:50:19.0587 0x095c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
23:50:19.0592 0x095c  [ Global ] - ok
23:50:19.0592 0x095c  ================ Scan MBR ==================================
23:50:19.0594 0x095c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:50:19.0597 0x095c  \Device\Harddisk0\DR0 - ok
23:50:19.0639 0x095c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:50:19.0646 0x095c  \Device\Harddisk1\DR1 - ok
23:50:19.0647 0x095c  ================ Scan VBR ==================================
23:50:19.0648 0x095c  [ 8D9F99B61D706B37DE8468A63F553EE8 ] \Device\Harddisk0\DR0\Partition1
23:50:19.0649 0x095c  \Device\Harddisk0\DR0\Partition1 - ok
23:50:19.0651 0x095c  [ E32E9CCB197C44B3E89FFDF265917188 ] \Device\Harddisk0\DR0\Partition2
23:50:19.0651 0x095c  \Device\Harddisk0\DR0\Partition2 - ok
23:50:19.0653 0x095c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:50:19.0654 0x095c  \Device\Harddisk0\DR0\Partition3 - ok
23:50:19.0656 0x095c  [ BB3BD8389E530B81D4725FAE1D2B6B50 ] \Device\Harddisk0\DR0\Partition4
23:50:19.0657 0x095c  \Device\Harddisk0\DR0\Partition4 - ok
23:50:19.0659 0x095c  [ 59599ADDC90D69D4EA88FBE2490DB4E6 ] \Device\Harddisk0\DR0\Partition5
23:50:19.0660 0x095c  \Device\Harddisk0\DR0\Partition5 - ok
23:50:19.0661 0x095c  [ 6F570B03627C8B19DA66C3F3C719D655 ] \Device\Harddisk1\DR1\Partition1
23:50:19.0729 0x095c  \Device\Harddisk1\DR1\Partition1 - ok
23:50:19.0730 0x095c  ================ Scan generic autorun ======================
23:50:19.0741 0x095c  [ 84E03DD7724B62DEC929DB82126CF91B, 96E5EC7CE28462EF36A965BA89E0FCD0D547892920223D200D2D6944B9D1A05E ] C:\windows\system32\igfxtray.exe
23:50:19.0746 0x095c  IgfxTray - ok
23:50:19.0760 0x095c  [ A1356178D8311B070769A0E393EE265E, 4E90E40F097A15264F04A16FD956D15DDD40EFF71B6B8CF1C1FAC32269D99CA1 ] C:\windows\system32\hkcmd.exe
23:50:19.0769 0x095c  HotKeysCmds - ok
23:50:19.0782 0x095c  [ 675DF9B7CD33C976C80D52428327D003, 17AB5875FFAD7D80681534C65E74D4E917B53ABAEACD45C302075EEAB685F9DA ] C:\windows\system32\igfxpers.exe
23:50:19.0791 0x095c  Persistence - ok
23:50:20.0019 0x095c  [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:50:20.0168 0x095c  RTHDVCPL - ok
23:50:20.0187 0x095c  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
23:50:20.0189 0x095c  BCSSync - ok
23:50:20.0210 0x095c  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
23:50:20.0224 0x095c  MSC - ok
23:50:20.0232 0x095c  [ 215A1B2BFFFE12452D93E067C49A5715, CAB52016D3008D40B2713EB08F5EFA5B81AA8BE3F8B28D215BF18D1D032BB38F ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
23:50:20.0235 0x095c  USB3MON - ok
23:50:20.0252 0x095c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:50:20.0262 0x095c  Adobe ARM - ok
23:50:20.0271 0x095c  [ CC06EF6D96FC479D7727078F8EF9BA65, 2665A6DFA4DD141E563607EDA6E4B5221434C028EA8D6FFF569B072032E9653D ] C:\Program Files\PowerISO\PWRISOVM.EXE
23:50:20.0275 0x095c  PWRISOVM.EXE - ok
23:50:20.0297 0x095c  [ DFCD94101C5AAE5BDE2F662A60E725EA, ACEF94E75342AE8328C21555B2D640FA80F0110ED0BDE1CB4D3188A8AE9F600F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
23:50:20.0311 0x095c  CanonQuickMenu - ok
23:50:20.0332 0x095c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:50:20.0344 0x095c  Sidebar - ok
23:50:20.0349 0x095c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:50:20.0350 0x095c  mctadmin - ok
23:50:20.0369 0x095c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:50:20.0382 0x095c  Sidebar - ok
23:50:20.0386 0x095c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:50:20.0387 0x095c  mctadmin - ok
23:50:20.0417 0x095c  [ FD1AAB63DA3A91A04F34E64CF047309E, 2E17BC863C57BA02180F5DEE8D5D93D096DC9D868AF5402EF842E16B89794377 ] C:\Users\Νίκος\AppData\Roaming\uTorrent\uTorrent.exe
23:50:20.0431 0x095c  uTorrent - ok
23:50:20.0447 0x095c  [ A5FCD42334CCC682DA1882A54338686C, 74C8B614672D1A7F0889243056EA4B3E03B5F66DFDFEFF5DD6CC17DBE088D18F ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:50:20.0456 0x095c  GoogleChromeAutoLaunch_571D22E49CCFB829BACD91D4C5AB2D91 - ok
23:50:20.0457 0x095c  Waiting for KSN requests completion. In queue: 192
23:50:21.0457 0x095c  Waiting for KSN requests completion. In queue: 137
23:50:22.0457 0x095c  Waiting for KSN requests completion. In queue: 137
23:50:23.0457 0x095c  Waiting for KSN requests completion. In queue: 137
23:50:24.0470 0x095c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
23:50:24.0472 0x095c  Win FW state via NFP2: enabled
23:50:27.0160 0x095c  ============================================================
23:50:27.0160 0x095c  Scan finished
23:50:27.0160 0x095c  ============================================================
23:50:27.0166 0x0d1c  Detected object count: 0
23:50:27.0166 0x0d1c  Actual detected object count: 0
23:50:44.0601 0x1018  Deinitialize success
 
That's all I have
Thanks 
Fashion Crab


#4 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 15 June 2014 - 07:33 PM

Hi there,
 
Please go to: VirusTotal
On the page you'll find a "Choose File" button.
Click on the Choose File button.
In the Choose File to Upload window which opens, copy and paste this into the File Name box.
 
C:\Windows\System32\Drivers\hsjzfvjk.sys
 
Next, click the Open button.
Then click the "Scan It!" button just below.
This will scan the file. Please be patient.
If you get a message saying File has already been analyzed: click Reanalyze file now
Once scanned, copy and paste the link to the results page in your next reply.
----------


Posted Image
 
 

#5 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 16 June 2014 - 04:48 AM

Hi Jeff

Actually I couldn't find the file you suggested (hsjzfvjk.sys) so I choosed the only .sys file that I found there... the link

https://www.virustot...sis/1402915510/

Thanks for your help

Fashion Crab



#6 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 16 June 2014 - 08:24 AM

Hi,
 
Ok....let's see what we can get done.   :)
 
ComboFix
 
Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2
 
**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.


 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

Posted Image
 
 

#7 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 16 June 2014 - 01:15 PM

ok this is the combo fix report

ComboFix

ComboFix 14-06-16.01 - Νίκος 16/06/2014  21:57:36.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1253.30.1032.18.7874.5314 [GMT 3:00]
Running from: c:\users\=-ΆΎ?\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-05-16 to 2014-06-16  )))))))))))))))))))))))))))))))
.
.
2014-06-16 19:02 . 2014-06-16 19:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-06-16 19:02 . 2014-06-16 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-15 21:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3B1EB2B-6B4E-443D-B26E-A23C96E5757A}\mpengine.dll
2014-06-15 21:08 . 2014-06-15 21:08 -------- d-----w- c:\users\Νίκος\AppData\Roaming\AVAST Software
2014-06-15 21:08 . 2014-06-15 21:08 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-15 21:08 . 2014-06-15 21:08 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-15 21:08 . 2014-06-15 21:08 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-15 21:08 . 2014-06-15 21:08 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-15 21:08 . 2014-06-15 21:08 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-06-15 21:08 . 2014-06-15 21:08 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-15 21:08 . 2014-06-15 21:08 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-06-15 21:08 . 2014-06-15 21:08 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-15 21:08 . 2014-06-15 21:08 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-15 21:08 . 2014-06-15 21:08 43152 ----a-w- c:\windows\avastSS.scr
2014-06-15 21:07 . 2014-06-15 21:07 -------- d-----w- c:\program files\AVAST Software
2014-06-15 20:42 . 2014-06-15 20:42 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2014-06-15 20:42 . 2014-06-15 20:42 -------- d-----w- c:\users\Νίκος\AppData\Local\Avg2014
2014-06-15 20:26 . 2014-06-15 20:48 -------- d-----w- C:\FRST
2014-06-15 20:12 . 2010-08-30 05:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-15 20:12 . 2014-06-15 20:47 -------- d-----w- C:\AdwCleaner
2014-06-15 20:03 . 2014-06-15 20:03 423240 ----a-w- c:\windows\system32\drivers\drtxzqnm.sys
2014-06-15 14:28 . 2014-06-15 14:28 423240 ----a-w- c:\windows\system32\drivers\hsjzfvjk.sys
2014-06-15 14:24 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-15 14:00 . 2014-06-15 20:42 -------- d-----w- c:\programdata\MFAData
2014-06-15 14:00 . 2014-06-15 14:00 -------- d--h--w- c:\programdata\Common Files
2014-06-15 14:00 . 2014-06-15 14:00 -------- d-----w- c:\users\Νίκος\AppData\Local\MFAData
2014-06-15 13:49 . 2014-06-15 13:49 423240 ----a-w- c:\windows\system32\drivers\jqaiimcs.sys
2014-06-14 18:05 . 2014-06-14 18:05 -------- d-----w- c:\users\Νίκος\AppData\Roaming\QuickScan
2014-06-14 17:59 . 2014-06-14 17:59 423240 ----a-w- c:\windows\system32\drivers\qfphbyli.sys
2014-06-13 19:58 . 2014-05-02 16:09 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD36F63A-8119-4778-91D1-2106986C2638}\gapaengine.dll
2014-06-12 16:57 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-12 16:57 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-11 15:11 . 2014-06-11 15:11 -------- d-----w- c:\users\Guest\AppData\Local\Adobe
2014-05-30 20:38 . 2014-06-04 16:30 -------- d--h--w- c:\programdata\CanonIJMIG
2014-05-27 18:02 . 2014-05-27 18:02 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2014-05-27 18:00 . 2014-05-27 18:00 -------- d-----w- c:\program files\Canon
2014-05-21 12:31 . 2014-05-21 12:31 -------- d-----w- c:\users\Νίκος\AppData\Local\Spoon
2014-05-21 12:31 . 2009-12-29 08:35 2524808 ----a-w- c:\windows\SysWow64\gdimgplug.dll
2014-05-21 12:31 . 2009-12-29 08:35 2536072 ----a-w- c:\windows\SysWow64\gdpicturepro5.ocx
2014-05-21 12:31 . 2009-07-13 23:03 1722880 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-05-21 12:31 . 2011-12-09 05:56 587768 ----a-w- c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2014-05-21 12:31 . 2011-12-09 05:56 1931256 ----a-w- c:\windows\SysWow64\Codejock.Controls.Unicode.v15.2.1.ocx
2014-05-21 12:31 . 2011-12-09 05:55 2775032 ----a-w- c:\windows\SysWow64\Codejock.CommandBars.Unicode.v15.2.1.ocx
2014-05-19 17:52 . 2014-05-19 17:52 -------- d-sh--w- c:\users\Guest\AppData\Local\EmieUserList
2014-05-19 17:52 . 2014-05-19 17:52 -------- d-sh--w- c:\users\Guest\AppData\Local\EmieSiteList
2014-05-19 17:41 . 2014-05-19 17:41 -------- d-sh--w- c:\users\Νίκος\AppData\Local\EmieUserList
2014-05-19 17:41 . 2014-05-19 17:41 -------- d-sh--w- c:\users\Νίκος\AppData\Local\EmieSiteList
2014-05-18 21:06 . 2014-06-15 20:23 -------- d-----w- c:\programdata\systemk
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 23:16 . 2013-11-23 18:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 18:17 . 2013-11-21 15:47 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 18:17 . 2013-11-21 15:47 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-06 04:40 . 2014-05-15 00:01 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-06 04:17 . 2014-05-15 00:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-06 03:07 . 2014-05-15 00:01 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-06 03:00 . 2014-05-15 00:01 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-02 16:09 . 2013-12-19 17:51 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-12 02:22 . 2014-05-14 19:53 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 19:53 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 19:53 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 19:53 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 19:53 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 19:53 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 19:53 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 19:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 19:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-25 02:43 . 2014-05-14 19:53 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-03-22 19:53 . 2014-03-22 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-03-19 12:27 . 2014-03-19 12:27 76496 ----a-w- c:\windows\system32\drivers\dc3d.sys
2014-03-19 12:23 . 2014-03-19 12:23 50896 ----a-w- c:\windows\system32\drivers\point64.sys
2013-11-22 15:30 . 2013-11-22 15:27 4188160 ----a-w- c:\program files (x86)\GUT55DE.tmp
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Νίκος\AppData\Roaming\uTorrent\uTorrent.exe" [2014-06-12 1267536]
"GoogleChromeAutoLaunch_571D22E49CCFB829BACD91D4C5AB2D91"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-12-04 291648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-28 958576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2014-03-11 377368]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-07-23 1282632]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-15 3890208]
.
c:\users\Νίκος\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Νίκος\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-11-24 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKslebb8eb5e;MpKslebb8eb5e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80921F45-E94E-4862-9D4D-383285032197}\MpKslebb8eb5e.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80921F45-E94E-4862-9D4D-383285032197}\MpKslebb8eb5e.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
R3 drtxzqnm;drtxzqnm; [x]
R3 hsjzfvjk;hsjzfvjk; [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jqaiimcs;jqaiimcs; [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 qfphbyli;qfphbyli; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Υπηρεσία Τεχνολογιών ενεργοποίησης των Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Πρόγραμμα οδήγησης διακόπτη κεντρικού ελεγκτή Intel® USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 IntcDAud;Ήχος οθόνης Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 iusb3hub;Πρόγραμμα οδήγησης διανομέα Intel® USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Πρόγραμμα οδήγησης επεκτάσιμου κεντρικού ελεγκτή Intel® USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 NisSrv;Επιθεώρηση δικτύου της Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 22:04 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-21 18:17]
.
2014-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 17:50]
.
2014-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 17:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-15 21:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-09-12 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-09-12 768328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-09-12 769520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
SafeBoot-41495645.sys
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1672371835-1477520047-1789977004-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{54739D49-AC03-4C57-9264-C5195596B3A1}"=hex:51,66,7a,6c,4c,1d,38,12,27,9e,60,
   50,31,e2,39,09,ed,72,86,59,50,c8,f7,b5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-16  22:04:05
ComboFix-quarantined-files.txt  2014-06-16 19:04
.
Pre-Run: 7.321.137.152 διαθέσιμα byte
Post-Run: 7.544.041.472 διαθέσιμα byte
.
- - End Of File - - F0B096657D3DAF63BA25FDC65591901E
5FB38429D5D77768867C76DCBDB35194


#8 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 16 June 2014 - 03:01 PM

81mYIKe.jpg  AdwCleaner
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

------------


Posted Image
 
 

#9 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 16 June 2014 - 04:02 PM

OK this is the file you asked

AdwCleaner[S1]

# AdwCleaner v3.212 - Report created 17/06/2014 at 00:58:29
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Νίκος - NICK-THE-GREEK
# Running from : E:\Τα Αρχεία\Anti Malware\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\systemk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\Conduit
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Νίκος\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://websearch.searchisbestmy.info/?l=1&q={searchTerms}&pid=357&r=2013/11/16&hid=13081722864936001837&lg=EN&cc=GR&unqvl=41
Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=476&aid=147&itype=n&ver=12302&tm=324&src=ds&p={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=en_GR&apn_uid=4d1164b6-feb0-40ca-bb0d-7abfac916451&apn_ptnrs=%5EAGY&apn_sauid=6BA3BFBA-1F9E-4369-8C40-2DB8A8F44ABB&apn_dtid=%5EYYYYYY%5EYY%5EGR&q={searchTerms}
Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=476&aid=147&itype=a&ver=12521&tm=324&src=ds&p={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M70FC8B97-9200-4B42-98BA-B013D1623F0E&SearchSource=58&CUI=&UM=5&UP=SP8C3B4E3F-B1F5-4928-87DE-914D134B6363&q={searchTerms}&SSPV=
Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=CME-V7&o=APN11293&pf=&p2=%5EB7N%5EYYYYYY%5EYY%5EGR&gct=&itbv=12.6.0.1638&doi=2013-11-01&apn_uid=E637E61A-ACA2-4644-9428-0B88695F34C0&apn_ptnrs=%5EB7N&apn_dtid=%5EYYYYYY%5EYY%5EGR&apn_dbr=ff_24.0&psv=barid%253D273218507331177237551065599779816244049%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10714%2526ppd%253D&trgb=CR&tbv=&crxv=&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=476&aid=147&itype=n&ver=12302&tm=324&src=hmp
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=476&aid=147&itype=a&ver=12692&tm=324&src=hmp
 
*************************
 
AdwCleaner[R0].txt - [10775 octets] - [15/06/2014 23:12:04]
AdwCleaner[R1].txt - [1732 octets] - [15/06/2014 23:24:13]
AdwCleaner[R2].txt - [1793 octets] - [15/06/2014 23:46:49]
AdwCleaner[R3].txt - [1589 octets] - [17/06/2014 00:58:03]
AdwCleaner[S0].txt - [9803 octets] - [15/06/2014 23:22:28]
AdwCleaner[S1].txt - [2891 octets] - [17/06/2014 00:58:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2951 octets] ##########


#10 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 18 June 2014 - 07:07 AM

Ok....are you able to see either of these?

 

c:\windows\system32\drivers\drtxzqnm.sys
c:\windows\system32\drivers\hsjzfvjk.sys

Posted Image
 
 

    Advertisements

Register to Remove


#11 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 18 June 2014 - 11:51 AM

Yes



#12 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 18 June 2014 - 06:51 PM

Ok....whichever one you can see....please submit that to VirusTotal using the instructions I provided earlier.  :)


Posted Image
 
 

#13 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 19 June 2014 - 07:33 AM

Hi Jeff

Even though i can see the files, when i get to the virus total Choose File to Upload and paste those names

 

 c:\windows\system32\drivers\hsjzfvjk.sys and c:\windows\system32\drivers\drtxzqnm.sys

 

It's showing me the message "File did not found"....!?!?!?



#14 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 19 June 2014 - 08:44 AM

Ok let's go with this....   :)
 
ComboFix

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    ClearJavaCache::
     
    File::
    c:\windows\system32\drivers\drtxzqnm.sys
    c:\windows\system32\drivers\hsjzfvjk.sys
    c:\windows\system32\drivers\jqaiimcs.sys
    c:\windows\system32\drivers\qfphbyli.sys

     

    Driver::
    drtxzqnm
    hsjzfvjk
    jqaiimcs
    qfphbyli

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
     
    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------


Posted Image
 
 

#15 Fashion Crab

Fashion Crab

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 19 June 2014 - 11:16 AM

And here is the report of Combo Fix

 

ComboFix 14-06-19.01 - Νίκος 19/06/2014  20:08:54.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1253.30.1032.18.7874.5285 [GMT 3:00]
Running from: e:\τα αρχεία\Anti Malware\ComboFix.exe
Command switches used :: c:\users\Νίκος\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
FILE ::
"c:\windows\system32\drivers\drtxzqnm.sys"
"c:\windows\system32\drivers\hsjzfvjk.sys"
"c:\windows\system32\drivers\jqaiimcs.sys"
"c:\windows\system32\drivers\qfphbyli.sys"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DRTXZQNM
-------\Legacy_HSJZFVJK
-------\Legacy_JQAIIMCS
-------\Legacy_QFPHBYLI
-------\Service_drtxzqnm
-------\Service_hsjzfvjk
-------\Service_jqaiimcs
-------\Service_qfphbyli
.
.
(((((((((((((((((((((((((   Files Created from 2014-05-19 to 2014-06-19  )))))))))))))))))))))))))))))))
.
.
2014-06-19 17:12 . 2014-06-19 17:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-19 17:12 . 2014-06-19 17:12 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-06-19 16:54 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E2F4D8D-4FAA-4935-A449-36695ED752E3}\mpengine.dll
2014-06-18 14:01 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-15 21:08 . 2014-06-15 21:08 -------- d-----w- c:\users\Νίκος\AppData\Roaming\AVAST Software
2014-06-15 21:08 . 2014-06-15 21:08 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-15 21:08 . 2014-06-15 21:08 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-15 21:08 . 2014-06-15 21:08 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-15 21:08 . 2014-06-15 21:08 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-15 21:08 . 2014-06-15 21:08 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-06-15 21:08 . 2014-06-15 21:08 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-15 21:08 . 2014-06-15 21:08 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-06-15 21:08 . 2014-06-15 21:08 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-15 21:08 . 2014-06-15 21:08 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-15 21:08 . 2014-06-15 21:08 43152 ----a-w- c:\windows\avastSS.scr
2014-06-15 21:07 . 2014-06-15 21:07 -------- d-----w- c:\program files\AVAST Software
2014-06-15 20:42 . 2014-06-15 20:42 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2014-06-15 20:42 . 2014-06-15 20:42 -------- d-----w- c:\users\Νίκος\AppData\Local\Avg2014
2014-06-15 20:26 . 2014-06-15 20:48 -------- d-----w- C:\FRST
2014-06-15 20:12 . 2010-08-30 05:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-15 20:12 . 2014-06-16 21:58 -------- d-----w- C:\AdwCleaner
2014-06-15 20:03 . 2014-06-15 20:03 423240 ----a-w- c:\windows\system32\drivers\drtxzqnm.sys
2014-06-15 14:28 . 2014-06-15 14:28 423240 ----a-w- c:\windows\system32\drivers\hsjzfvjk.sys
2014-06-15 14:00 . 2014-06-15 20:42 -------- d-----w- c:\programdata\MFAData
2014-06-15 14:00 . 2014-06-15 14:00 -------- d--h--w- c:\programdata\Common Files
2014-06-15 14:00 . 2014-06-15 14:00 -------- d-----w- c:\users\Νίκος\AppData\Local\MFAData
2014-06-15 13:49 . 2014-06-15 13:49 423240 ----a-w- c:\windows\system32\drivers\jqaiimcs.sys
2014-06-14 18:05 . 2014-06-14 18:05 -------- d-----w- c:\users\Νίκος\AppData\Roaming\QuickScan
2014-06-14 17:59 . 2014-06-14 17:59 423240 ----a-w- c:\windows\system32\drivers\qfphbyli.sys
2014-06-13 19:58 . 2014-05-02 16:09 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD36F63A-8119-4778-91D1-2106986C2638}\gapaengine.dll
2014-06-12 16:57 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-12 16:57 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-11 15:11 . 2014-06-11 15:11 -------- d-----w- c:\users\Guest\AppData\Local\Adobe
2014-05-30 20:38 . 2014-06-04 16:30 -------- d--h--w- c:\programdata\CanonIJMIG
2014-05-27 18:02 . 2014-05-27 18:02 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2014-05-27 18:00 . 2014-05-27 18:00 -------- d-----w- c:\program files\Canon
2014-05-21 12:31 . 2014-05-21 12:31 -------- d-----w- c:\users\Νίκος\AppData\Local\Spoon
2014-05-21 12:31 . 2009-12-29 08:35 2524808 ----a-w- c:\windows\SysWow64\gdimgplug.dll
2014-05-21 12:31 . 2009-12-29 08:35 2536072 ----a-w- c:\windows\SysWow64\gdpicturepro5.ocx
2014-05-21 12:31 . 2009-07-13 23:03 1722880 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-05-21 12:31 . 2011-12-09 05:56 587768 ----a-w- c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2014-05-21 12:31 . 2011-12-09 05:56 1931256 ----a-w- c:\windows\SysWow64\Codejock.Controls.Unicode.v15.2.1.ocx
2014-05-21 12:31 . 2011-12-09 05:55 2775032 ----a-w- c:\windows\SysWow64\Codejock.CommandBars.Unicode.v15.2.1.ocx
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 23:16 . 2013-11-23 18:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 18:17 . 2013-11-21 15:47 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 18:17 . 2013-11-21 15:47 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-06 04:40 . 2014-05-15 00:01 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-06 04:17 . 2014-05-15 00:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-06 03:07 . 2014-05-15 00:01 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-06 03:00 . 2014-05-15 00:01 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-02 16:09 . 2013-12-19 17:51 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-12 02:22 . 2014-05-14 19:53 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 19:53 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 19:53 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 19:53 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 19:53 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 19:53 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 19:53 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 19:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 19:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-25 02:43 . 2014-05-14 19:53 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-03-22 19:53 . 2014-03-22 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-11-22 15:30 . 2013-11-22 15:27 4188160 ----a-w- c:\program files (x86)\GUT55DE.tmp
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Νίκος\AppData\Roaming\uTorrent\uTorrent.exe" [2014-06-12 1267536]
"GoogleChromeAutoLaunch_571D22E49CCFB829BACD91D4C5AB2D91"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-12-04 291648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-28 958576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2014-03-11 377368]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-07-23 1282632]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-15 3890208]
.
c:\users\Νίκος\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Νίκος\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-11-24 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKslebb8eb5e;MpKslebb8eb5e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80921F45-E94E-4862-9D4D-383285032197}\MpKslebb8eb5e.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80921F45-E94E-4862-9D4D-383285032197}\MpKslebb8eb5e.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Επιθεώρηση δικτύου της Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Υπηρεσία Τεχνολογιών ενεργοποίησης των Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Πρόγραμμα οδήγησης διακόπτη κεντρικού ελεγκτή Intel® USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 IntcDAud;Ήχος οθόνης Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 iusb3hub;Πρόγραμμα οδήγησης διανομέα Intel® USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Πρόγραμμα οδήγησης επεκτάσιμου κεντρικού ελεγκτή Intel® USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 22:04 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-21 18:17]
.
2014-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 17:50]
.
2014-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07 17:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-15 21:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Νίκος\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-09-12 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-09-12 768328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-09-12 769520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1672371835-1477520047-1789977004-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{54739D49-AC03-4C57-9264-C5195596B3A1}"=hex:51,66,7a,6c,4c,1d,38,12,27,9e,60,
   50,31,e2,39,09,ed,72,86,59,50,c8,f7,b5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
.
**************************************************************************
.
Completion time: 2014-06-19  20:14:36 - machine was rebooted
ComboFix-quarantined-files.txt  2014-06-19 17:14
ComboFix2.txt  2014-06-16 19:04
.
Pre-Run: 10 Κατάλογοι 11.747.635.200 διαθέσιμα byte
Post-Run: 12 Κατάλογοι 11.336.642.560 διαθέσιμα byte
.
- - End Of File - - EF5E472E0AB96DE8123674EA05FE22D9
5FB38429D5D77768867C76DCBDB35194

Related Topics




Also tagged with one or more of these keywords: malware, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users