Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Windows 8.1 LAN settings keep switching back to unknown Proxy Server [

potential spyware help virus windows 8.1

  • This topic is locked This topic is locked
9 replies to this topic

#1 mikiyumi

mikiyumi

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 19 August 2014 - 06:12 PM

I've never been on a tech forum before, but my recently updated Windows 8.1 computer keeps resetting my LAN settings in Chrome. I am constantly faced with the 'Unable to connect to Proxy Server' error. I don't use a proxy server, so I'm rather confused. I've tried other ways to rid this problem, like the simple 'untick the box, reset, etc' but every time I reopen the box (after being faced with the aforementioned error) I find the proxy server box ticked once again! 

 

Any help would be greatly appreciated, I am very confused. 


    Advertisements

Register to Remove


#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 August 2014 - 06:25 PM

Hello mikiyumi, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.  :)
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.
     

======================================================
 
Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • TDSSKiller log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#3 mikiyumi

mikiyumi

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 19 August 2014 - 06:44 PM

Thanks, Adam. My name is Marcelyna, but everyone calls me Miki! Please excuse my sluggish replies as I am working from two computers since my laptop won't connect to the internet due to my current predicament. I have to transfer the files you tell me to download through a flashdrive and so on. 

The TDSSKiller link you sent me doesn't seem to work? It tells me that it is on a redirect loop. 

I was able to complete the first step, however. 

FRST LOG--
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Marcelyna (administrator) on SARUMAN on 19-08-2014 17:36:02
Running from C:\Users\Marcelyna\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Marcelyna\AppData\Local\Akamai\netsession_win.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(Akamai Technologies, Inc.) C:\Users\Marcelyna\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
() C:\Users\Marcelyna\Desktop\RogueKillerX64.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2014-06-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WTClient] => C:\WINDOWS\SysWOW64\WTClient.exe [41280 2014-01-12] (Tablet Driver)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-23] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marcelyna\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1717000 2014-02-20] (CyberLink Corp.)
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [Wondershare Helper Compact.exe] => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-09] (Electronic Arts)
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\MountPoints2: {70e94582-bbc5-11e3-be82-a0d3c151f2a9} - "G:\SetUp.exe" 
HKU\S-1-5-21-1745911765-810247285-2374959911-1001\...\MountPoints2: {866ec349-1538-11e4-be93-a0d3c151f2a9} - "F:\Install.exe" 
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {BDF79476-EF99-4724-911D-BC0FC968709E} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {7DD7BF1F-CC5E-4361-9885-E583C06770DA} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcelyna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
Chrome: 
=======
CHR HomePage: 
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Google Drive) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (YouTube) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]
CHR Extension: (Google Search) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]
CHR Extension: (AdBlock) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-25]
CHR Extension: (Tumblr Savior) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2014-07-13]
CHR Extension: (Gmail) - C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2014-04-06] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-27] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-04-06] (Intel Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-04-06] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-05-02] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 17:36 - 2014-08-19 17:36 - 00016766 _____ () C:\Users\Marcelyna\Desktop\FRST.txt
2014-08-19 17:35 - 2014-08-19 17:36 - 00000000 ____D () C:\FRST
2014-08-19 17:35 - 2014-08-19 17:29 - 02101760 _____ (Farbar) C:\Users\Marcelyna\Desktop\FRST64.exe
2014-08-19 16:31 - 2014-08-19 17:18 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-19 16:31 - 2014-08-19 16:31 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-19 16:30 - 2014-08-19 16:24 - 05421656 _____ () C:\Users\Marcelyna\Desktop\RogueKillerX64.exe
2014-08-19 16:19 - 2014-08-19 16:19 - 00000989 _____ () C:\Users\Marcelyna\Desktop\JRT.txt
2014-08-19 16:16 - 2014-08-19 16:16 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-19 16:10 - 2014-08-19 16:11 - 00000000 ____D () C:\AdwCleaner
2014-08-18 19:34 - 2014-08-18 20:11 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 21:15 - 2014-08-17 21:15 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-16 22:57 - 2014-08-16 22:57 - 00003162 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-08-16 22:53 - 2012-11-06 02:32 - 00000296 _____ () C:\Users\Marcelyna\Desktop\instruções.txt
2014-08-16 22:53 - 2012-10-30 20:01 - 02544270 _____ (JAST USA ) C:\Users\Marcelyna\Desktop\sdhq_patch_102.exe
2014-08-16 22:50 - 2012-11-03 10:43 - 318537728 _____ () C:\Users\Marcelyna\Desktop\Disk_2.iso
2014-08-16 22:49 - 2014-08-16 22:49 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Nitroplus
2014-08-16 22:43 - 2012-11-03 10:43 - 4248698880 _____ () C:\Users\Marcelyna\Desktop\Disk_1.iso
2014-08-15 03:53 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 03:53 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 03:53 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 03:53 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 03:53 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 03:53 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 03:53 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 03:53 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 03:53 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 03:53 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 03:53 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 03:53 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 03:53 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 03:53 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 03:53 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 03:53 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 03:53 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 03:53 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 03:53 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 03:53 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 03:53 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 03:53 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 03:53 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 03:53 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 03:53 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 03:53 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 03:53 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 03:53 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 03:53 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 03:53 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 03:53 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 03:53 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 03:53 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 03:53 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 03:53 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 03:52 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 03:52 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 03:52 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 03:52 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 03:52 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 03:52 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 03:52 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 03:52 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 03:52 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 03:52 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 03:52 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 03:52 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 03:52 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 03:52 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 03:52 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 03:52 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 03:52 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 03:52 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 03:52 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 03:52 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 03:52 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 03:52 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 03:52 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 03:52 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 03:52 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 03:51 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 03:51 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 03:51 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 03:51 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 03:51 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 03:51 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 03:51 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 03:51 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 03:51 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 03:51 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 03:51 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 03:51 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 03:51 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 03:51 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 03:51 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 03:51 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 03:51 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 03:51 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-15 03:50 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 03:50 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 03:50 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 03:50 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 03:50 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 03:47 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 03:47 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 03:47 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 03:47 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 03:47 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 03:47 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 03:47 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 03:47 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 03:47 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 03:47 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 03:47 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 03:47 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 03:47 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 03:47 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 03:47 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 03:47 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 03:47 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 03:47 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 03:46 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 03:46 - 2014-08-06 15:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-15 03:46 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 03:46 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 03:46 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 03:46 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 03:46 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 03:46 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 03:46 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 03:46 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 03:46 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 03:46 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 03:46 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 03:46 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 03:46 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 03:46 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 03:46 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 03:46 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 03:46 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 03:46 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 03:46 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 03:46 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 03:46 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 03:46 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 03:46 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 03:46 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-14 23:35 - 2014-08-15 00:24 - 00007680 _____ () C:\Users\Marcelyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-14 23:35 - 2014-08-14 23:35 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\ezvid,_inc
2014-08-14 23:34 - 2014-08-14 23:35 - 00000000 ____D () C:\Users\Marcelyna\Documents\ezvid
2014-08-14 23:29 - 2014-08-14 23:29 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Windows Live
2014-08-09 13:02 - 2014-08-09 13:04 - 00000000 ____D () C:\Users\Marcelyna\Desktop\SSS
2014-08-09 12:06 - 2014-08-09 12:09 - 00000000 ____D () C:\Users\Marcelyna\Desktop\ITH
2014-08-09 12:05 - 2012-05-11 10:34 - 00031744 _____ () C:\Users\Marcelyna\Desktop\ITH_TLS.dll
2014-08-09 06:53 - 2014-08-09 06:54 - 00000000 ____D () C:\Users\Marcelyna\Desktop\Skype Convos 2014
2014-08-09 06:17 - 2014-08-09 06:18 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\AOL OCP
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\AOL
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\ProgramData\AOL
2014-08-09 06:15 - 2014-08-09 06:17 - 00000429 ____H () C:\IPH.PH
2014-08-04 16:39 - 2014-08-16 15:31 - 00000132 _____ () C:\Users\Marcelyna\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-04 15:18 - 2014-08-04 15:18 - 00000000 ____D () C:\ProgramData\SYSTEMAX Software Development
2014-08-04 15:17 - 2014-08-04 15:17 - 00000290 _____ () C:\WINDOWS\Tablet8000x5000M.ini
2014-08-04 15:17 - 2014-08-04 15:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\SYSTEMAX Software Development
2014-08-04 15:05 - 2014-08-04 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet
2014-08-04 15:05 - 2014-08-04 15:06 - 00000000 ____D () C:\Program Files (x86)\TABLET
2014-08-04 15:05 - 2014-08-04 15:05 - 00000000 ____D () C:\WINDOWS\SysWOW64\TabletPmt
2014-08-04 07:30 - 2014-08-04 15:19 - 00000000 ____D () C:\PaintToolSAI
2014-08-04 07:30 - 2014-08-04 07:30 - 00000598 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk
2014-08-04 07:30 - 2014-08-04 07:30 - 00000586 _____ () C:\Users\Public\Desktop\PaintTool SAI Ver.1.lnk
2014-08-04 07:18 - 2014-08-04 07:18 - 00001746 _____ () C:\Users\Marcelyna\Desktop\Photoshop - Shortcut.lnk
2014-08-04 07:08 - 2014-08-04 07:08 - 00000000 __SHD () C:\Users\Marcelyna\AppData\Local\EmieUserList
2014-08-04 07:08 - 2014-08-04 07:08 - 00000000 __SHD () C:\Users\Marcelyna\AppData\Local\EmieSiteList
2014-08-04 07:04 - 2014-08-04 07:04 - 00003508 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-
2014-08-04 07:02 - 2014-08-04 07:02 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-04 07:01 - 2014-08-04 07:01 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-04 07:00 - 2014-08-04 07:00 - 00001230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-08-04 06:59 - 2014-08-04 07:01 - 00000000 ____D () C:\Program Files\Adobe
2014-08-04 06:59 - 2014-08-04 06:59 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-08-04 06:59 - 2014-08-04 06:59 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-04 06:56 - 2014-08-04 06:56 - 00001546 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-04 06:56 - 2014-08-04 06:56 - 00001376 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-04 06:54 - 2014-08-04 07:01 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-03 02:58 - 2014-08-03 02:58 - 00000000 ____D () C:\Users\Marcelyna\Documents\Razer
2014-08-03 02:58 - 2014-08-03 02:58 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Razer_Inc
2014-08-03 02:57 - 2014-08-03 02:57 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00002148 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\ProgramData\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-08-02 17:17 - 2014-08-02 17:17 - 00001438 _____ () C:\Users\Marcelyna\Desktop\CCMagic - Shortcut.lnk
2014-08-02 17:10 - 2014-08-02 17:10 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Peter_L_Jones
2014-08-02 16:43 - 2014-08-02 17:16 - 00000000 ____D () C:\Program Files (x86)\CC Magic
2014-08-02 16:43 - 2014-08-02 16:43 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CC Magic
2014-08-02 00:51 - 2011-05-31 20:45 - 00058880 _____ (Microsoft) C:\Users\Marcelyna\Desktop\Sims3Dashboard.exe
2014-08-02 00:51 - 2010-06-27 09:40 - 00119808 _____ () C:\Users\Marcelyna\Desktop\MadScience.Wrappers.dll
2014-08-02 00:51 - 2010-06-27 09:36 - 00076288 _____ () C:\Users\Marcelyna\Desktop\MadScience.Helpers.dll
2014-08-01 17:23 - 2014-08-17 21:44 - 00000364 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMarcelyna.job
2014-08-01 17:23 - 2014-08-17 21:36 - 00003186 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMarcelyna
2014-08-01 02:37 - 2014-08-01 02:37 - 00001428 _____ () C:\Users\Public\Desktop\The Sims・3.lnk
2014-08-01 02:37 - 2014-08-01 02:37 - 00001379 _____ () C:\Users\Public\Desktop\The Sims・3 Without Launcher.lnk
2014-08-01 02:36 - 2014-08-01 02:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims・3 + All Expansions
2014-07-31 22:04 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-31 22:04 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-07-31 22:04 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-31 22:04 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-07-31 22:04 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-31 22:04 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-07-31 21:59 - 2014-08-01 02:44 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-31 09:56 - 2014-07-31 09:56 - 423702349 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-31 09:56 - 2014-07-31 09:56 - 00280592 _____ () C:\WINDOWS\Minidump\073114-30578-01.dmp
2014-07-30 00:08 - 2014-07-30 00:08 - 00000000 __RHD () C:\Users\Marcelyna\AppData\Roaming\SecuROM
2014-07-28 03:47 - 2014-07-28 03:47 - 00002201 _____ () C:\Users\Public\Desktop\やんデレ.lnk
2014-07-28 03:47 - 2014-07-28 03:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
2014-07-28 03:47 - 2014-07-28 03:47 - 00000000 ____D () C:\Program Files (x86)\
2014-07-28 03:29 - 2014-07-28 03:49 - 00000000 ____D () C:\Users\Marcelyna\Desktop\Yandere
2014-07-27 20:59 - 2014-07-27 20:59 - 00002002 _____ () C:\Users\Public\Desktop\沙耶の唄.lnk
2014-07-27 20:58 - 2014-07-27 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NitroPlus
2014-07-27 20:58 - 2014-07-27 20:58 - 00000000 ____D () C:\Program Files (x86)\NitroPlus
2014-07-27 20:57 - 2014-07-27 20:58 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\DAEMON Tools Lite
2014-07-27 20:57 - 2014-07-27 20:57 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-07-27 20:57 - 2014-07-27 20:57 - 00001969 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-07-27 20:57 - 2014-07-27 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-07-27 20:57 - 2014-07-27 20:57 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-27 20:56 - 2014-07-27 20:58 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\RenPy
2014-07-27 20:40 - 2014-07-27 20:41 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\tess
2014-07-27 20:40 - 2014-07-27 20:40 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Oracle
2014-07-27 20:39 - 2014-07-27 20:39 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Sun
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-27 00:37 - 2014-07-27 00:37 - 00001212 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-27 00:37 - 2014-07-27 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-27 00:36 - 2014-07-27 00:36 - 00001717 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-27 00:36 - 2014-07-27 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection
2014-07-26 21:44 - 2014-07-26 21:45 - 04319077 _____ () C:\Users\Marcelyna\Desktop\The End of the Witch of Lorven.exe
2014-07-26 21:33 - 2014-07-27 00:37 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-26 21:32 - 2014-07-31 15:01 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Origin
2014-07-26 21:32 - 2014-07-26 21:33 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Origin
2014-07-26 21:30 - 2014-08-19 16:31 - 00000000 ____D () C:\ProgramData\Origin
2014-07-26 21:30 - 2014-07-26 21:30 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-07-26 21:30 - 2014-07-26 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-07-26 21:29 - 2014-08-09 07:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-26 21:22 - 2014-02-06 23:34 - 61315761 _____ () C:\Users\Marcelyna\Desktop\Delicatte.exe
2014-07-26 20:22 - 2014-07-26 20:22 - 00000256 _____ () C:\Users\Marcelyna\Desktop\mEmory.txt
2014-07-26 20:09 - 2014-07-26 20:09 - 00001982 _____ () C:\Users\Marcelyna\Desktop\LonelyYuri - Shortcut.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Users\Marcelyna\Documents\NightTimeSheep
2014-07-26 19:42 - 2014-08-16 22:43 - 00000000 ____D () C:\Users\Marcelyna\Desktop\random stuff
2014-07-26 19:36 - 2014-07-26 19:36 - 00000912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LongStory.lnk
2014-07-26 19:36 - 2014-07-26 19:36 - 00000900 _____ () C:\Users\Public\Desktop\LongStory.lnk
2014-07-26 19:36 - 2014-07-26 19:36 - 00000000 ____D () C:\Program Files (x86)\LongStory
2014-07-22 22:56 - 2014-08-05 02:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-22 22:56 - 2014-08-04 06:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-22 22:56 - 2014-07-22 22:56 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-07-22 22:56 - 2014-07-22 22:56 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-07-20 00:40 - 2014-07-20 00:59 - 943375844 _____ () C:\Users\Marcelyna\Desktop\A Time to Screw [ENG Dub].avi
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 17:36 - 2014-08-19 17:36 - 00016766 _____ () C:\Users\Marcelyna\Desktop\FRST.txt
2014-08-19 17:36 - 2014-08-19 17:35 - 00000000 ____D () C:\FRST
2014-08-19 17:34 - 2014-02-19 21:51 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-19 17:29 - 2014-08-19 17:35 - 02101760 _____ (Farbar) C:\Users\Marcelyna\Desktop\FRST64.exe
2014-08-19 17:18 - 2014-08-19 16:31 - 00036456 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-19 17:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-19 16:55 - 2013-12-25 11:25 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 16:31 - 2014-08-19 16:31 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-19 16:31 - 2014-07-26 21:30 - 00000000 ____D () C:\ProgramData\Origin
2014-08-19 16:28 - 2014-03-18 19:38 - 01594997 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-19 16:24 - 2014-08-19 16:30 - 05421656 _____ () C:\Users\Marcelyna\Desktop\RogueKillerX64.exe
2014-08-19 16:19 - 2014-08-19 16:19 - 00000989 _____ () C:\Users\Marcelyna\Desktop\JRT.txt
2014-08-19 16:16 - 2014-08-19 16:16 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-19 16:15 - 2014-02-19 21:50 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Adobe
2014-08-19 16:13 - 2014-03-18 19:46 - 00000000 __RDO () C:\Users\Marcelyna\SkyDrive
2014-08-19 16:12 - 2013-12-25 11:25 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 16:12 - 2013-11-14 00:20 - 00742110 _____ () C:\WINDOWS\PFRO.log
2014-08-19 16:12 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-19 16:12 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-19 16:11 - 2014-08-19 16:10 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:00 - 2013-12-25 09:59 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1745911765-810247285-2374959911-1001
2014-08-19 15:48 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-19 03:47 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 01:31 - 2013-12-25 09:51 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BFDDE571-BD52-4799-A759-6545EEF46F86}
2014-08-18 20:11 - 2014-08-18 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 19:33 - 2013-11-14 00:28 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-18 19:32 - 2014-07-02 09:20 - 00000835 _____ () C:\WINDOWS\setupact.log
2014-08-18 02:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 21:44 - 2014-08-01 17:23 - 00000364 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMarcelyna.job
2014-08-17 21:36 - 2014-08-01 17:23 - 00003186 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMarcelyna
2014-08-17 21:36 - 2014-03-18 19:24 - 00000000 ____D () C:\Users\Marcelyna
2014-08-17 21:30 - 2013-08-22 07:44 - 04970896 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-17 21:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 21:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-17 21:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 21:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 21:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 21:16 - 2014-01-04 01:15 - 00479232 ___SH () C:\Users\Marcelyna\Desktop\Thumbs.db
2014-08-17 21:15 - 2014-08-17 21:15 - 00003402 _____ () C:\WINDOWS\System32\Tasks\PastaQuotes
2014-08-17 21:14 - 2014-06-06 19:45 - 08800768 ___SH () C:\Users\Marcelyna\Downloads\Thumbs.db
2014-08-16 22:57 - 2014-08-16 22:57 - 00003162 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-08-16 22:49 - 2014-08-16 22:49 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Nitroplus
2014-08-16 22:43 - 2014-07-26 19:42 - 00000000 ____D () C:\Users\Marcelyna\Desktop\random stuff
2014-08-16 22:42 - 2014-03-02 01:39 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Audacity
2014-08-16 15:31 - 2014-08-04 16:39 - 00000132 _____ () C:\Users\Marcelyna\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-15 07:32 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-15 07:29 - 2013-12-29 03:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-15 07:26 - 2013-12-29 03:38 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-15 07:25 - 2014-07-15 20:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 03:43 - 2014-06-11 17:28 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-15 03:42 - 2013-08-21 20:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 03:41 - 2014-06-26 14:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 03:41 - 2014-06-19 18:56 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 03:41 - 2014-04-26 10:38 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 03:41 - 2014-04-26 10:35 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 03:41 - 2014-04-22 19:46 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 03:41 - 2014-04-22 19:32 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 03:41 - 2014-04-22 19:32 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 03:41 - 2014-04-22 19:32 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 03:41 - 2014-04-22 19:32 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 03:41 - 2014-04-22 19:32 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 03:41 - 2014-04-22 19:32 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-15 03:41 - 2013-08-21 20:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 03:41 - 2013-08-21 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 03:41 - 2013-08-21 20:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 03:41 - 2013-08-21 20:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:24 - 2014-08-14 23:35 - 00007680 _____ () C:\Users\Marcelyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-14 23:35 - 2014-08-14 23:35 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\ezvid,_inc
2014-08-14 23:35 - 2014-08-14 23:34 - 00000000 ____D () C:\Users\Marcelyna\Documents\ezvid
2014-08-14 23:29 - 2014-08-14 23:29 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Windows Live
2014-08-09 13:04 - 2014-08-09 13:02 - 00000000 ____D () C:\Users\Marcelyna\Desktop\SSS
2014-08-09 12:09 - 2014-08-09 12:06 - 00000000 ____D () C:\Users\Marcelyna\Desktop\ITH
2014-08-09 07:13 - 2014-07-26 21:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-09 07:09 - 2014-02-06 20:29 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Azureus
2014-08-09 06:54 - 2014-08-09 06:53 - 00000000 ____D () C:\Users\Marcelyna\Desktop\Skype Convos 2014
2014-08-09 06:18 - 2014-08-09 06:17 - 00000000 ____D () C:\ProgramData\AOL OCP
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\AOL OCP
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\AOL
2014-08-09 06:17 - 2014-08-09 06:17 - 00000000 ____D () C:\ProgramData\AOL
2014-08-09 06:17 - 2014-08-09 06:15 - 00000429 ____H () C:\IPH.PH
2014-08-06 19:12 - 2014-08-15 03:46 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-06 15:39 - 2014-08-15 03:46 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-06 15:38 - 2014-08-15 03:47 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-05 02:00 - 2014-07-22 22:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-04 15:19 - 2014-08-04 07:30 - 00000000 ____D () C:\PaintToolSAI
2014-08-04 15:18 - 2014-08-04 15:18 - 00000000 ____D () C:\ProgramData\SYSTEMAX Software Development
2014-08-04 15:17 - 2014-08-04 15:17 - 00000290 _____ () C:\WINDOWS\Tablet8000x5000M.ini
2014-08-04 15:17 - 2014-08-04 15:17 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\SYSTEMAX Software Development
2014-08-04 15:06 - 2014-08-04 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet
2014-08-04 15:06 - 2014-08-04 15:05 - 00000000 ____D () C:\Program Files (x86)\TABLET
2014-08-04 15:05 - 2014-08-04 15:05 - 00000000 ____D () C:\WINDOWS\SysWOW64\TabletPmt
2014-08-04 07:30 - 2014-08-04 07:30 - 00000598 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk
2014-08-04 07:30 - 2014-08-04 07:30 - 00000586 _____ () C:\Users\Public\Desktop\PaintTool SAI Ver.1.lnk
2014-08-04 07:18 - 2014-08-04 07:18 - 00001746 _____ () C:\Users\Marcelyna\Desktop\Photoshop - Shortcut.lnk
2014-08-04 07:08 - 2014-08-04 07:08 - 00000000 __SHD () C:\Users\Marcelyna\AppData\Local\EmieUserList
2014-08-04 07:08 - 2014-08-04 07:08 - 00000000 __SHD () C:\Users\Marcelyna\AppData\Local\EmieSiteList
2014-08-04 07:04 - 2014-08-04 07:04 - 00003508 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-
2014-08-04 07:04 - 2013-12-25 09:51 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Adobe
2014-08-04 07:02 - 2014-08-04 07:02 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-04 07:01 - 2014-08-04 07:01 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-04 07:01 - 2014-08-04 06:59 - 00000000 ____D () C:\Program Files\Adobe
2014-08-04 07:01 - 2014-08-04 06:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-04 07:00 - 2014-08-04 07:00 - 00001230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-08-04 06:59 - 2014-08-04 06:59 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-08-04 06:59 - 2014-08-04 06:59 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-04 06:59 - 2014-07-22 22:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-04 06:56 - 2014-08-04 06:56 - 00001546 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-04 06:56 - 2014-08-04 06:56 - 00001376 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-03 02:58 - 2014-08-03 02:58 - 00000000 ____D () C:\Users\Marcelyna\Documents\Razer
2014-08-03 02:58 - 2014-08-03 02:58 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Razer_Inc
2014-08-03 02:57 - 2014-08-03 02:57 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00002148 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\ProgramData\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-08-03 02:14 - 2014-08-03 02:14 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-08-02 17:18 - 2014-06-21 18:44 - 00000000 ____D () C:\Users\Marcelyna\Documents\Electronic Arts
2014-08-02 17:17 - 2014-08-02 17:17 - 00001438 _____ () C:\Users\Marcelyna\Desktop\CCMagic - Shortcut.lnk
2014-08-02 17:16 - 2014-08-02 16:43 - 00000000 ____D () C:\Program Files (x86)\CC Magic
2014-08-02 17:10 - 2014-08-02 17:10 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Peter_L_Jones
2014-08-02 16:43 - 2014-08-02 16:43 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CC Magic
2014-08-01 22:44 - 2014-08-15 03:47 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-01 20:56 - 2014-08-15 03:46 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-01 20:11 - 2014-08-15 03:46 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-01 17:17 - 2014-05-29 21:32 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-01 17:17 - 2014-05-29 21:32 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 02:44 - 2014-07-31 21:59 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-01 02:37 - 2014-08-01 02:37 - 00001428 _____ () C:\Users\Public\Desktop\The Sims・3.lnk
2014-08-01 02:37 - 2014-08-01 02:37 - 00001379 _____ () C:\Users\Public\Desktop\The Sims・3 Without Launcher.lnk
2014-08-01 02:37 - 2014-08-01 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims・3 + All Expansions
2014-07-31 22:04 - 2013-06-19 19:55 - 00053443 _____ () C:\WINDOWS\DirectX.log
2014-07-31 22:00 - 2013-06-19 20:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-31 20:42 - 2014-06-21 15:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-31 15:01 - 2014-07-26 21:32 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Origin
2014-07-31 09:56 - 2014-07-31 09:56 - 423702349 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-31 09:56 - 2014-07-31 09:56 - 00280592 _____ () C:\WINDOWS\Minidump\073114-30578-01.dmp
2014-07-31 09:56 - 2014-04-06 20:22 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-30 00:08 - 2014-07-30 00:08 - 00000000 __RHD () C:\Users\Marcelyna\AppData\Roaming\SecuROM
2014-07-28 03:49 - 2014-07-28 03:29 - 00000000 ____D () C:\Users\Marcelyna\Desktop\Yandere
2014-07-28 03:47 - 2014-07-28 03:47 - 00002201 _____ () C:\Users\Public\Desktop\やんデレ.lnk
2014-07-28 03:47 - 2014-07-28 03:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
2014-07-28 03:47 - 2014-07-28 03:47 - 00000000 ____D () C:\Program Files (x86)\
2014-07-27 21:02 - 2013-12-25 09:48 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\VirtualStore
2014-07-27 20:59 - 2014-07-27 20:59 - 00002002 _____ () C:\Users\Public\Desktop\沙耶の唄.lnk
2014-07-27 20:58 - 2014-07-27 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NitroPlus
2014-07-27 20:58 - 2014-07-27 20:58 - 00000000 ____D () C:\Program Files (x86)\NitroPlus
2014-07-27 20:58 - 2014-07-27 20:57 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\DAEMON Tools Lite
2014-07-27 20:58 - 2014-07-27 20:56 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-27 20:57 - 2014-07-27 20:57 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-07-27 20:57 - 2014-07-27 20:57 - 00001969 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-07-27 20:57 - 2014-07-27 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-07-27 20:57 - 2014-07-27 20:57 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-27 20:48 - 2014-02-22 19:40 - 00000000 ____D () C:\Users\Marcelyna\Desktop\Indie Games
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\RenPy
2014-07-27 20:41 - 2014-07-27 20:40 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\tess
2014-07-27 20:40 - 2014-07-27 20:40 - 00000000 ____D () C:\Users\Marcelyna\AppData\Roaming\Oracle
2014-07-27 20:39 - 2014-07-27 20:39 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-27 20:39 - 2014-07-27 20:39 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Sun
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-27 20:39 - 2014-07-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-27 00:37 - 2014-07-27 00:37 - 00001212 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-27 00:37 - 2014-07-27 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-27 00:37 - 2014-07-26 21:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-27 00:36 - 2014-07-27 00:36 - 00001717 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-27 00:36 - 2014-07-27 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection
2014-07-26 21:45 - 2014-07-26 21:44 - 04319077 _____ () C:\Users\Marcelyna\Desktop\The End of the Witch of Lorven.exe
2014-07-26 21:33 - 2014-07-26 21:32 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Origin
2014-07-26 21:30 - 2014-07-26 21:30 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-07-26 21:30 - 2014-07-26 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-07-26 21:30 - 2014-02-19 17:37 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-26 20:22 - 2014-07-26 20:22 - 00000256 _____ () C:\Users\Marcelyna\Desktop\mEmory.txt
2014-07-26 20:09 - 2014-07-26 20:09 - 00001982 _____ () C:\Users\Marcelyna\Desktop\LonelyYuri - Shortcut.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Users\Marcelyna\Documents\NightTimeSheep
2014-07-26 19:36 - 2014-07-26 19:36 - 00000912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LongStory.lnk
2014-07-26 19:36 - 2014-07-26 19:36 - 00000900 _____ () C:\Users\Public\Desktop\LongStory.lnk
2014-07-26 19:36 - 2014-07-26 19:36 - 00000000 ____D () C:\Program Files (x86)\LongStory
2014-07-25 07:52 - 2014-08-15 03:53 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 06:51 - 2014-08-15 03:53 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 06:28 - 2014-08-15 03:53 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 06:25 - 2014-08-15 03:53 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 06:25 - 2014-08-15 03:53 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 05:59 - 2014-08-15 03:53 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 05:40 - 2014-08-15 03:53 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 05:34 - 2014-08-15 03:53 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 05:30 - 2014-08-15 03:53 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 05:28 - 2014-08-15 03:53 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 05:28 - 2014-08-15 03:53 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 05:21 - 2014-08-15 03:53 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 05:17 - 2014-08-15 03:53 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 05:10 - 2014-08-15 03:53 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 05:08 - 2014-08-15 03:53 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 05:06 - 2014-08-15 03:53 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 04:52 - 2014-08-15 03:53 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 04:47 - 2014-08-15 03:53 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 04:43 - 2014-08-15 03:53 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 04:43 - 2014-08-15 03:53 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 04:42 - 2014-08-15 03:53 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 04:39 - 2014-08-15 03:53 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 04:34 - 2014-08-15 03:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 04:29 - 2014-08-15 03:53 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 04:23 - 2014-08-15 03:53 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 04:15 - 2013-12-25 09:48 - 00000000 ____D () C:\Users\Marcelyna\AppData\Local\Packages
2014-07-25 04:13 - 2014-08-15 03:53 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 04:09 - 2014-08-15 03:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 04:07 - 2014-08-15 03:53 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 04:03 - 2014-08-15 03:53 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 03:52 - 2014-08-15 03:53 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 03:26 - 2014-08-15 03:53 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 03:17 - 2014-08-15 03:53 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 03:09 - 2014-08-15 03:53 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 03:05 - 2014-08-15 03:53 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 03:00 - 2014-08-15 03:53 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-22 22:56 - 2014-07-22 22:56 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-07-22 22:56 - 2014-07-22 22:56 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-07-20 23:26 - 2014-02-06 20:29 - 00000000 ____D () C:\Program Files\Vuze
2014-07-20 00:59 - 2014-07-20 00:40 - 943375844 _____ () C:\Users\Marcelyna\Desktop\A Time to Screw [ENG Dub].avi
 
Some content of TEMP:
====================
C:\Users\Marcelyna\AppData\Local\Temp\bitool.dll
C:\Users\Marcelyna\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Marcelyna\AppData\Local\Temp\Extract.exe
C:\Users\Marcelyna\AppData\Local\Temp\Fuwanovel  Lonely Yuri  Englis Downloader__3687_i1078076237_il1100933.exe
C:\Users\Marcelyna\AppData\Local\Temp\i4jdel0.exe
C:\Users\Marcelyna\AppData\Local\Temp\InstallIMVU_504.0.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsb9577.exe
C:\Users\Marcelyna\AppData\Local\Temp\nshDA55.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsi2944.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsmF805.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsoDDD1.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsq74F8.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsqC5DC.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsv2DCA.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsvF499.exe
C:\Users\Marcelyna\AppData\Local\Temp\nsy7AE5.exe
C:\Users\Marcelyna\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcelyna\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Marcelyna\AppData\Local\Temp\searchsnacks-setup-1_9_0_6.exe
C:\Users\Marcelyna\AppData\Local\Temp\Search_Protect_NonSearch_setup.exe
C:\Users\Marcelyna\AppData\Local\Temp\Search_Protect_non_Google_new.exe
C:\Users\Marcelyna\AppData\Local\Temp\Setup_11.exe
C:\Users\Marcelyna\AppData\Local\Temp\SP66604.exe
C:\Users\Marcelyna\AppData\Local\Temp\SP66867.exe
C:\Users\Marcelyna\AppData\Local\Temp\SPSetup.exe
C:\Users\Marcelyna\AppData\Local\Temp\WIE_2.12.2.5.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-19 16:26
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
Addition log--- 





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Marcelyna at 2014-08-19 17:36:54
Running from C:\Users\Marcelyna\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
CC Magic (HKCU\...\CC Magic) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.6.7225 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.6.3728 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.4.4824 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.6.3821 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2606 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6117 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Digital - A Love Story 1.1 (HKLM-x32\...\Digital - A Love Story) (Version: 1.1 - Lily of the Valley games)
don't take it personally, babe, it just ain't your story 1.1 (HKLM-x32\...\don't take it personally, babe, it just ain't your story) (Version: 1.1 - Christine Love)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}) (Version: 1.2.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.1.1000 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Jade Empire Special Edition (HKLM-x32\...\GOGPACKJADEEMPIRE_is1) (Version: 2.0.0.4 - GOG.com)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Livestream for Producers (HKLM-x32\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
LongStory (HKLM-x32\...\LongStory) (Version: 1.2.1 - UNKNOWN)
LongStory (x32 Version: 1.2.1 - UNKNOWN) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
m2tools CheeseWare EmoteMovieMaker (HKLM-x32\...\m2tools CheeseWare EmoteMovieMaker) (Version:  - )
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nameless Full Version version 1.01 (HKLM-x32\...\{D0079106-5007-446B-AF75-A60348054402}_is1) (Version: 1.01 - Cheritz)
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Tablet Driver V7.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims・3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims・3 + Expansions Uninstaller (HKLM-x32\...\The Sims・3 + Expansions Uninstaller) (Version: 1.0.0.14 - Electronic Arts)
The Sims・3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims・3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims・3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims・3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims・3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims・3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims・3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims・3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims・3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims・3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims・3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims・3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims・3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims・3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims・3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims・3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims・3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims・3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims・3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims・3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar v9.3 (HKLM-x32\...\{44C0EC7E-CF09-4569-B34B-0A9347D72596}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Wondershare Dr.Fone for Android(Build 4.4.0.90) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 4.4.0.90 - Wondershare Software Co.,Ltd.)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
やんデレ (HKLM-x32\...\やんデレ) (Version:  - )
沙耶の唄 (HKLM-x32\...\{82D040D1-F95B-4C96-AF5C-B6A1E138EC6E}) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
01-08-2014 05:01:20 Installed DirectX
08-08-2014 14:31:25 Scheduled Checkpoint
15-08-2014 06:28:53 Windows Live Essentials
18-08-2014 04:22:23 Removed LPT System Updater Service
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2014-08-19 17:32 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {021B32DB-9C5C-467D-8BD7-86F2C4AA5485} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-02] (Synaptics Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {059D25C1-D049-4529-8DB0-8CAE2F0EAA3E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {238B7338-5FCC-4C1C-99A0-93235EF7B5FD} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1745911765-810247285-2374959911-1001
Task: {24CF7DF4-7251-478E-941C-360B0D4B78E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {32CB6154-F9B0-4C23-8555-B197569BCE64} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {486071BF-3894-44EB-8C6C-FEE7F17A6048} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F3C422F-7D9E-4253-8FD6-918C170BB3C8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {61CCF15F-3EB4-4DD0-8A46-2E3219BC9E2D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6367EAA9-348C-4BCC-810B-173E12589A0C} - System32\Tasks\HPCeeScheduleForMarcelyna => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {698E4A61-F6BC-4F51-A6BB-AFF66BAB03D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {707DF2E4-2DC0-43B1-8094-F893F96BDB0D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount- => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7941FFA2-EAEA-48A9-92DB-07C1C15145B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8125D0A4-9F9E-459D-8130-0861E807FFCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {83790555-6793-4E67-AAC0-386918423C7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN43O131J5 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89ACAFD3-3CDF-4511-AA0A-B1FE863F2477} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D63673D-2486-4265-A38D-E549DA06D678} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-15] (Microsoft Corporation)
Task: {9B7AD621-69AA-4F4E-B5FC-F16FC030AE3A} - System32\Tasks\Show Desktop @ Start => c:\Windows\explorer.exe [2014-03-04] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9AE9A51-857A-4CFB-B0FF-F425BF2C455F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {AFC147D4-0F78-479B-8338-88F508F033D7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {B13EF67D-C4E9-4262-B826-1556D8A7D6FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25] (Google Inc.)
Task: {B16B3DF7-531D-480B-B3AA-98F27FDA27BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {B315079C-E7F7-4994-9122-C90BE0FEFC97} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {B7B2925A-19A1-4416-B4DD-A06AD269D9B6} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD7B7422-DC0D-483D-BED1-FAA37F44AB1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DFC5584B-9C66-4D1E-9341-A6EB01A53B1D} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {E09A9D0B-20DE-43B5-BC80-2D740F3C7F33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMarcelyna.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-19 16:30 - 2014-08-19 16:24 - 05421656 _____ () C:\Users\Marcelyna\Desktop\RogueKillerX64.exe
2014-01-12 18:50 - 2014-01-12 18:50 - 00301888 _____ () C:\WINDOWS\SYSTEM32\WinTab32.DLL
2014-05-02 20:55 - 2014-02-20 21:13 - 00866056 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2014-05-02 20:55 - 2013-12-29 18:20 - 01323992 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
2014-05-02 20:55 - 2014-02-20 21:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2014-01-12 18:50 - 2014-01-12 18:50 - 00301888 _____ () C:\Windows\SYSTEM32\WinTab32.DLL
2014-04-06 12:57 - 2014-04-06 12:57 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Marcelyna\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (08/19/2014 05:19:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/19/2014 05:18:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/19/2014 04:56:46 PM) (Source: DCOM) (EventID: 10010) (User: SARUMAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (08/19/2014 04:56:16 PM) (Source: DCOM) (EventID: 10010) (User: SARUMAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (08/19/2014 04:55:46 PM) (Source: DCOM) (EventID: 10010) (User: SARUMAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (08/19/2014 04:55:16 PM) (Source: DCOM) (EventID: 10010) (User: SARUMAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (08/19/2014 04:31:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/19/2014 04:31:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/19/2014 04:23:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (08/19/2014 04:22:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-09 07:48:50.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-09 07:48:50.763
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-26 21:30:58.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-26 21:30:58.611
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-15 23:16:20.263
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-15 23:16:20.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4000M CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 4011.57 MB
Available physical RAM: 2822.14 MB
Total Pagefile: 8107.57 MB
Available Pagefile: 6575.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:671.77 GB) (Free:427.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.66 GB) (Free:2.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (GAME_20) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
Drive g: (Disc 2) (CDROM) (Total:4.3 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:3.74 GB) (Free:3.68 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 006080EB)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 73696D20)
No partition Table on disk 1.
 
==================== End Of Log ============================
 

#4 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 August 2014 - 06:49 PM

Hi Miki, 
 
Nice to meet you. :)
 

Please excuse my sluggish replies as I am working from two computers since my laptop won't connect to the internet due to my current predicament.

No problem at all. 
 
Please use this link to download TDSSKiller: http://www.bleepingc...dsskiller/dl/4/


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#5 mikiyumi

mikiyumi

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 19 August 2014 - 07:01 PM

TDSSKiller log---


 

17:56:19.0972 0x00c4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:56:19.0988 0x00c4  UEFI system
17:56:23.0758 0x00c4  ============================================================
17:56:23.0758 0x00c4  Current date / time: 2014/08/19 17:56:23.0758
17:56:23.0758 0x00c4  SystemInfo:
17:56:23.0758 0x00c4  
17:56:23.0758 0x00c4  OS Version: 6.3.9600 ServicePack: 0.0
17:56:23.0758 0x00c4  Product type: Workstation
17:56:23.0758 0x00c4  ComputerName: SARUMAN
17:56:23.0758 0x00c4  UserName: Marcelyna
17:56:23.0758 0x00c4  Windows directory: C:\WINDOWS
17:56:23.0758 0x00c4  System windows directory: C:\WINDOWS
17:56:23.0758 0x00c4  Running under WOW64
17:56:23.0758 0x00c4  Processor architecture: Intel x64
17:56:23.0758 0x00c4  Number of processors: 4
17:56:23.0758 0x00c4  Page size: 0x1000
17:56:23.0758 0x00c4  Boot type: Normal boot
17:56:23.0758 0x00c4  ============================================================
17:56:24.0495 0x00c4  KLMD registered as C:\WINDOWS\system32\drivers\28767790.sys
17:56:28.0777 0x00c4  System UUID: {D23D0536-DF04-9496-8BCD-642A8AECC7ED}
17:56:29.0934 0x00c4  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:56:29.0934 0x00c4  Drive \Device\Harddisk1\DR5 - Size: 0xEFBFFE00 ( 3.75 Gb ), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:56:29.0997 0x00c4  ============================================================
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0:
17:56:29.0997 0x00c4  GPT partitions:
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B647207F-A14D-4F08-BDA9-5D891C4A3A88}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5DABB065-ED95-4069-BEF4-749EC633BA26}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {748B2E83-DB87-4C8E-9D97-BFD52A32344C}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE1EDAF9-111C-4277-8324-104ACA78324A}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x53F8A000
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6554675A-765C-49E5-8672-CABF2BA6DA6C}, Name: , StartLBA 0x54114800, BlocksNum 0xE1000
17:56:29.0997 0x00c4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {81303C42-B969-4F2F-B17C-7E53F6BC87F0}, Name: Basic data partition, StartLBA 0x541F5800, BlocksNum 0x3350800
17:56:29.0997 0x00c4  MBR partitions:
17:56:29.0997 0x00c4  \Device\Harddisk1\DR5:
17:56:29.0997 0x00c4  MBR partitions:
17:56:29.0997 0x00c4  ============================================================
17:56:30.0012 0x00c4  C: <-> \Device\Harddisk0\DR0\Partition4
17:56:30.0075 0x00c4  D: <-> \Device\Harddisk0\DR0\Partition6
17:56:30.0075 0x00c4  ============================================================
17:56:30.0075 0x00c4  Initialize success
17:56:30.0075 0x00c4  ============================================================
17:56:51.0952 0x0dd0  ============================================================
17:56:51.0952 0x0dd0  Scan started
17:56:51.0952 0x0dd0  Mode: Manual; TDLFS; 
17:56:51.0952 0x0dd0  ============================================================
17:56:51.0952 0x0dd0  KSN ping started
17:56:54.0366 0x0dd0  KSN ping finished: true
17:56:55.0862 0x0dd0  ================ Scan system memory ========================
17:56:55.0862 0x0dd0  System memory - ok
17:56:55.0862 0x0dd0  ================ Scan services =============================
17:56:56.0143 0x0dd0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:56:56.0143 0x0dd0  1394ohci - ok
17:56:56.0175 0x0dd0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:56:56.0175 0x0dd0  3ware - ok
17:56:56.0206 0x0dd0  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
17:56:56.0206 0x0dd0  Accelerometer - ok
17:56:56.0253 0x0dd0  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:56:56.0268 0x0dd0  ACPI - ok
17:56:56.0284 0x0dd0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:56:56.0284 0x0dd0  acpiex - ok
17:56:56.0300 0x0dd0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:56:56.0300 0x0dd0  acpipagr - ok
17:56:56.0331 0x0dd0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:56:56.0331 0x0dd0  AcpiPmi - ok
17:56:56.0331 0x0dd0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:56:56.0331 0x0dd0  acpitime - ok
17:56:56.0471 0x0dd0  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:56:56.0471 0x0dd0  AdobeFlashPlayerUpdateSvc - ok
17:56:56.0518 0x0dd0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:56:56.0518 0x0dd0  ADP80XX - ok
17:56:56.0565 0x0dd0  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:56:56.0565 0x0dd0  AeLookupSvc - ok
17:56:56.0675 0x0dd0  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
17:56:56.0675 0x0dd0  AERTFilters - ok
17:56:56.0706 0x0dd0  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:56:56.0721 0x0dd0  AFD - ok
17:56:56.0753 0x0dd0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:56:56.0753 0x0dd0  agp440 - ok
17:56:56.0768 0x0dd0  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:56:56.0768 0x0dd0  ahcache - ok
17:56:56.0815 0x0dd0  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
17:56:56.0815 0x0dd0  ALG - ok
17:56:56.0831 0x0dd0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:56:56.0831 0x0dd0  AmdK8 - ok
17:56:56.0846 0x0dd0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:56:56.0846 0x0dd0  AmdPPM - ok
17:56:56.0862 0x0dd0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:56:56.0862 0x0dd0  amdsata - ok
17:56:56.0893 0x0dd0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:56:56.0893 0x0dd0  amdsbs - ok
17:56:56.0909 0x0dd0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:56:56.0909 0x0dd0  amdxata - ok
17:56:57.0003 0x0dd0  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:56:57.0003 0x0dd0  AppHostSvc - ok
17:56:57.0018 0x0dd0  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:56:57.0018 0x0dd0  AppID - ok
17:56:57.0065 0x0dd0  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:56:57.0065 0x0dd0  AppIDSvc - ok
17:56:57.0096 0x0dd0  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:56:57.0112 0x0dd0  Appinfo - ok
17:56:57.0159 0x0dd0  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:56:57.0175 0x0dd0  AppReadiness - ok
17:56:57.0237 0x0dd0  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:56:57.0253 0x0dd0  AppXSvc - ok
17:56:57.0268 0x0dd0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:56:57.0268 0x0dd0  arcsas - ok
17:56:57.0409 0x0dd0  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:56:57.0409 0x0dd0  aspnet_state - ok
17:56:57.0425 0x0dd0  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:56:57.0425 0x0dd0  AsyncMac - ok
17:56:57.0425 0x0dd0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:56:57.0425 0x0dd0  atapi - ok
17:56:57.0471 0x0dd0  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:56:57.0471 0x0dd0  AudioEndpointBuilder - ok
17:56:57.0518 0x0dd0  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:56:57.0534 0x0dd0  Audiosrv - ok
17:56:57.0565 0x0dd0  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:56:57.0581 0x0dd0  AxInstSV - ok
17:56:57.0628 0x0dd0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:56:57.0643 0x0dd0  b06bdrv - ok
17:56:57.0659 0x0dd0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:56:57.0659 0x0dd0  BasicDisplay - ok
17:56:57.0706 0x0dd0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:56:57.0706 0x0dd0  BasicRender - ok
17:56:57.0721 0x0dd0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:56:57.0721 0x0dd0  bcmfn2 - ok
17:56:57.0784 0x0dd0  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:56:57.0784 0x0dd0  BDESVC - ok
17:56:57.0815 0x0dd0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:56:57.0815 0x0dd0  Beep - ok
17:56:57.0862 0x0dd0  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
17:56:57.0878 0x0dd0  BFE - ok
17:56:57.0940 0x0dd0  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
17:56:57.0956 0x0dd0  BITS - ok
17:56:58.0003 0x0dd0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:56:58.0003 0x0dd0  Bonjour Service - ok
17:56:58.0018 0x0dd0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:56:58.0018 0x0dd0  bowser - ok
17:56:58.0065 0x0dd0  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:56:58.0081 0x0dd0  BrokerInfrastructure - ok
17:56:58.0128 0x0dd0  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
17:56:58.0128 0x0dd0  Browser - ok
17:56:58.0143 0x0dd0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:56:58.0143 0x0dd0  BthAvrcpTg - ok
17:56:58.0159 0x0dd0  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:56:58.0159 0x0dd0  BthHFEnum - ok
17:56:58.0175 0x0dd0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:56:58.0175 0x0dd0  bthhfhid - ok
17:56:58.0190 0x0dd0  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:56:58.0190 0x0dd0  BTHMODEM - ok
17:56:58.0206 0x0dd0  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:56:58.0206 0x0dd0  bthserv - ok
17:56:58.0253 0x0dd0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:56:58.0253 0x0dd0  cdfs - ok
17:56:58.0300 0x0dd0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:56:58.0300 0x0dd0  cdrom - ok
17:56:58.0347 0x0dd0  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:56:58.0347 0x0dd0  CertPropSvc - ok
17:56:58.0347 0x0dd0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:56:58.0347 0x0dd0  circlass - ok
17:56:58.0378 0x0dd0  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:56:58.0393 0x0dd0  CLFS - ok
17:56:58.0425 0x0dd0  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:56:58.0425 0x0dd0  CLVirtualDrive - ok
17:56:58.0440 0x0dd0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:56:58.0440 0x0dd0  CmBatt - ok
17:56:58.0487 0x0dd0  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:56:58.0487 0x0dd0  CNG - ok
17:56:58.0503 0x0dd0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:56:58.0503 0x0dd0  CompositeBus - ok
17:56:58.0518 0x0dd0  COMSysApp - ok
17:56:58.0518 0x0dd0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:56:58.0518 0x0dd0  condrv - ok
17:56:58.0628 0x0dd0  [ 6DB7264A95FE984FFA072BA79FA087C8, CF180663B24B1660CD04CB26D8663FB7F357C9CF5731B315635D63B7DB76BCEC ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:56:58.0628 0x0dd0  cphs - ok
17:56:58.0675 0x0dd0  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:56:58.0675 0x0dd0  CryptSvc - ok
17:56:58.0722 0x0dd0  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:56:58.0722 0x0dd0  dam - ok
17:56:58.0768 0x0dd0  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:56:58.0784 0x0dd0  DcomLaunch - ok
17:56:58.0815 0x0dd0  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:56:58.0831 0x0dd0  defragsvc - ok
17:56:58.0878 0x0dd0  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:56:58.0878 0x0dd0  DeviceAssociationService - ok
17:56:58.0925 0x0dd0  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:56:58.0925 0x0dd0  DeviceInstall - ok
17:56:58.0940 0x0dd0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:56:58.0940 0x0dd0  Dfsc - ok
17:56:58.0987 0x0dd0  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:56:58.0987 0x0dd0  Dhcp - ok
17:56:59.0034 0x0dd0  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:56:59.0034 0x0dd0  disk - ok
17:56:59.0050 0x0dd0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:56:59.0050 0x0dd0  dmvsc - ok
17:56:59.0081 0x0dd0  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:56:59.0097 0x0dd0  Dnscache - ok
17:56:59.0143 0x0dd0  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:56:59.0143 0x0dd0  dot3svc - ok
17:56:59.0159 0x0dd0  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
17:56:59.0159 0x0dd0  DPS - ok
17:56:59.0190 0x0dd0  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:56:59.0190 0x0dd0  drmkaud - ok
17:56:59.0237 0x0dd0  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:56:59.0237 0x0dd0  DsmSvc - ok
17:56:59.0284 0x0dd0  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
17:56:59.0284 0x0dd0  dtsoftbus01 - ok
17:56:59.0378 0x0dd0  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:56:59.0409 0x0dd0  DXGKrnl - ok
17:56:59.0456 0x0dd0  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:56:59.0456 0x0dd0  Eaphost - ok
17:56:59.0581 0x0dd0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:56:59.0628 0x0dd0  ebdrv - ok
17:56:59.0675 0x0dd0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
17:56:59.0675 0x0dd0  EFS - ok
17:56:59.0690 0x0dd0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:56:59.0690 0x0dd0  EhStorClass - ok
17:56:59.0722 0x0dd0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:56:59.0722 0x0dd0  EhStorTcgDrv - ok
17:56:59.0722 0x0dd0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:56:59.0722 0x0dd0  ErrDev - ok
17:56:59.0815 0x0dd0  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
17:56:59.0831 0x0dd0  EventSystem - ok
17:56:59.0847 0x0dd0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:56:59.0847 0x0dd0  exfat - ok
17:56:59.0878 0x0dd0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:56:59.0878 0x0dd0  fastfat - ok
17:56:59.0940 0x0dd0  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:56:59.0956 0x0dd0  Fax - ok
17:56:59.0956 0x0dd0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:56:59.0956 0x0dd0  fdc - ok
17:56:59.0987 0x0dd0  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:56:59.0987 0x0dd0  fdPHost - ok
17:57:00.0003 0x0dd0  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:57:00.0003 0x0dd0  FDResPub - ok
17:57:00.0018 0x0dd0  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:57:00.0018 0x0dd0  fhsvc - ok
17:57:00.0081 0x0dd0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:57:00.0081 0x0dd0  FileInfo - ok
17:57:00.0081 0x0dd0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:57:00.0081 0x0dd0  Filetrace - ok
17:57:00.0112 0x0dd0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:57:00.0112 0x0dd0  flpydisk - ok
17:57:00.0206 0x0dd0  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:57:00.0206 0x0dd0  FltMgr - ok
17:57:00.0268 0x0dd0  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:57:00.0300 0x0dd0  FontCache - ok
17:57:00.0425 0x0dd0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:57:00.0425 0x0dd0  FontCache3.0.0.0 - ok
17:57:00.0440 0x0dd0  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:57:00.0456 0x0dd0  FsDepends - ok
17:57:00.0472 0x0dd0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:57:00.0472 0x0dd0  Fs_Rec - ok
17:57:00.0487 0x0dd0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:57:00.0503 0x0dd0  fvevol - ok
17:57:00.0518 0x0dd0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:57:00.0518 0x0dd0  FxPPM - ok
17:57:00.0534 0x0dd0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:57:00.0534 0x0dd0  gagp30kx - ok
17:57:00.0628 0x0dd0  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:57:00.0628 0x0dd0  GamesAppService - ok
17:57:00.0675 0x0dd0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:57:00.0675 0x0dd0  gencounter - ok
17:57:00.0690 0x0dd0  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:57:00.0690 0x0dd0  GPIOClx0101 - ok
17:57:00.0753 0x0dd0  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:57:00.0768 0x0dd0  gpsvc - ok
17:57:00.0815 0x0dd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:57:00.0815 0x0dd0  gupdate - ok
17:57:00.0831 0x0dd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:57:00.0831 0x0dd0  gupdatem - ok
17:57:00.0847 0x0dd0  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:57:00.0847 0x0dd0  HDAudBus - ok
17:57:00.0878 0x0dd0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:57:00.0878 0x0dd0  HidBatt - ok
17:57:00.0893 0x0dd0  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:57:00.0893 0x0dd0  HidBth - ok
17:57:00.0909 0x0dd0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:57:00.0909 0x0dd0  hidi2c - ok
17:57:00.0925 0x0dd0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:57:00.0925 0x0dd0  HidIr - ok
17:57:00.0972 0x0dd0  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:57:00.0972 0x0dd0  hidserv - ok
17:57:00.0987 0x0dd0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:57:00.0987 0x0dd0  HidUsb - ok
17:57:01.0034 0x0dd0  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:57:01.0034 0x0dd0  hkmsvc - ok
17:57:01.0050 0x0dd0  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:57:01.0050 0x0dd0  HomeGroupListener - ok
17:57:01.0097 0x0dd0  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:57:01.0112 0x0dd0  HomeGroupProvider - ok
17:57:01.0175 0x0dd0  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:57:01.0175 0x0dd0  HP Support Assistant Service - ok
17:57:01.0222 0x0dd0  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
17:57:01.0222 0x0dd0  hpdskflt - ok
17:57:01.0268 0x0dd0  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:57:01.0300 0x0dd0  hpqwmiex - ok
17:57:01.0331 0x0dd0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:57:01.0331 0x0dd0  HpSAMD - ok
17:57:01.0347 0x0dd0  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
17:57:01.0347 0x0dd0  hpsrv - ok
17:57:01.0409 0x0dd0  [ 3DB220B90C0C99057C5FDC735C8A7FA8, ECF6BAB435055C27609A9253F7ECBF917C3C411CF576373A877EA01A717D6FB3 ] HPWMISVC        c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
17:57:01.0409 0x0dd0  HPWMISVC - ok
17:57:01.0472 0x0dd0  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:57:01.0487 0x0dd0  HTTP - ok
17:57:01.0534 0x0dd0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:57:01.0534 0x0dd0  hwpolicy - ok
17:57:01.0550 0x0dd0  hxsyol - ok
17:57:01.0581 0x0dd0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:57:01.0581 0x0dd0  hyperkbd - ok
17:57:01.0597 0x0dd0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:57:01.0597 0x0dd0  HyperVideo - ok
17:57:01.0628 0x0dd0  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:57:01.0628 0x0dd0  i8042prt - ok
17:57:01.0643 0x0dd0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:57:01.0643 0x0dd0  iaLPSSi_GPIO - ok
17:57:01.0659 0x0dd0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:57:01.0675 0x0dd0  iaLPSSi_I2C - ok
17:57:01.0706 0x0dd0  [ 60F6526DB3297C7324957EF3143F88FF, F0D4AF7E66CD42793C5137B4F5E66AFCE13253C3FF8D397921EA23CD04D49763 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:57:01.0722 0x0dd0  iaStorA - ok
17:57:01.0753 0x0dd0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:57:01.0753 0x0dd0  iaStorAV - ok
17:57:01.0893 0x0dd0  [ 9D7AFC77C928460336642D6EFDB5BDEA, 9CF555B94A21D7A518B9228B6BE86679200FEC4219156D7D2183CDC906BA4548 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:57:01.0893 0x0dd0  IAStorDataMgrSvc - ok
17:57:01.0909 0x0dd0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:57:01.0925 0x0dd0  iaStorV - ok
17:57:01.0987 0x0dd0  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:57:01.0987 0x0dd0  IDriverT - ok
17:57:01.0987 0x0dd0  IEEtwCollectorService - ok
17:57:02.0128 0x0dd0  [ 0AECABC08F9AB4E504935B7662123B6E, 79D1C801A8FB0920469D6088158C518481485A065E8AF2E580FE4FCC1DE8F39B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:57:02.0206 0x0dd0  igfx - ok
17:57:02.0284 0x0dd0  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:57:02.0300 0x0dd0  IKEEXT - ok
17:57:02.0331 0x0dd0  [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:57:02.0331 0x0dd0  intaud_WaveExtensible - ok
17:57:02.0456 0x0dd0  [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:57:02.0518 0x0dd0  IntcAzAudAddService - ok
17:57:02.0597 0x0dd0  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:57:02.0597 0x0dd0  IntcDAud - ok
17:57:02.0659 0x0dd0  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:57:02.0675 0x0dd0  Intel® Capability Licensing Service Interface - ok
17:57:02.0722 0x0dd0  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:57:02.0737 0x0dd0  Intel® Capability Licensing Service TCP IP Interface - ok
17:57:02.0800 0x0dd0  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
17:57:02.0800 0x0dd0  Intel® ME Service - ok
17:57:02.0847 0x0dd0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:57:02.0847 0x0dd0  intelide - ok
17:57:02.0878 0x0dd0  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:57:02.0878 0x0dd0  intelpep - ok
17:57:02.0893 0x0dd0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:57:02.0893 0x0dd0  intelppm - ok
17:57:02.0940 0x0dd0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:57:02.0940 0x0dd0  IpFilterDriver - ok
17:57:03.0003 0x0dd0  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:57:03.0018 0x0dd0  iphlpsvc - ok
17:57:03.0050 0x0dd0  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:57:03.0050 0x0dd0  IPMIDRV - ok
17:57:03.0097 0x0dd0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:57:03.0097 0x0dd0  IPNAT - ok
17:57:03.0112 0x0dd0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:57:03.0112 0x0dd0  IRENUM - ok
17:57:03.0128 0x0dd0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:57:03.0128 0x0dd0  isapnp - ok
17:57:03.0165 0x0dd0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:57:03.0165 0x0dd0  iScsiPrt - ok
17:57:03.0212 0x0dd0  [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:57:03.0212 0x0dd0  iwdbus - ok
17:57:03.0244 0x0dd0  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:57:03.0244 0x0dd0  jhi_service - ok
17:57:03.0259 0x0dd0  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:57:03.0259 0x0dd0  kbdclass - ok
17:57:03.0275 0x0dd0  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:57:03.0275 0x0dd0  kbdhid - ok
17:57:03.0275 0x0dd0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:57:03.0275 0x0dd0  kdnic - ok
17:57:03.0290 0x0dd0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:57:03.0290 0x0dd0  KeyIso - ok
17:57:03.0306 0x0dd0  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:57:03.0306 0x0dd0  KSecDD - ok
17:57:03.0353 0x0dd0  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:57:03.0353 0x0dd0  KSecPkg - ok
17:57:03.0369 0x0dd0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:57:03.0369 0x0dd0  ksthunk - ok
17:57:03.0415 0x0dd0  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:57:03.0415 0x0dd0  KtmRm - ok
17:57:03.0447 0x0dd0  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:57:03.0447 0x0dd0  LanmanServer - ok
17:57:03.0509 0x0dd0  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:57:03.0509 0x0dd0  LanmanWorkstation - ok
17:57:03.0540 0x0dd0  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:57:03.0540 0x0dd0  lfsvc - ok
17:57:03.0556 0x0dd0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:57:03.0556 0x0dd0  lltdio - ok
17:57:03.0603 0x0dd0  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:57:03.0603 0x0dd0  lltdsvc - ok
17:57:03.0634 0x0dd0  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:57:03.0650 0x0dd0  lmhosts - ok
17:57:03.0697 0x0dd0  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:57:03.0697 0x0dd0  LMS - ok
17:57:03.0712 0x0dd0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:57:03.0712 0x0dd0  LSI_SAS - ok
17:57:03.0728 0x0dd0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:57:03.0744 0x0dd0  LSI_SAS2 - ok
17:57:03.0744 0x0dd0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:57:03.0744 0x0dd0  LSI_SAS3 - ok
17:57:03.0759 0x0dd0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:57:03.0759 0x0dd0  LSI_SSS - ok
17:57:03.0822 0x0dd0  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
17:57:03.0837 0x0dd0  LSM - ok
17:57:03.0884 0x0dd0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:57:03.0884 0x0dd0  luafv - ok
17:57:04.0009 0x0dd0  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:57:04.0009 0x0dd0  MBAMSwissArmy - ok
17:57:04.0025 0x0dd0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:57:04.0025 0x0dd0  megasas - ok
17:57:04.0040 0x0dd0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:57:04.0056 0x0dd0  megasr - ok
17:57:04.0072 0x0dd0  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:57:04.0072 0x0dd0  MEIx64 - ok
17:57:04.0119 0x0dd0  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:57:04.0119 0x0dd0  MMCSS - ok
17:57:04.0150 0x0dd0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:57:04.0150 0x0dd0  Modem - ok
17:57:04.0165 0x0dd0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:57:04.0165 0x0dd0  monitor - ok
17:57:04.0181 0x0dd0  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:57:04.0181 0x0dd0  mouclass - ok
17:57:04.0197 0x0dd0  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:57:04.0197 0x0dd0  mouhid - ok
17:57:04.0244 0x0dd0  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:57:04.0244 0x0dd0  mountmgr - ok
17:57:04.0259 0x0dd0  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:57:04.0259 0x0dd0  mpsdrv - ok
17:57:04.0322 0x0dd0  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:57:04.0337 0x0dd0  MpsSvc - ok
17:57:04.0353 0x0dd0  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:57:04.0369 0x0dd0  MRxDAV - ok
17:57:04.0400 0x0dd0  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:57:04.0416 0x0dd0  mrxsmb - ok
17:57:04.0431 0x0dd0  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:57:04.0447 0x0dd0  mrxsmb10 - ok
17:57:04.0478 0x0dd0  [ 5C42CEE3E2018E1DFC6E3E17240A432A, 7DFF61686167535125BA376A9BE3DD1C2AC7A2C13455E0FD8E83AAE88E52F987 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:57:04.0494 0x0dd0  mrxsmb20 - ok
17:57:04.0509 0x0dd0  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:57:04.0509 0x0dd0  MsBridge - ok
17:57:04.0556 0x0dd0  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:57:04.0556 0x0dd0  MSDTC - ok
17:57:04.0572 0x0dd0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:57:04.0572 0x0dd0  Msfs - ok
17:57:04.0587 0x0dd0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:57:04.0587 0x0dd0  msgpiowin32 - ok
17:57:04.0603 0x0dd0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:57:04.0603 0x0dd0  mshidkmdf - ok
17:57:04.0603 0x0dd0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:57:04.0603 0x0dd0  mshidumdf - ok
17:57:04.0634 0x0dd0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:57:04.0634 0x0dd0  msisadrv - ok
17:57:04.0666 0x0dd0  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:57:04.0666 0x0dd0  MSiSCSI - ok
17:57:04.0666 0x0dd0  msiserver - ok
17:57:04.0681 0x0dd0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:57:04.0697 0x0dd0  MSKSSRV - ok
17:57:04.0712 0x0dd0  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:57:04.0712 0x0dd0  MsLldp - ok
17:57:04.0712 0x0dd0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:57:04.0712 0x0dd0  MSPCLOCK - ok
17:57:04.0728 0x0dd0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:57:04.0728 0x0dd0  MSPQM - ok
17:57:04.0759 0x0dd0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:57:04.0759 0x0dd0  MsRPC - ok
17:57:04.0791 0x0dd0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:57:04.0791 0x0dd0  mssmbios - ok
17:57:04.0791 0x0dd0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:57:04.0791 0x0dd0  MSTEE - ok
17:57:04.0806 0x0dd0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:57:04.0806 0x0dd0  MTConfig - ok
17:57:04.0806 0x0dd0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:57:04.0806 0x0dd0  Mup - ok
17:57:04.0837 0x0dd0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:57:04.0837 0x0dd0  mvumis - ok
17:57:04.0884 0x0dd0  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:57:04.0900 0x0dd0  napagent - ok
17:57:04.0931 0x0dd0  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:57:04.0931 0x0dd0  NativeWifiP - ok
17:57:04.0978 0x0dd0  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:57:04.0978 0x0dd0  NcaSvc - ok
17:57:04.0994 0x0dd0  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:57:05.0009 0x0dd0  NcbService - ok
17:57:05.0009 0x0dd0  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:57:05.0009 0x0dd0  NcdAutoSetup - ok
17:57:05.0072 0x0dd0  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:57:05.0087 0x0dd0  NDIS - ok
17:57:05.0134 0x0dd0  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:57:05.0134 0x0dd0  NdisCap - ok
17:57:05.0150 0x0dd0  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:57:05.0150 0x0dd0  NdisImPlatform - ok
17:57:05.0166 0x0dd0  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:57:05.0166 0x0dd0  NdisTapi - ok
17:57:05.0181 0x0dd0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:57:05.0181 0x0dd0  Ndisuio - ok
17:57:05.0197 0x0dd0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:57:05.0197 0x0dd0  NdisVirtualBus - ok
17:57:05.0212 0x0dd0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:57:05.0228 0x0dd0  NdisWan - ok
17:57:05.0228 0x0dd0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:57:05.0228 0x0dd0  NdisWanLegacy - ok
17:57:05.0259 0x0dd0  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:57:05.0259 0x0dd0  NDProxy - ok
17:57:05.0275 0x0dd0  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:57:05.0275 0x0dd0  Ndu - ok
17:57:05.0291 0x0dd0  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:57:05.0291 0x0dd0  NetBIOS - ok
17:57:05.0306 0x0dd0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:57:05.0306 0x0dd0  NetBT - ok
17:57:05.0322 0x0dd0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:57:05.0322 0x0dd0  Netlogon - ok
17:57:05.0369 0x0dd0  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
17:57:05.0384 0x0dd0  Netman - ok
17:57:05.0431 0x0dd0  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:57:05.0447 0x0dd0  netprofm - ok
17:57:05.0494 0x0dd0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:57:05.0494 0x0dd0  NetTcpPortSharing - ok
17:57:05.0509 0x0dd0  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:57:05.0509 0x0dd0  netvsc - ok
17:57:05.0541 0x0dd0  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:57:05.0541 0x0dd0  NlaSvc - ok
17:57:05.0588 0x0dd0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:57:05.0588 0x0dd0  Npfs - ok
17:57:05.0634 0x0dd0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:57:05.0634 0x0dd0  npsvctrig - ok
17:57:05.0650 0x0dd0  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:57:05.0650 0x0dd0  nsi - ok
17:57:05.0666 0x0dd0  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:57:05.0666 0x0dd0  nsiproxy - ok
17:57:05.0744 0x0dd0  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:57:05.0775 0x0dd0  Ntfs - ok
17:57:05.0791 0x0dd0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:57:05.0791 0x0dd0  Null - ok
17:57:05.0806 0x0dd0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:57:05.0806 0x0dd0  nvraid - ok
17:57:05.0837 0x0dd0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:57:05.0837 0x0dd0  nvstor - ok
17:57:05.0869 0x0dd0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:57:05.0869 0x0dd0  nv_agp - ok
17:57:05.0900 0x0dd0  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:57:05.0916 0x0dd0  p2pimsvc - ok
17:57:05.0963 0x0dd0  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:57:05.0978 0x0dd0  p2psvc - ok
17:57:05.0994 0x0dd0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:57:05.0994 0x0dd0  Parport - ok
17:57:06.0009 0x0dd0  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:57:06.0009 0x0dd0  partmgr - ok
17:57:06.0025 0x0dd0  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:57:06.0041 0x0dd0  PcaSvc - ok
17:57:06.0088 0x0dd0  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:57:06.0088 0x0dd0  pci - ok
17:57:06.0103 0x0dd0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:57:06.0103 0x0dd0  pciide - ok
17:57:06.0119 0x0dd0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:57:06.0134 0x0dd0  pcmcia - ok
17:57:06.0150 0x0dd0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:57:06.0150 0x0dd0  pcw - ok
17:57:06.0181 0x0dd0  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:57:06.0181 0x0dd0  pdc - ok
17:57:06.0259 0x0dd0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:57:06.0275 0x0dd0  PEAUTH - ok
17:57:06.0369 0x0dd0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:57:06.0369 0x0dd0  PerfHost - ok
17:57:06.0463 0x0dd0  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
17:57:06.0494 0x0dd0  pla - ok
17:57:06.0525 0x0dd0  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:57:06.0541 0x0dd0  PlugPlay - ok
17:57:06.0572 0x0dd0  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:57:06.0572 0x0dd0  PNRPAutoReg - ok
17:57:06.0603 0x0dd0  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:57:06.0619 0x0dd0  PNRPsvc - ok
17:57:06.0666 0x0dd0  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:57:06.0666 0x0dd0  PolicyAgent - ok
17:57:06.0728 0x0dd0  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
17:57:06.0744 0x0dd0  Power - ok
17:57:06.0791 0x0dd0  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:57:06.0791 0x0dd0  PptpMiniport - ok
17:57:06.0931 0x0dd0  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:57:06.0978 0x0dd0  PrintNotify - ok
17:57:06.0994 0x0dd0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:57:06.0994 0x0dd0  Processor - ok
17:57:07.0025 0x0dd0  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:57:07.0025 0x0dd0  ProfSvc - ok
17:57:07.0072 0x0dd0  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:57:07.0072 0x0dd0  Psched - ok
17:57:07.0119 0x0dd0  [ CCDFA869C058AF99B0B77A717756F309, 293D69F3492CA4C3C4A03DC1B33437EDCEFFB60CA414D70B2AC6C449E7AC7761 ] PTSimBus        C:\WINDOWS\System32\drivers\PTSimBus.sys
17:57:07.0119 0x0dd0  PTSimBus - ok
17:57:07.0166 0x0dd0  [ A8F54446BB467BB8D65E658ADDBDCB3F, 9C155420E04340D7024CD936796B77F58DFC78F27A4B04F09791025CFE06AEB4 ] PTSimHid        C:\WINDOWS\System32\drivers\PTSimHid.sys
17:57:07.0166 0x0dd0  PTSimHid - ok
17:57:07.0213 0x0dd0  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:57:07.0228 0x0dd0  QWAVE - ok
17:57:07.0228 0x0dd0  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:57:07.0228 0x0dd0  QWAVEdrv - ok
17:57:07.0255 0x0dd0  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:57:07.0255 0x0dd0  RasAcd - ok
17:57:07.0286 0x0dd0  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:57:07.0286 0x0dd0  RasAgileVpn - ok
17:57:07.0333 0x0dd0  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:57:07.0333 0x0dd0  RasAuto - ok
17:57:07.0364 0x0dd0  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:57:07.0364 0x0dd0  Rasl2tp - ok
17:57:07.0411 0x0dd0  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:57:07.0427 0x0dd0  RasMan - ok
17:57:07.0442 0x0dd0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:57:07.0442 0x0dd0  RasPppoe - ok
17:57:07.0458 0x0dd0  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
17:57:07.0458 0x0dd0  RasSstp - ok
17:57:07.0489 0x0dd0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:57:07.0505 0x0dd0  rdbss - ok
17:57:07.0521 0x0dd0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:57:07.0521 0x0dd0  rdpbus - ok
17:57:07.0536 0x0dd0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:57:07.0536 0x0dd0  RDPDR - ok
17:57:07.0567 0x0dd0  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:57:07.0567 0x0dd0  RdpVideoMiniport - ok
17:57:07.0630 0x0dd0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:57:07.0630 0x0dd0  rdyboost - ok
17:57:07.0692 0x0dd0  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:57:07.0708 0x0dd0  ReFS - ok
17:57:07.0755 0x0dd0  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:57:07.0755 0x0dd0  RemoteAccess - ok
17:57:07.0802 0x0dd0  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:57:07.0802 0x0dd0  RemoteRegistry - ok
17:57:07.0833 0x0dd0  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:57:07.0849 0x0dd0  RpcEptMapper - ok
17:57:07.0880 0x0dd0  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:57:07.0880 0x0dd0  RpcLocator - ok
17:57:07.0942 0x0dd0  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:57:07.0958 0x0dd0  RpcSs - ok
17:57:07.0974 0x0dd0  [ 60BCF0F09DD963D0F89F571F9D1EB8C1, 59BC9EA4D6C5B24352FC7C2DF4856398F6F734A2C52FD9A9195539593C37C8BC ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
17:57:07.0989 0x0dd0  RSP2STOR - ok
17:57:08.0036 0x0dd0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:57:08.0036 0x0dd0  rspndr - ok
17:57:08.0146 0x0dd0  [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
17:57:08.0146 0x0dd0  RtkAudioService - ok
17:57:08.0192 0x0dd0  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:57:08.0208 0x0dd0  RTL8168 - ok
17:57:08.0302 0x0dd0  [ 0004430BB4664C095ACEF32733035F04, 559BEF335397F9B21ABCB720BF8C4D5E257168B8859109B886E7B277FA572BD7 ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
17:57:08.0364 0x0dd0  RTWlanE - ok
17:57:08.0489 0x0dd0  [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
17:57:08.0489 0x0dd0  RzKLService - ok
17:57:08.0521 0x0dd0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:57:08.0521 0x0dd0  s3cap - ok
17:57:08.0567 0x0dd0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:57:08.0567 0x0dd0  SamSs - ok
17:57:08.0614 0x0dd0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:57:08.0614 0x0dd0  sbp2port - ok
17:57:08.0661 0x0dd0  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:57:08.0661 0x0dd0  SCardSvr - ok
17:57:08.0677 0x0dd0  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:57:08.0677 0x0dd0  ScDeviceEnum - ok
17:57:08.0692 0x0dd0  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:57:08.0692 0x0dd0  scfilter - ok
17:57:08.0755 0x0dd0  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:57:08.0786 0x0dd0  Schedule - ok
17:57:08.0833 0x0dd0  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:57:08.0833 0x0dd0  SCPolicySvc - ok
17:57:08.0880 0x0dd0  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:57:08.0880 0x0dd0  sdbus - ok
17:57:08.0942 0x0dd0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:57:08.0958 0x0dd0  sdstor - ok
17:57:08.0974 0x0dd0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:57:08.0974 0x0dd0  secdrv - ok
17:57:09.0036 0x0dd0  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:57:09.0036 0x0dd0  seclogon - ok
17:57:09.0052 0x0dd0  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
17:57:09.0052 0x0dd0  SENS - ok
17:57:09.0067 0x0dd0  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:57:09.0067 0x0dd0  SensrSvc - ok
17:57:09.0099 0x0dd0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:57:09.0099 0x0dd0  SerCx - ok
17:57:09.0146 0x0dd0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:57:09.0146 0x0dd0  SerCx2 - ok
17:57:09.0161 0x0dd0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:57:09.0161 0x0dd0  Serenum - ok
17:57:09.0177 0x0dd0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:57:09.0177 0x0dd0  Serial - ok
17:57:09.0192 0x0dd0  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:57:09.0192 0x0dd0  sermouse - ok
17:57:09.0224 0x0dd0  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:57:09.0224 0x0dd0  SessionEnv - ok
17:57:09.0239 0x0dd0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:57:09.0239 0x0dd0  sfloppy - ok
17:57:09.0286 0x0dd0  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:57:09.0302 0x0dd0  SharedAccess - ok
17:57:09.0427 0x0dd0  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:57:09.0442 0x0dd0  ShellHWDetection - ok
17:57:09.0458 0x0dd0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:57:09.0458 0x0dd0  SiSRaid2 - ok
17:57:09.0474 0x0dd0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:57:09.0474 0x0dd0  SiSRaid4 - ok
17:57:09.0505 0x0dd0  [ 3E76F338E42616A22CA3AC379F95F2CB, 8EFE03420FF5BB518D1B9A38770A4A3FF19979D19F023F3C07C21E26676D9317 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
17:57:09.0505 0x0dd0  SmbDrv - ok
17:57:09.0521 0x0dd0  [ EBC839A7079CE7B353153AF9FAE8A57A, BEA3A1DEEA0CB0EE2E1B73CD592CC77C9B9FDEA2A0EA9369A0E10DEF97C5F923 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
17:57:09.0521 0x0dd0  SmbDrvI - ok
17:57:09.0567 0x0dd0  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
17:57:09.0567 0x0dd0  smphost - ok
17:57:09.0614 0x0dd0  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:57:09.0614 0x0dd0  SNMPTRAP - ok
17:57:09.0646 0x0dd0  [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:57:09.0661 0x0dd0  spaceport - ok
17:57:09.0677 0x0dd0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:57:09.0677 0x0dd0  SpbCx - ok
17:57:09.0724 0x0dd0  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:57:09.0739 0x0dd0  Spooler - ok
17:57:09.0927 0x0dd0  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:57:10.0036 0x0dd0  sppsvc - ok
17:57:10.0099 0x0dd0  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:57:10.0099 0x0dd0  srv - ok
17:57:10.0146 0x0dd0  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:57:10.0161 0x0dd0  srv2 - ok
17:57:10.0177 0x0dd0  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:57:10.0192 0x0dd0  srvnet - ok
17:57:10.0239 0x0dd0  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:57:10.0239 0x0dd0  SSDPSRV - ok
17:57:10.0239 0x0dd0  ssnfd - ok
17:57:10.0286 0x0dd0  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:57:10.0286 0x0dd0  SstpSvc - ok
17:57:10.0349 0x0dd0  [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:57:10.0349 0x0dd0  Steam Client Service - ok
17:57:10.0380 0x0dd0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:57:10.0380 0x0dd0  stexstor - ok
17:57:10.0458 0x0dd0  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:57:10.0458 0x0dd0  stisvc - ok
17:57:10.0474 0x0dd0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:57:10.0489 0x0dd0  storahci - ok
17:57:10.0489 0x0dd0  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:57:10.0489 0x0dd0  storflt - ok
17:57:10.0521 0x0dd0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:57:10.0521 0x0dd0  stornvme - ok
17:57:10.0536 0x0dd0  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:57:10.0536 0x0dd0  StorSvc - ok
17:57:10.0552 0x0dd0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:57:10.0552 0x0dd0  storvsc - ok
17:57:10.0567 0x0dd0  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:57:10.0567 0x0dd0  svsvc - ok
17:57:10.0583 0x0dd0  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:57:10.0583 0x0dd0  swenum - ok
17:57:10.0661 0x0dd0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:57:10.0661 0x0dd0  SwitchBoard - ok
17:57:10.0708 0x0dd0  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
17:57:10.0724 0x0dd0  swprv - ok
17:57:10.0755 0x0dd0  [ 2D6C2C672D092B82FD22AFDB9E32B1EF, E5988F82955D9A5EE712831CF0E420A88316E7126BC24D834460CF7115F91AD4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:57:10.0771 0x0dd0  SynTP - ok
17:57:10.0833 0x0dd0  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:57:10.0849 0x0dd0  SysMain - ok
17:57:10.0896 0x0dd0  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:57:10.0911 0x0dd0  SystemEventsBroker - ok
17:57:10.0911 0x0dd0  Tablet2k - ok
17:57:10.0942 0x0dd0  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:57:10.0942 0x0dd0  TabletInputService - ok
17:57:10.0958 0x0dd0  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:57:10.0974 0x0dd0  TapiSrv - ok
17:57:11.0021 0x0dd0  [ 2FEF6EA93B449D5052FE294D695ECC78, F7D2BD4AB885813BEB41EFA5094A90BA97E11E0D3F926FEB51913FE2021AD798 ] TClass2k        C:\WINDOWS\system32\DRIVERS\TClass2k.sys
17:57:11.0021 0x0dd0  TClass2k - ok
17:57:11.0114 0x0dd0  [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:57:11.0161 0x0dd0  Tcpip - ok
17:57:11.0224 0x0dd0  [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:57:11.0255 0x0dd0  TCPIP6 - ok
17:57:11.0286 0x0dd0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:57:11.0286 0x0dd0  tcpipreg - ok
17:57:11.0317 0x0dd0  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:57:11.0333 0x0dd0  tdx - ok
17:57:11.0364 0x0dd0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:57:11.0364 0x0dd0  terminpt - ok
17:57:11.0411 0x0dd0  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:57:11.0442 0x0dd0  TermService - ok
17:57:11.0489 0x0dd0  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:57:11.0489 0x0dd0  Themes - ok
17:57:11.0521 0x0dd0  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:57:11.0521 0x0dd0  THREADORDER - ok
17:57:11.0552 0x0dd0  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:57:11.0552 0x0dd0  TimeBroker - ok
17:57:11.0567 0x0dd0  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:57:11.0567 0x0dd0  TPM - ok
17:57:11.0614 0x0dd0  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:57:11.0614 0x0dd0  TrkWks - ok
17:57:11.0694 0x0dd0  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:57:11.0694 0x0dd0  TrustedInstaller - ok
17:57:11.0709 0x0dd0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:57:11.0725 0x0dd0  TsUsbFlt - ok
17:57:11.0725 0x0dd0  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:57:11.0725 0x0dd0  TsUsbGD - ok
17:57:11.0756 0x0dd0  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:57:11.0756 0x0dd0  tunnel - ok
17:57:11.0787 0x0dd0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:57:11.0787 0x0dd0  uagp35 - ok
17:57:11.0803 0x0dd0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:57:11.0803 0x0dd0  UASPStor - ok
17:57:11.0850 0x0dd0  [ 5925BB28F0A6C89531DB4792BE8F3A9A, B2D12FB2F8101B9DA19EB5D8FB64D3520638981F1D6A0AA3293D36DE2D013BD2 ] UCTblHid        C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
17:57:11.0850 0x0dd0  UCTblHid - ok
17:57:11.0866 0x0dd0  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:57:11.0881 0x0dd0  UCX01000 - ok
17:57:11.0897 0x0dd0  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:57:11.0897 0x0dd0  udfs - ok
17:57:11.0929 0x0dd0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:57:11.0929 0x0dd0  UEFI - ok
17:57:11.0976 0x0dd0  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:57:11.0976 0x0dd0  UI0Detect - ok
17:57:11.0992 0x0dd0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:57:11.0992 0x0dd0  uliagpkx - ok
17:57:12.0008 0x0dd0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:57:12.0008 0x0dd0  umbus - ok
17:57:12.0023 0x0dd0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:57:12.0023 0x0dd0  UmPass - ok
17:57:12.0070 0x0dd0  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:57:12.0086 0x0dd0  UmRdpService - ok
17:57:12.0101 0x0dd0  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:57:12.0117 0x0dd0  upnphost - ok
17:57:12.0133 0x0dd0  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:57:12.0133 0x0dd0  usbccgp - ok
17:57:12.0148 0x0dd0  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:57:12.0148 0x0dd0  usbcir - ok
17:57:12.0199 0x0dd0  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:57:12.0199 0x0dd0  usbehci - ok
17:57:12.0231 0x0dd0  [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:57:12.0231 0x0dd0  usbhub - ok
17:57:12.0293 0x0dd0  [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:57:12.0293 0x0dd0  USBHUB3 - ok
17:57:12.0340 0x0dd0  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:57:12.0340 0x0dd0  usbohci - ok
17:57:12.0356 0x0dd0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:57:12.0356 0x0dd0  usbprint - ok
17:57:12.0371 0x0dd0  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:57:12.0371 0x0dd0  usbscan - ok
17:57:12.0418 0x0dd0  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:57:12.0434 0x0dd0  USBSTOR - ok
17:57:12.0434 0x0dd0  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:57:12.0434 0x0dd0  usbuhci - ok
17:57:12.0449 0x0dd0  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:57:12.0449 0x0dd0  usbvideo - ok
17:57:12.0496 0x0dd0  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:57:12.0512 0x0dd0  USBXHCI - ok
17:57:12.0528 0x0dd0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:57:12.0528 0x0dd0  VaultSvc - ok
17:57:12.0528 0x0dd0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:57:12.0528 0x0dd0  vdrvroot - ok
17:57:12.0606 0x0dd0  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
17:57:12.0621 0x0dd0  vds - ok
17:57:12.0668 0x0dd0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:57:12.0668 0x0dd0  VerifierExt - ok
17:57:12.0731 0x0dd0  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:57:12.0746 0x0dd0  vhdmp - ok
17:57:12.0778 0x0dd0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:57:12.0778 0x0dd0  viaide - ok
17:57:12.0793 0x0dd0  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:57:12.0793 0x0dd0  vmbus - ok
17:57:12.0824 0x0dd0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:57:12.0824 0x0dd0  VMBusHID - ok
17:57:12.0871 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:57:12.0887 0x0dd0  vmicguestinterface - ok
17:57:12.0902 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:57:12.0902 0x0dd0  vmicheartbeat - ok
17:57:12.0918 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:57:12.0934 0x0dd0  vmickvpexchange - ok
17:57:12.0949 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:57:12.0949 0x0dd0  vmicrdv - ok
17:57:12.0965 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:57:12.0981 0x0dd0  vmicshutdown - ok
17:57:12.0996 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:57:12.0996 0x0dd0  vmictimesync - ok
17:57:13.0012 0x0dd0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:57:13.0027 0x0dd0  vmicvss - ok
17:57:13.0027 0x0dd0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:57:13.0027 0x0dd0  volmgr - ok
17:57:13.0059 0x0dd0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:57:13.0059 0x0dd0  volmgrx - ok
17:57:13.0106 0x0dd0  [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:57:13.0106 0x0dd0  volsnap - ok
17:57:13.0121 0x0dd0  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:57:13.0121 0x0dd0  vpci - ok
17:57:13.0153 0x0dd0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:57:13.0153 0x0dd0  vsmraid - ok
17:57:13.0215 0x0dd0  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
17:57:13.0231 0x0dd0  VSS - ok
17:57:13.0262 0x0dd0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:57:13.0262 0x0dd0  VSTXRAID - ok
17:57:13.0309 0x0dd0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:57:13.0309 0x0dd0  vwifibus - ok
17:57:13.0371 0x0dd0  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:57:13.0371 0x0dd0  vwififlt - ok
17:57:13.0418 0x0dd0  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:57:13.0418 0x0dd0  vwifimp - ok
17:57:13.0465 0x0dd0  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
17:57:13.0481 0x0dd0  W32Time - ok
17:57:13.0559 0x0dd0  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
17:57:13.0559 0x0dd0  w3logsvc - ok
17:57:13.0574 0x0dd0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:57:13.0574 0x0dd0  WacomPen - ok
17:57:13.0590 0x0dd0  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:57:13.0590 0x0dd0  Wanarp - ok
17:57:13.0606 0x0dd0  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:57:13.0606 0x0dd0  Wanarpv6 - ok
17:57:13.0668 0x0dd0  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:57:13.0668 0x0dd0  WAS - ok
17:57:13.0746 0x0dd0  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:57:13.0777 0x0dd0  wbengine - ok
17:57:13.0824 0x0dd0  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:57:13.0840 0x0dd0  WbioSrvc - ok
17:57:13.0887 0x0dd0  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:57:13.0902 0x0dd0  Wcmsvc - ok
17:57:13.0918 0x0dd0  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:57:13.0934 0x0dd0  wcncsvc - ok
17:57:13.0949 0x0dd0  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:57:13.0949 0x0dd0  WcsPlugInService - ok
17:57:13.0981 0x0dd0  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:57:13.0981 0x0dd0  WdBoot - ok
17:57:14.0027 0x0dd0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:57:14.0043 0x0dd0  Wdf01000 - ok
17:57:14.0059 0x0dd0  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:57:14.0074 0x0dd0  WdFilter - ok
17:57:14.0121 0x0dd0  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:57:14.0121 0x0dd0  WdiServiceHost - ok
17:57:14.0121 0x0dd0  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:57:14.0121 0x0dd0  WdiSystemHost - ok
17:57:14.0137 0x0dd0  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:57:14.0137 0x0dd0  WdNisDrv - ok
17:57:14.0184 0x0dd0  WdNisSvc - ok
17:57:14.0231 0x0dd0  [ D261A12A43D33122CB90E70D3BC1CC68, 1B5237909CDD5DC4982599E94C2AAC37FEA6B1C282249DEB13E84A826C6E4B01 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:57:14.0231 0x0dd0  WebClient - ok
17:57:14.0246 0x0dd0  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:57:14.0246 0x0dd0  Wecsvc - ok
17:57:14.0262 0x0dd0  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:57:14.0262 0x0dd0  WEPHOSTSVC - ok
17:57:14.0309 0x0dd0  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:57:14.0309 0x0dd0  wercplsupport - ok
17:57:14.0356 0x0dd0  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:57:14.0356 0x0dd0  WerSvc - ok
17:57:14.0387 0x0dd0  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:57:14.0387 0x0dd0  WFPLWFS - ok
17:57:14.0449 0x0dd0  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:57:14.0449 0x0dd0  WiaRpc - ok
17:57:14.0481 0x0dd0  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:57:14.0481 0x0dd0  WIMMount - ok
17:57:14.0481 0x0dd0  WinDefend - ok
17:57:14.0621 0x0dd0  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:57:14.0637 0x0dd0  WinHttpAutoProxySvc - ok
17:57:14.0715 0x0dd0  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:57:14.0731 0x0dd0  Winmgmt - ok
17:57:14.0856 0x0dd0  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:57:14.0887 0x0dd0  WinRM - ok
17:57:14.0934 0x0dd0  [ BBA330134C7D7568744DFF0E2F948A72, 8D07DC4ACD81005406BA5CBB36A238D62754D592832EB4C146F5FC901E82284B ] WinTabService   C:\WINDOWS\System32\Drivers\WTSRV.EXE
17:57:14.0934 0x0dd0  WinTabService - ok
17:57:14.0965 0x0dd0  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:57:14.0981 0x0dd0  WinUsb - ok
17:57:14.0996 0x0dd0  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
17:57:14.0996 0x0dd0  WirelessButtonDriver - ok
17:57:15.0059 0x0dd0  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:57:15.0090 0x0dd0  WlanSvc - ok
17:57:15.0168 0x0dd0  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:57:15.0199 0x0dd0  wlidsvc - ok
17:57:15.0215 0x0dd0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:57:15.0215 0x0dd0  WmiAcpi - ok
17:57:15.0262 0x0dd0  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:57:15.0262 0x0dd0  wmiApSrv - ok
17:57:15.0309 0x0dd0  WMPNetworkSvc - ok
17:57:15.0340 0x0dd0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:57:15.0340 0x0dd0  Wof - ok
17:57:15.0403 0x0dd0  [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:57:15.0434 0x0dd0  workfolderssvc - ok
17:57:15.0465 0x0dd0  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:57:15.0465 0x0dd0  wpcfltr - ok
17:57:15.0512 0x0dd0  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:57:15.0512 0x0dd0  WPCSvc - ok
17:57:15.0512 0x0dd0  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:57:15.0512 0x0dd0  WPDBusEnum - ok
17:57:15.0559 0x0dd0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:57:15.0559 0x0dd0  WpdUpFltr - ok
17:57:15.0590 0x0dd0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:57:15.0590 0x0dd0  ws2ifsl - ok
17:57:15.0621 0x0dd0  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:57:15.0621 0x0dd0  wscsvc - ok
17:57:15.0653 0x0dd0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:57:15.0653 0x0dd0  WSDPrintDevice - ok
17:57:15.0684 0x0dd0  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
17:57:15.0684 0x0dd0  WSDScan - ok
17:57:15.0684 0x0dd0  WSearch - ok
17:57:15.0809 0x0dd0  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
17:57:15.0856 0x0dd0  WSService - ok
17:57:15.0996 0x0dd0  [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:57:16.0059 0x0dd0  wuauserv - ok
17:57:16.0121 0x0dd0  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:57:16.0121 0x0dd0  WudfPf - ok
17:57:16.0168 0x0dd0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:57:16.0184 0x0dd0  WUDFRd - ok
17:57:16.0184 0x0dd0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:57:16.0184 0x0dd0  WUDFSensorLP - ok
17:57:16.0199 0x0dd0  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:57:16.0215 0x0dd0  wudfsvc - ok
17:57:16.0215 0x0dd0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:57:16.0215 0x0dd0  WUDFWpdFs - ok
17:57:16.0231 0x0dd0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:57:16.0231 0x0dd0  WUDFWpdMtp - ok
17:57:16.0278 0x0dd0  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:57:16.0293 0x0dd0  WwanSvc - ok
17:57:16.0293 0x0dd0  ================ Scan global ===============================
17:57:16.0358 0x0dd0  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
17:57:16.0388 0x0dd0  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
17:57:16.0435 0x0dd0  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
17:57:16.0482 0x0dd0  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
17:57:16.0482 0x0dd0  [ Global ] - ok
17:57:16.0482 0x0dd0  ================ Scan MBR ==================================
17:57:16.0482 0x0dd0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:57:17.0326 0x0dd0  \Device\Harddisk0\DR0 - ok
17:57:17.0326 0x0dd0  [ EBDF2BEBC17C6878F5FFD98183220115 ] \Device\Harddisk1\DR5
17:57:17.0404 0x0dd0  \Device\Harddisk1\DR5 - ok
17:57:17.0404 0x0dd0  ================ Scan VBR ==================================
17:57:17.0435 0x0dd0  [ 0C83475FAF341C55FEB7CDAF1C16E8CC ] \Device\Harddisk0\DR0\Partition1
17:57:17.0451 0x0dd0  \Device\Harddisk0\DR0\Partition1 - ok
17:57:17.0466 0x0dd0  [ A65F69D89172CF4D42107DCE4F00FD3E ] \Device\Harddisk0\DR0\Partition2
17:57:17.0482 0x0dd0  \Device\Harddisk0\DR0\Partition2 - ok
17:57:17.0498 0x0dd0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:57:17.0498 0x0dd0  \Device\Harddisk0\DR0\Partition3 - ok
17:57:17.0513 0x0dd0  [ 588705681A3041BC9E9649ED8F2F9D17 ] \Device\Harddisk0\DR0\Partition4
17:57:17.0513 0x0dd0  \Device\Harddisk0\DR0\Partition4 - ok
17:57:17.0529 0x0dd0  [ F10A8F6FE95875728B203A115196C3C3 ] \Device\Harddisk0\DR0\Partition5
17:57:17.0544 0x0dd0  \Device\Harddisk0\DR0\Partition5 - ok
17:57:17.0560 0x0dd0  [ E3B6E251D6E1A95C3A5668256B65D989 ] \Device\Harddisk0\DR0\Partition6
17:57:17.0576 0x0dd0  \Device\Harddisk0\DR0\Partition6 - ok
17:57:17.0576 0x0dd0  ================ Scan generic autorun ======================
17:57:17.0638 0x0dd0  [ ED77575498921FE61B53A5EBB1F4136B, C52D3451F34E5115A1AAA424DC8F0A7A2AA3468726BA1873F0BCCFE1480FCB57 ] C:\WINDOWS\system32\igfxtray.exe
17:57:17.0638 0x0dd0  IgfxTray - ok
17:57:17.0669 0x0dd0  [ F31985811DD87B61708B0E8484E88216, A61C4B48AFF70455FBD989FBAC3C9CF8C4C1425CF1F94296660036CF6E0E2B04 ] C:\WINDOWS\system32\hkcmd.exe
17:57:17.0685 0x0dd0  HotKeysCmds - ok
17:57:17.0748 0x0dd0  [ C89C68961854E7A67946BE47D44EFAF4, 954EE4BF56F9602B6275B6F852BBB5F739147B3D1395AC07A02BDE0027828CFF ] C:\WINDOWS\system32\igfxpers.exe
17:57:17.0763 0x0dd0  Persistence - ok
17:57:17.0966 0x0dd0  [ 2166853BF49ECB1870385736CFA0068C, 37FF80713C4EFDF1248D90253DF501351245A9ECD4CA2C85E5ACAACFF1895C38 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:57:18.0076 0x0dd0  RTHDVCPL - ok
17:57:18.0248 0x0dd0  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
17:57:18.0263 0x0dd0  AdobeAAMUpdater-1.0 - ok
17:57:18.0451 0x0dd0  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
17:57:18.0498 0x0dd0  NCPluginUpdater - ok
17:57:18.0560 0x0dd0  [ D7774BD01B9EBAA36436E0B007649612, 33F27F9143B6DF41372EB34E864F1D3C9A0B78ACE6D7247C91F2AC04FB13CADC ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
17:57:18.0576 0x0dd0  RemoteControl10 - ok
17:57:18.0826 0x0dd0  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Marcelyna\AppData\Local\Akamai\netsession_win.exe
17:57:18.0904 0x0dd0  Akamai NetSession Interface - ok
17:57:18.0998 0x0dd0  [ 61E2F5A62F02A0B59D361EFB95692FF3, 61854C29C1B3ADC82721A85584BCAE53A9AD24BE18224BC458BA1E9885A2210E ] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
17:57:19.0029 0x0dd0  Power2GoExpress8 - ok
17:57:19.0060 0x0dd0  Wondershare Helper Compact.exe - ok
17:57:19.0201 0x0dd0  [ D6137597BB19B4739D8A9879A28735A0, 7C5169F92EDB4EE22B8D92707A85A8C3B5FDC1B7BB74ECB29C647B8903DE6407 ] C:\Program Files (x86)\Origin\Origin.exe
17:57:19.0263 0x0dd0  EADM - ok
17:57:19.0435 0x0dd0  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
17:57:19.0482 0x0dd0  DAEMON Tools Lite - ok
17:57:19.0498 0x0dd0  Waiting for KSN requests completion. In queue: 90
17:57:20.0512 0x0dd0  Waiting for KSN requests completion. In queue: 90
17:57:21.0512 0x0dd0  Waiting for KSN requests completion. In queue: 90
17:57:22.0513 0x0dd0  Waiting for KSN requests completion. In queue: 90
17:57:23.0604 0x0dd0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated )
17:57:23.0760 0x0dd0  Win FW state via NFP2: enabled
17:57:26.0370 0x0dd0  ============================================================
17:57:26.0370 0x0dd0  Scan finished
17:57:26.0370 0x0dd0  ============================================================
17:57:26.0370 0x1204  Detected object count: 0
17:57:26.0370 0x1204  Actual detected object count: 0
17:58:11.0563 0x0c58  Deinitialize success
 


#6 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 August 2014 - 07:21 PM

Hi Miki, 
 
Thank you for the logs. 
 
The next time you see the Proxy Server enabled, can you make a note of the address and port please? Do you experience the same issue using Mozilla Firefox or Internet Explorer? 
 
It's late, and I need to get some sleep. I shall return with further instructions for you tomorrow. :) For now, please answer the questions above, and run the programmes below to remove the adware/Potentially Unwanted Programmes (PUPs) from your computer. 
 
STEP 1
BY4dvz9.png.pagespeed.ce.cpqHQmQDB6.png AdwCleaner

  • Please download AdwCleaner and save the file to your desktop.
  • Right-Click AdwCleaner.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 2
xE3feWj5.png.pagespeed.ic.JE3sJIzHrn.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated file before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3
xlK5Hdb.png.pagespeed.ce.J4MzrrPAEo.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================

STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • AdwCleaner[S0].txt
  • JRT.txt
  • FRST.txt
  • Addition.txt
  • Proxy address/port?
  • Mozilla Firefox/Internet Explorer results?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#7 mikiyumi

mikiyumi

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 19 August 2014 - 07:54 PM

It seems to be working fine, now... But here is the log you asked for! 



 

# AdwCleaner v3.307 - Report created 19/08/2014 at 18:35:34
# Updated 17/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Marcelyna - SARUMAN
# Running from : C:\Users\Marcelyna\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\MARCEL~1\AppData\Local\Temp\OCS
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\OCS
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\Marcelyna\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [9704 octets] - [19/08/2014 16:10:33]
AdwCleaner[R1].txt - [1035 octets] - [19/08/2014 18:28:46]
AdwCleaner[R2].txt - [1096 octets] - [19/08/2014 18:30:28]
AdwCleaner[R3].txt - [1150 octets] - [19/08/2014 18:34:54]
AdwCleaner[S0].txt - [7983 octets] - [19/08/2014 16:11:23]
AdwCleaner[S1].txt - [1039 octets] - [19/08/2014 18:35:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1099 octets] ##########
 


#8 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 August 2014 - 10:37 PM

Hi Miki, 

 

The AdwCleaner log looks good. Please proceed by posting JRT.txt and the two FRST logs, and I will return with instructions later. 

 

Continue to monitor the proxy server issue; if it returns, note down the address/port, and let me know. 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#9 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 24 August 2014 - 12:41 PM

Hello, 

 

Do you still require assistance?


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#10 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 25 August 2014 - 12:21 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics




Also tagged with one or more of these keywords: potential spyware, help, virus, windows 8.1

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users