Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

uh oh: optimizer pro virus [Solved]


  • This topic is locked This topic is locked
49 replies to this topic

#31 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 21 September 2014 - 06:53 PM

It looks like it didn't find any objects. 

 

20:51:30.0537 0x143c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

20:51:30.0537 0x143c  UEFI system

20:51:37.0980 0x143c  ============================================================

20:51:37.0980 0x143c  Current date / time: 2014/09/21 20:51:37.0980

20:51:37.0980 0x143c  SystemInfo:

20:51:37.0980 0x143c 

20:51:37.0980 0x143c  OS Version: 6.2.9200 ServicePack: 0.0

20:51:37.0980 0x143c  Product type: Workstation

20:51:37.0980 0x143c  ComputerName: JIMCOMPUTER

20:51:37.0980 0x143c  UserName: JimAngehr

20:51:37.0980 0x143c  Windows directory: C:\Windows

20:51:37.0980 0x143c  System windows directory: C:\Windows

20:51:37.0980 0x143c  Running under WOW64

20:51:37.0980 0x143c  Processor architecture: Intel x64

20:51:37.0980 0x143c  Number of processors: 2

20:51:37.0980 0x143c  Page size: 0x1000

20:51:37.0980 0x143c  Boot type: Normal boot

20:51:37.0980 0x143c  ============================================================

20:51:39.0213 0x143c  KLMD registered as C:\Windows\system32\drivers\79279862.sys

20:51:39.0650 0x143c  System UUID: {47CE8C34-3D59-EC46-9D29-17359E07CF62}

20:51:40.0726 0x143c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:51:40.0741 0x143c  Drive \Device\Harddisk1\DR2 - Size: 0x7D000000 ( 1.95 Gb ), SectorSize: 0x200, Cylinders: 0xFE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:51:40.0741 0x143c  ============================================================

20:51:40.0741 0x143c  \Device\Harddisk0\DR0:

20:51:40.0741 0x143c  GPT partitions:

20:51:40.0741 0x143c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9A1B5B8A-550D-4434-9650-5EEB70F3BC91}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000

20:51:40.0741 0x143c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A635BE17-DC09-42E9-9AA0-B673CA2C88FC}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000

20:51:40.0741 0x143c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {81B98761-78C6-4B82-A070-5B7C042DED61}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000

20:51:40.0741 0x143c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {00C72D63-CE17-4AE8-8BFB-804BE5965C67}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x54105800

20:51:40.0741 0x143c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {65CA49B5-7CE1-4EF0-9D02-7766076DA716}, Name: Basic data partition, StartLBA 0x54290000, BlocksNum 0x32B6000

20:51:40.0741 0x143c  MBR partitions:

20:51:40.0741 0x143c  \Device\Harddisk1\DR2:

20:51:40.0741 0x143c  MBR partitions:

20:51:40.0741 0x143c  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3E7FC1

20:51:40.0741 0x143c  ============================================================

20:51:40.0788 0x143c  C: <-> \Device\Harddisk0\DR0\Partition4

20:51:40.0835 0x143c  D: <-> \Device\Harddisk0\DR0\Partition5

20:51:40.0835 0x143c  ============================================================

20:51:40.0835 0x143c  Initialize success

20:51:40.0835 0x143c  ============================================================

20:52:04.0705 0x08f8  ============================================================

20:52:04.0705 0x08f8  Scan started

20:52:04.0705 0x08f8  Mode: Manual; TDLFS;

20:52:04.0705 0x08f8  ============================================================

20:52:04.0705 0x08f8  KSN ping started

20:52:07.0419 0x08f8  KSN ping finished: true

20:52:08.0418 0x08f8  ================ Scan system memory ========================

20:52:08.0418 0x08f8  System memory - ok

20:52:08.0418 0x08f8  ================ Scan services =============================

20:52:08.0620 0x08f8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys

20:52:08.0636 0x08f8  1394ohci - ok

20:52:08.0683 0x08f8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys

20:52:08.0698 0x08f8  3ware - ok

20:52:08.0730 0x08f8  [ BE14A19386CC6711D2225D2B242AAC53, 06F1B12F245441AA228B55679D8DA45E8A9BBEF330C85A07D2B13CBD10075675 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys

20:52:08.0730 0x08f8  Accelerometer - ok

20:52:08.0807 0x08f8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys

20:52:08.0823 0x08f8  ACPI - ok

20:52:08.0854 0x08f8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys

20:52:08.0854 0x08f8  acpiex - ok

20:52:08.0870 0x08f8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys

20:52:08.0885 0x08f8  acpipagr - ok

20:52:08.0885 0x08f8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys

20:52:08.0885 0x08f8  AcpiPmi - ok

20:52:08.0901 0x08f8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys

20:52:08.0901 0x08f8  acpitime - ok

20:52:09.0026 0x08f8  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:52:09.0041 0x08f8  AdobeFlashPlayerUpdateSvc - ok

20:52:09.0088 0x08f8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

20:52:09.0104 0x08f8  adp94xx - ok

20:52:09.0151 0x08f8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys

20:52:09.0151 0x08f8  adpahci - ok

20:52:09.0182 0x08f8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

20:52:09.0182 0x08f8  adpu320 - ok

20:52:09.0244 0x08f8  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

20:52:09.0260 0x08f8  AeLookupSvc - ok

20:52:09.0322 0x08f8  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\Windows\system32\drivers\afd.sys

20:52:09.0353 0x08f8  AFD - ok

20:52:09.0385 0x08f8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys

20:52:09.0385 0x08f8  agp440 - ok

20:52:09.0416 0x08f8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe

20:52:09.0416 0x08f8  ALG - ok

20:52:09.0447 0x08f8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll

20:52:09.0463 0x08f8  AllUserInstallAgent - ok

20:52:09.0494 0x08f8  [ 15223ECAD7D688273DADA63ADA8B6BBA, 4E6261A8E89CF0491FAE680C9A842D46E4C693300D7DA7412AF02728486CDFFF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

20:52:09.0509 0x08f8  AMD External Events Utility - ok

20:52:09.0572 0x08f8  AMD FUEL Service - ok

20:52:09.0603 0x08f8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys

20:52:09.0603 0x08f8  AmdK8 - ok

20:52:10.0024 0x08f8  [ 8EEBE772FA7D2A6436D6DBDE5EC7191B, B6108A3DF9348D5500FC741AEACFD94044AE4AA5314DEDCF4A4B491F12E7AC15 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

20:52:10.0399 0x08f8  amdkmdag - ok

20:52:10.0461 0x08f8  [ 9B08F939F313CC8D57789C528F6B4C4B, 3CC2E9BC7EAF7F193DB53A91B706369077CAD769F3585823389564235FCD09EE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

20:52:10.0477 0x08f8  amdkmdap - ok

20:52:10.0524 0x08f8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys

20:52:10.0524 0x08f8  AmdPPM - ok

20:52:10.0570 0x08f8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys

20:52:10.0570 0x08f8  amdsata - ok

20:52:10.0602 0x08f8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

20:52:10.0617 0x08f8  amdsbs - ok

20:52:10.0633 0x08f8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

20:52:10.0633 0x08f8  amdxata - ok

20:52:10.0664 0x08f8  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys

20:52:10.0664 0x08f8  amd_sata - ok

20:52:10.0679 0x08f8  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys

20:52:10.0679 0x08f8  amd_xata - ok

20:52:10.0742 0x08f8  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll

20:52:10.0742 0x08f8  AppHostSvc - ok

20:52:10.0773 0x08f8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys

20:52:10.0773 0x08f8  AppID - ok

20:52:10.0820 0x08f8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll

20:52:10.0820 0x08f8  AppIDSvc - ok

20:52:10.0867 0x08f8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll

20:52:10.0867 0x08f8  Appinfo - ok

20:52:11.0023 0x08f8  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:52:11.0023 0x08f8  Apple Mobile Device - ok

20:52:11.0070 0x08f8  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys

20:52:11.0085 0x08f8  APXACC - ok

20:52:11.0101 0x08f8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys

20:52:11.0116 0x08f8  arc - ok

20:52:11.0132 0x08f8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

20:52:11.0147 0x08f8  arcsas - ok

20:52:11.0272 0x08f8  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:52:11.0303 0x08f8  aspnet_state - ok

20:52:11.0350 0x08f8  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

20:52:11.0366 0x08f8  aswHwid - ok

20:52:11.0413 0x08f8  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

20:52:11.0413 0x08f8  aswMonFlt - ok

20:52:11.0460 0x08f8  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

20:52:11.0475 0x08f8  aswRdr - ok

20:52:11.0491 0x08f8  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

20:52:11.0491 0x08f8  aswRvrt - ok

20:52:11.0569 0x08f8  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

20:52:11.0600 0x08f8  aswSnx - ok

20:52:11.0662 0x08f8  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys

20:52:11.0678 0x08f8  aswSP - ok

20:52:11.0709 0x08f8  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys

20:52:11.0709 0x08f8  aswStm - ok

20:52:11.0740 0x08f8  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

20:52:11.0756 0x08f8  aswVmm - ok

20:52:11.0772 0x08f8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

20:52:11.0772 0x08f8  AsyncMac - ok

20:52:11.0818 0x08f8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys

20:52:11.0818 0x08f8  atapi - ok

20:52:12.0005 0x08f8  [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys

20:52:12.0099 0x08f8  athr - ok

20:52:12.0146 0x08f8  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys

20:52:12.0161 0x08f8  AtiHDAudioService - ok

20:52:12.0193 0x08f8  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll

20:52:12.0208 0x08f8  AudioEndpointBuilder - ok

20:52:12.0286 0x08f8  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

20:52:12.0317 0x08f8  Audiosrv - ok

20:52:12.0380 0x08f8  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

20:52:12.0395 0x08f8  avast! Antivirus - ok

20:52:12.0427 0x08f8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

20:52:12.0427 0x08f8  AxInstSV - ok

20:52:12.0489 0x08f8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

20:52:12.0505 0x08f8  b06bdrv - ok

20:52:12.0552 0x08f8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys

20:52:12.0552 0x08f8  BasicDisplay - ok

20:52:12.0567 0x08f8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys

20:52:12.0567 0x08f8  BasicRender - ok

20:52:12.0629 0x08f8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll

20:52:12.0645 0x08f8  BDESVC - ok

20:52:12.0661 0x08f8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys

20:52:12.0661 0x08f8  Beep - ok

20:52:12.0723 0x08f8  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll

20:52:12.0754 0x08f8  BFE - ok

20:52:12.0879 0x08f8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\system32\qmgr.dll

20:52:13.0207 0x08f8  BITS - ok

20:52:13.0269 0x08f8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:52:13.0285 0x08f8  Bonjour Service - ok

20:52:13.0300 0x08f8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

20:52:13.0300 0x08f8  bowser - ok

20:52:13.0347 0x08f8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll

20:52:13.0363 0x08f8  BrokerInfrastructure - ok

20:52:13.0394 0x08f8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll

20:52:13.0394 0x08f8  Browser - ok

20:52:13.0441 0x08f8  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys

20:52:13.0441 0x08f8  BthAvrcpTg - ok

20:52:13.0487 0x08f8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys

20:52:13.0487 0x08f8  BthHFEnum - ok

20:52:13.0534 0x08f8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys

20:52:13.0534 0x08f8  bthhfhid - ok

20:52:13.0566 0x08f8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys

20:52:13.0566 0x08f8  BTHMODEM - ok

20:52:13.0612 0x08f8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll

20:52:13.0628 0x08f8  bthserv - ok

20:52:13.0628 0x08f8  catchme - ok

20:52:13.0675 0x08f8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

20:52:13.0675 0x08f8  cdfs - ok

20:52:13.0690 0x08f8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys

20:52:13.0690 0x08f8  cdrom - ok

20:52:13.0706 0x08f8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll

20:52:13.0721 0x08f8  CertPropSvc - ok

20:52:13.0737 0x08f8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys

20:52:13.0737 0x08f8  circlass - ok

20:52:13.0768 0x08f8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys

20:52:13.0784 0x08f8  CLFS - ok

20:52:13.0846 0x08f8  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys

20:52:13.0846 0x08f8  CLVirtualDrive - ok

20:52:13.0862 0x08f8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys

20:52:13.0862 0x08f8  CmBatt - ok

20:52:13.0940 0x08f8  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\Windows\system32\Drivers\cng.sys

20:52:13.0971 0x08f8  CNG - ok

20:52:13.0987 0x08f8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys

20:52:13.0987 0x08f8  CompositeBus - ok

20:52:13.0987 0x08f8  COMSysApp - ok

20:52:14.0002 0x08f8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys

20:52:14.0002 0x08f8  condrv - ok

20:52:14.0049 0x08f8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

20:52:14.0049 0x08f8  CryptSvc - ok

20:52:14.0096 0x08f8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys

20:52:14.0111 0x08f8  dam - ok

20:52:14.0189 0x08f8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll

20:52:14.0236 0x08f8  DcomLaunch - ok

20:52:14.0283 0x08f8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll

20:52:14.0299 0x08f8  defragsvc - ok

20:52:14.0330 0x08f8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll

20:52:14.0345 0x08f8  DeviceAssociationService - ok

20:52:14.0377 0x08f8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll

20:52:14.0392 0x08f8  DeviceInstall - ok

20:52:14.0439 0x08f8  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys

20:52:14.0439 0x08f8  Dfsc - ok

20:52:14.0501 0x08f8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll

20:52:14.0517 0x08f8  Dhcp - ok

20:52:14.0564 0x08f8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys

20:52:14.0564 0x08f8  discache - ok

20:52:14.0595 0x08f8  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys

20:52:14.0595 0x08f8  disk - ok

20:52:14.0611 0x08f8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys

20:52:14.0626 0x08f8  dmvsc - ok

20:52:14.0673 0x08f8  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll

20:52:14.0689 0x08f8  Dnscache - ok

20:52:14.0720 0x08f8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll

20:52:14.0735 0x08f8  dot3svc - ok

20:52:14.0751 0x08f8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll

20:52:14.0767 0x08f8  DPS - ok

20:52:14.0798 0x08f8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

20:52:14.0798 0x08f8  drmkaud - ok

20:52:14.0860 0x08f8  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll

20:52:14.0860 0x08f8  DsmSvc - ok

20:52:14.0969 0x08f8  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

20:52:15.0016 0x08f8  DXGKrnl - ok

20:52:15.0079 0x08f8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll

20:52:15.0079 0x08f8  Eaphost - ok

20:52:15.0235 0x08f8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys

20:52:15.0328 0x08f8  ebdrv - ok

20:52:15.0375 0x08f8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\Windows\System32\lsass.exe

20:52:15.0375 0x08f8  EFS - ok

20:52:15.0406 0x08f8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys

20:52:15.0406 0x08f8  EhStorClass - ok

20:52:15.0438 0x08f8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys

20:52:15.0438 0x08f8  EhStorTcgDrv - ok

20:52:15.0484 0x08f8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys

20:52:15.0484 0x08f8  ErrDev - ok

20:52:15.0578 0x08f8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll

20:52:15.0593 0x08f8  EventSystem - ok

20:52:15.0625 0x08f8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys

20:52:15.0640 0x08f8  exfat - ok

20:52:15.0656 0x08f8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

20:52:15.0656 0x08f8  fastfat - ok

20:52:15.0718 0x08f8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe

20:52:15.0749 0x08f8  Fax - ok

20:52:15.0765 0x08f8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys

20:52:15.0765 0x08f8  fdc - ok

20:52:15.0796 0x08f8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll

20:52:15.0796 0x08f8  fdPHost - ok

20:52:15.0828 0x08f8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll

20:52:15.0828 0x08f8  FDResPub - ok

20:52:15.0874 0x08f8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll

20:52:15.0890 0x08f8  fhsvc - ok

20:52:15.0921 0x08f8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

20:52:15.0921 0x08f8  FileInfo - ok

20:52:15.0952 0x08f8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

20:52:15.0952 0x08f8  Filetrace - ok

20:52:15.0984 0x08f8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys

20:52:15.0984 0x08f8  flpydisk - ok

20:52:16.0015 0x08f8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

20:52:16.0030 0x08f8  FltMgr - ok

20:52:16.0155 0x08f8  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll

20:52:16.0186 0x08f8  FontCache - ok

20:52:16.0249 0x08f8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:52:16.0249 0x08f8  FontCache3.0.0.0 - ok

20:52:16.0280 0x08f8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

20:52:16.0295 0x08f8  FsDepends - ok

20:52:16.0311 0x08f8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

20:52:16.0327 0x08f8  Fs_Rec - ok

20:52:16.0389 0x08f8  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

20:52:16.0420 0x08f8  fvevol - ok

20:52:16.0452 0x08f8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys

20:52:16.0452 0x08f8  FxPPM - ok

20:52:16.0467 0x08f8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

20:52:16.0483 0x08f8  gagp30kx - ok

20:52:16.0545 0x08f8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

20:52:16.0561 0x08f8  GamesAppService - ok

20:52:16.0608 0x08f8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:52:16.0608 0x08f8  GEARAspiWDM - ok

20:52:16.0639 0x08f8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys

20:52:16.0639 0x08f8  gencounter - ok

20:52:16.0701 0x08f8  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys

20:52:16.0701 0x08f8  GPIOClx0101 - ok

20:52:16.0795 0x08f8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll

20:52:16.0826 0x08f8  gpsvc - ok

20:52:16.0904 0x08f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:52:16.0904 0x08f8  gupdate - ok

20:52:16.0919 0x08f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:52:16.0919 0x08f8  gupdatem - ok

20:52:16.0982 0x08f8  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:52:16.0997 0x08f8  HdAudAddService - ok

20:52:17.0044 0x08f8  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys

20:52:17.0044 0x08f8  HDAudBus - ok

20:52:17.0091 0x08f8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys

20:52:17.0091 0x08f8  HidBatt - ok

20:52:17.0122 0x08f8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys

20:52:17.0122 0x08f8  HidBth - ok

20:52:17.0169 0x08f8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys

20:52:17.0169 0x08f8  hidi2c - ok

20:52:17.0200 0x08f8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys

20:52:17.0200 0x08f8  HidIr - ok

20:52:17.0247 0x08f8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\System32\hidserv.dll

20:52:17.0263 0x08f8  hidserv - ok

20:52:17.0294 0x08f8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys

20:52:17.0309 0x08f8  HidUsb - ok

20:52:17.0341 0x08f8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll

20:52:17.0356 0x08f8  hkmsvc - ok

20:52:17.0403 0x08f8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:52:17.0419 0x08f8  HomeGroupListener - ok

20:52:17.0465 0x08f8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:52:17.0497 0x08f8  HomeGroupProvider - ok

20:52:17.0590 0x08f8  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

20:52:17.0590 0x08f8  HP Support Assistant Service - ok

20:52:17.0637 0x08f8  [ 0C28C65207A2BD4C737A5BCDAB26A430, 0A56B821445E10AFEF3C9019DECAB6B92CD17947CD053A216AE55F44D5A9C1FD ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys

20:52:17.0653 0x08f8  hpdskflt - ok

20:52:17.0762 0x08f8  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

20:52:17.0809 0x08f8  hpqwmiex - ok

20:52:17.0840 0x08f8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

20:52:17.0840 0x08f8  HpSAMD - ok

20:52:17.0887 0x08f8  [ 81E3EF01D1883394BDA9B8687B3BFE23, 5C1F2C97B63402E535832CB3FF954F3B958075AC82B63929DAE51AAF22554979 ] hpsrv           C:\Windows\system32\Hpservice.exe

20:52:17.0887 0x08f8  hpsrv - ok

20:52:17.0934 0x08f8  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

20:52:17.0934 0x08f8  HPWMISVC - ok

20:52:18.0011 0x08f8  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

20:52:18.0043 0x08f8  HTTP - ok

20:52:18.0058 0x08f8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

20:52:18.0058 0x08f8  hwpolicy - ok

20:52:18.0074 0x08f8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys

20:52:18.0089 0x08f8  hyperkbd - ok

20:52:18.0089 0x08f8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys

20:52:18.0105 0x08f8  HyperVideo - ok

20:52:18.0105 0x08f8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys

20:52:18.0121 0x08f8  i8042prt - ok

20:52:18.0167 0x08f8  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys

20:52:18.0183 0x08f8  iaStorA - ok

20:52:18.0261 0x08f8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

20:52:18.0277 0x08f8  iaStorV - ok

20:52:18.0433 0x08f8  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

20:52:18.0479 0x08f8  IconMan_R - ok

20:52:18.0916 0x08f8  [ 83915E05E168AB63B48302F7DC5D8E00, CD7300A5FFD5A8CE47690CDC1223F4693C536D5667F842CA457CC8716AA3F618 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

20:52:19.0322 0x08f8  igfx - ok

20:52:19.0384 0x08f8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

20:52:19.0384 0x08f8  iirsp - ok

20:52:19.0462 0x08f8  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll

20:52:19.0509 0x08f8  IKEEXT - ok

20:52:19.0540 0x08f8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys

20:52:19.0540 0x08f8  intelide - ok

20:52:19.0572 0x08f8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys

20:52:19.0587 0x08f8  intelppm - ok

20:52:19.0603 0x08f8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:52:19.0603 0x08f8  IpFilterDriver - ok

20:52:19.0696 0x08f8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

20:52:19.0727 0x08f8  iphlpsvc - ok

20:52:19.0759 0x08f8  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys

20:52:19.0774 0x08f8  IPMIDRV - ok

20:52:19.0790 0x08f8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

20:52:19.0806 0x08f8  IPNAT - ok

20:52:19.0852 0x08f8  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

20:52:19.0883 0x08f8  iPod Service - ok

20:52:19.0899 0x08f8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys

20:52:19.0899 0x08f8  IRENUM - ok

20:52:19.0915 0x08f8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys

20:52:19.0915 0x08f8  isapnp - ok

20:52:19.0962 0x08f8  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys

20:52:19.0962 0x08f8  iScsiPrt - ok

20:52:19.0993 0x08f8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys

20:52:19.0993 0x08f8  kbdclass - ok

20:52:20.0008 0x08f8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys

20:52:20.0024 0x08f8  kbdhid - ok

20:52:20.0024 0x08f8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys

20:52:20.0024 0x08f8  kdnic - ok

20:52:20.0055 0x08f8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe

20:52:20.0055 0x08f8  KeyIso - ok

20:52:20.0102 0x08f8  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

20:52:20.0117 0x08f8  KSecDD - ok

20:52:20.0133 0x08f8  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

20:52:20.0149 0x08f8  KSecPkg - ok

20:52:20.0164 0x08f8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

20:52:20.0164 0x08f8  ksthunk - ok

20:52:20.0211 0x08f8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll

20:52:20.0227 0x08f8  KtmRm - ok

20:52:20.0258 0x08f8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\System32\srvsvc.dll

20:52:20.0289 0x08f8  LanmanServer - ok

20:52:20.0336 0x08f8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:52:20.0336 0x08f8  LanmanWorkstation - ok

20:52:20.0367 0x08f8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

20:52:20.0367 0x08f8  lltdio - ok

20:52:20.0414 0x08f8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

20:52:20.0414 0x08f8  lltdsvc - ok

20:52:20.0445 0x08f8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll

20:52:20.0461 0x08f8  lmhosts - ok

20:52:20.0492 0x08f8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

20:52:20.0492 0x08f8  LSI_SAS - ok

20:52:20.0523 0x08f8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

20:52:20.0523 0x08f8  LSI_SAS2 - ok

20:52:20.0539 0x08f8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

20:52:20.0539 0x08f8  LSI_SCSI - ok

20:52:20.0570 0x08f8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys

20:52:20.0570 0x08f8  LSI_SSS - ok

20:52:20.0617 0x08f8  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\Windows\System32\lsm.dll

20:52:20.0632 0x08f8  LSM - ok

20:52:20.0664 0x08f8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys

20:52:20.0664 0x08f8  luafv - ok

20:52:20.0679 0x08f8  lxeb_device - ok

20:52:20.0773 0x08f8  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

20:52:20.0773 0x08f8  MBAMSwissArmy - ok

20:52:20.0851 0x08f8  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

20:52:20.0866 0x08f8  McComponentHostService - ok

20:52:20.0913 0x08f8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys

20:52:20.0929 0x08f8  megasas - ok

20:52:20.0960 0x08f8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

20:52:20.0975 0x08f8  MegaSR - ok

20:52:21.0007 0x08f8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll

20:52:21.0022 0x08f8  MMCSS - ok

20:52:21.0053 0x08f8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys

20:52:21.0053 0x08f8  Modem - ok

20:52:21.0100 0x08f8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys

20:52:21.0100 0x08f8  monitor - ok

20:52:21.0116 0x08f8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys

20:52:21.0116 0x08f8  mouclass - ok

20:52:21.0131 0x08f8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys

20:52:21.0131 0x08f8  mouhid - ok

20:52:21.0178 0x08f8  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

20:52:21.0178 0x08f8  mountmgr - ok

20:52:21.0256 0x08f8  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:52:21.0256 0x08f8  MozillaMaintenance - ok

20:52:21.0303 0x08f8  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:52:21.0303 0x08f8  mpsdrv - ok

20:52:21.0428 0x08f8  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:52:21.0475 0x08f8  MpsSvc - ok

20:52:21.0521 0x08f8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:52:21.0537 0x08f8  MRxDAV - ok

20:52:21.0599 0x08f8  [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:52:21.0615 0x08f8  mrxsmb - ok

20:52:21.0646 0x08f8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:52:21.0662 0x08f8  mrxsmb10 - ok

20:52:21.0693 0x08f8  [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:52:21.0709 0x08f8  mrxsmb20 - ok

20:52:21.0740 0x08f8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys

20:52:21.0755 0x08f8  MsBridge - ok

20:52:21.0787 0x08f8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe

20:52:21.0787 0x08f8  MSDTC - ok

20:52:21.0802 0x08f8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:52:21.0802 0x08f8  Msfs - ok

20:52:21.0849 0x08f8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys

20:52:21.0849 0x08f8  msgpiowin32 - ok

20:52:21.0880 0x08f8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:52:21.0880 0x08f8  mshidkmdf - ok

20:52:21.0911 0x08f8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys

20:52:21.0911 0x08f8  mshidumdf - ok

20:52:21.0927 0x08f8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

20:52:21.0927 0x08f8  msisadrv - ok

20:52:21.0958 0x08f8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:52:21.0974 0x08f8  MSiSCSI - ok

20:52:21.0974 0x08f8  msiserver - ok

20:52:22.0005 0x08f8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:52:22.0005 0x08f8  MSKSSRV - ok

20:52:22.0005 0x08f8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys

20:52:22.0021 0x08f8  MsLldp - ok

20:52:22.0036 0x08f8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:52:22.0036 0x08f8  MSPCLOCK - ok

20:52:22.0052 0x08f8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:52:22.0052 0x08f8  MSPQM - ok

20:52:22.0099 0x08f8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:52:22.0114 0x08f8  MsRPC - ok

20:52:22.0130 0x08f8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys

20:52:22.0130 0x08f8  mssmbios - ok

20:52:22.0161 0x08f8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:52:22.0161 0x08f8  MSTEE - ok

20:52:22.0177 0x08f8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys

20:52:22.0177 0x08f8  MTConfig - ok

20:52:22.0177 0x08f8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys

20:52:22.0192 0x08f8  Mup - ok

20:52:22.0208 0x08f8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys

20:52:22.0208 0x08f8  mvumis - ok

20:52:22.0270 0x08f8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll

20:52:22.0301 0x08f8  napagent - ok

20:52:22.0333 0x08f8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:52:22.0348 0x08f8  NativeWifiP - ok

20:52:22.0380 0x08f8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll

20:52:22.0395 0x08f8  NcaSvc - ok

20:52:22.0411 0x08f8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll

20:52:22.0426 0x08f8  NcdAutoSetup - ok

20:52:22.0520 0x08f8  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:52:22.0551 0x08f8  NDIS - ok

20:52:22.0582 0x08f8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:52:22.0582 0x08f8  NdisCap - ok

20:52:22.0614 0x08f8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys

20:52:22.0614 0x08f8  NdisImPlatform - ok

20:52:22.0645 0x08f8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:52:22.0660 0x08f8  NdisTapi - ok

20:52:22.0676 0x08f8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:52:22.0676 0x08f8  Ndisuio - ok

20:52:22.0707 0x08f8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:52:22.0707 0x08f8  NdisWan - ok

20:52:22.0723 0x08f8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys

20:52:22.0738 0x08f8  NDISWANLEGACY - ok

20:52:22.0785 0x08f8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:52:22.0801 0x08f8  NDProxy - ok

20:52:22.0816 0x08f8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys

20:52:22.0816 0x08f8  Ndu - ok

20:52:22.0832 0x08f8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:52:22.0848 0x08f8  NetBIOS - ok

20:52:22.0879 0x08f8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:52:22.0894 0x08f8  NetBT - ok

20:52:22.0926 0x08f8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe

20:52:22.0926 0x08f8  Netlogon - ok

20:52:22.0957 0x08f8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll

20:52:22.0972 0x08f8  Netman - ok

20:52:23.0035 0x08f8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll

20:52:23.0050 0x08f8  netprofm - ok

20:52:23.0128 0x08f8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:52:23.0175 0x08f8  NetTcpPortSharing - ok

20:52:23.0206 0x08f8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

20:52:23.0206 0x08f8  nfrd960 - ok

20:52:23.0269 0x08f8  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:52:23.0284 0x08f8  NlaSvc - ok

20:52:23.0316 0x08f8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:52:23.0316 0x08f8  Npfs - ok

20:52:23.0316 0x08f8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys

20:52:23.0316 0x08f8  npsvctrig - ok

20:52:23.0347 0x08f8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll

20:52:23.0362 0x08f8  nsi - ok

20:52:23.0378 0x08f8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:52:23.0378 0x08f8  nsiproxy - ok

20:52:23.0487 0x08f8  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:52:23.0550 0x08f8  Ntfs - ok

20:52:23.0565 0x08f8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys

20:52:23.0565 0x08f8  Null - ok

20:52:23.0596 0x08f8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:52:23.0596 0x08f8  nvraid - ok

20:52:23.0612 0x08f8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:52:23.0628 0x08f8  nvstor - ok

20:52:23.0643 0x08f8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

20:52:23.0659 0x08f8  nv_agp - ok

20:52:23.0768 0x08f8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:52:23.0799 0x08f8  odserv - ok

20:52:23.0846 0x08f8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:52:23.0846 0x08f8  ose - ok

20:52:23.0893 0x08f8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:52:23.0924 0x08f8  p2pimsvc - ok

20:52:23.0955 0x08f8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll

20:52:23.0971 0x08f8  p2psvc - ok

20:52:24.0018 0x08f8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys

20:52:24.0018 0x08f8  Parport - ok

20:52:24.0064 0x08f8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:52:24.0064 0x08f8  partmgr - ok

20:52:24.0127 0x08f8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:52:24.0142 0x08f8  PcaSvc - ok

20:52:24.0158 0x08f8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys

20:52:24.0174 0x08f8  pci - ok

20:52:24.0189 0x08f8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys

20:52:24.0205 0x08f8  pciide - ok

20:52:24.0221 0x08f8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

20:52:24.0236 0x08f8  pcmcia - ok

20:52:24.0252 0x08f8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys

20:52:24.0252 0x08f8  pcw - ok

20:52:24.0298 0x08f8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys

20:52:24.0298 0x08f8  pdc - ok

20:52:24.0361 0x08f8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:52:24.0392 0x08f8  PEAUTH - ok

20:52:24.0470 0x08f8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe

20:52:24.0548 0x08f8  PerfHost - ok

20:52:24.0688 0x08f8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll

20:52:24.0735 0x08f8  pla - ok

20:52:24.0767 0x08f8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:52:24.0782 0x08f8  PlugPlay - ok

20:52:24.0798 0x08f8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:52:24.0813 0x08f8  PNRPAutoReg - ok

20:52:24.0844 0x08f8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:52:24.0860 0x08f8  PNRPsvc - ok

20:52:24.0891 0x08f8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:52:24.0907 0x08f8  PolicyAgent - ok

20:52:24.0954 0x08f8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll

20:52:24.0969 0x08f8  Power - ok

20:52:25.0000 0x08f8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:52:25.0000 0x08f8  PptpMiniport - ok

20:52:25.0188 0x08f8  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

20:52:25.0266 0x08f8  PrintNotify - ok

20:52:25.0312 0x08f8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys

20:52:25.0328 0x08f8  Processor - ok

20:52:25.0359 0x08f8  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll

20:52:25.0390 0x08f8  ProfSvc - ok

20:52:25.0437 0x08f8  [ 64E413BA0C529AA40C3924BBCC4153DB, 9E0EB02078EE250AC618D4A4537D54BACDD7E2B67349162CA61F35EAF91601EE ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe

20:52:25.0453 0x08f8  ProtexisLicensing - ok

20:52:25.0500 0x08f8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:52:25.0500 0x08f8  Psched - ok

20:52:25.0531 0x08f8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll

20:52:25.0546 0x08f8  QWAVE - ok

20:52:25.0562 0x08f8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:52:25.0562 0x08f8  QWAVEdrv - ok

20:52:25.0593 0x08f8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:52:25.0593 0x08f8  RasAcd - ok

20:52:25.0624 0x08f8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:52:25.0624 0x08f8  RasAgileVpn - ok

20:52:25.0656 0x08f8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll

20:52:25.0656 0x08f8  RasAuto - ok

20:52:25.0671 0x08f8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:52:25.0671 0x08f8  Rasl2tp - ok

20:52:25.0718 0x08f8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll

20:52:25.0734 0x08f8  RasMan - ok

20:52:25.0749 0x08f8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:52:25.0749 0x08f8  RasPppoe - ok

20:52:25.0765 0x08f8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:52:25.0765 0x08f8  RasSstp - ok

20:52:25.0827 0x08f8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:52:25.0858 0x08f8  rdbss - ok

20:52:25.0874 0x08f8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys

20:52:25.0874 0x08f8  rdpbus - ok

20:52:25.0905 0x08f8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

20:52:25.0921 0x08f8  RDPDR - ok

20:52:25.0983 0x08f8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:52:25.0983 0x08f8  RdpVideoMiniport - ok

20:52:26.0014 0x08f8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

20:52:26.0030 0x08f8  RDPWD - ok

20:52:26.0046 0x08f8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:52:26.0061 0x08f8  rdyboost - ok

20:52:26.0108 0x08f8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:52:26.0108 0x08f8  RemoteAccess - ok

20:52:26.0155 0x08f8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:52:26.0155 0x08f8  RemoteRegistry - ok

20:52:26.0202 0x08f8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:52:26.0217 0x08f8  RpcEptMapper - ok

20:52:26.0249 0x08f8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe

20:52:26.0264 0x08f8  RpcLocator - ok

20:52:26.0326 0x08f8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll

20:52:26.0342 0x08f8  RpcSs - ok

20:52:26.0389 0x08f8  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys

20:52:26.0404 0x08f8  RSP2STOR - ok

20:52:26.0451 0x08f8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:52:26.0451 0x08f8  rspndr - ok

20:52:26.0529 0x08f8  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys

20:52:26.0545 0x08f8  RTL8168 - ok

20:52:26.0576 0x08f8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys

20:52:26.0576 0x08f8  s3cap - ok

20:52:26.0607 0x08f8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\Windows\system32\lsass.exe

20:52:26.0607 0x08f8  SamSs - ok

20:52:26.0638 0x08f8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

20:52:26.0638 0x08f8  sbp2port - ok

20:52:26.0670 0x08f8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:52:26.0685 0x08f8  SCardSvr - ok

20:52:26.0701 0x08f8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:52:26.0716 0x08f8  scfilter - ok

20:52:26.0810 0x08f8  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll

20:52:26.0857 0x08f8  Schedule - ok

20:52:26.0904 0x08f8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:52:26.0904 0x08f8  SCPolicySvc - ok

20:52:26.0951 0x08f8  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys

20:52:26.0966 0x08f8  sdbus - ok

20:52:26.0997 0x08f8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

20:52:27.0013 0x08f8  SDRSVC - ok

20:52:27.0060 0x08f8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys

20:52:27.0060 0x08f8  sdstor - ok

20:52:27.0091 0x08f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:52:27.0106 0x08f8  secdrv - ok

20:52:27.0138 0x08f8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll

20:52:27.0138 0x08f8  seclogon - ok

20:52:27.0169 0x08f8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\system32\sens.dll

20:52:27.0184 0x08f8  SENS - ok

20:52:27.0216 0x08f8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:52:27.0231 0x08f8  SensrSvc - ok

20:52:27.0247 0x08f8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys

20:52:27.0262 0x08f8  SerCx - ok

20:52:27.0278 0x08f8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys

20:52:27.0294 0x08f8  Serenum - ok

20:52:27.0325 0x08f8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys

20:52:27.0325 0x08f8  Serial - ok

20:52:27.0356 0x08f8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys

20:52:27.0356 0x08f8  sermouse - ok

20:52:27.0403 0x08f8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll

20:52:27.0418 0x08f8  SessionEnv - ok

20:52:27.0418 0x08f8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys

20:52:27.0418 0x08f8  sfloppy - ok

20:52:27.0465 0x08f8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:52:27.0481 0x08f8  SharedAccess - ok

20:52:27.0574 0x08f8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:52:27.0606 0x08f8  ShellHWDetection - ok

20:52:27.0637 0x08f8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

20:52:27.0637 0x08f8  SiSRaid2 - ok

20:52:27.0668 0x08f8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

20:52:27.0684 0x08f8  SiSRaid4 - ok

20:52:27.0699 0x08f8  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys

20:52:27.0715 0x08f8  SmbDrv - ok

20:52:27.0746 0x08f8  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys

20:52:27.0746 0x08f8  SmbDrvI - ok

20:52:27.0793 0x08f8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:52:27.0808 0x08f8  SNMPTRAP - ok

20:52:27.0871 0x08f8  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys

20:52:27.0886 0x08f8  spaceport - ok

20:52:27.0918 0x08f8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys

20:52:27.0918 0x08f8  SpbCx - ok

20:52:27.0980 0x08f8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe

20:52:28.0027 0x08f8  Spooler - ok

20:52:28.0247 0x08f8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe

20:52:28.0388 0x08f8  sppsvc - ok

20:52:28.0466 0x08f8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:52:28.0481 0x08f8  srv - ok

20:52:28.0544 0x08f8  [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:52:28.0559 0x08f8  srv2 - ok

20:52:28.0622 0x08f8  [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:52:28.0637 0x08f8  srvnet - ok

20:52:28.0669 0x08f8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:52:28.0684 0x08f8  SSDPSRV - ok

20:52:28.0700 0x08f8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:52:28.0715 0x08f8  SstpSvc - ok

20:52:28.0809 0x08f8  [ F452B51D895D894BF5487057E11D44CF, 4B4F54646B1069EA27D4A4F17CB85A66FF7B36A6087F3D07F12221B29DFBF8F2 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe

20:52:28.0824 0x08f8  STacSV - ok

20:52:28.0856 0x08f8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys

20:52:28.0856 0x08f8  stexstor - ok

20:52:28.0918 0x08f8  [ B05AEC4014FFDC1793B5CCB6D9BD28D1, ED9CC2B5954BDB12868357703B451D8A086FC9DDA0A8F0EA486E3834B0854EE6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys

20:52:28.0949 0x08f8  STHDA - ok

20:52:28.0980 0x08f8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll

20:52:29.0012 0x08f8  stisvc - ok

20:52:29.0059 0x08f8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys

20:52:29.0074 0x08f8  storahci - ok

20:52:29.0090 0x08f8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys

20:52:29.0090 0x08f8  storflt - ok

20:52:29.0121 0x08f8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll

20:52:29.0136 0x08f8  StorSvc - ok

20:52:29.0152 0x08f8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys

20:52:29.0152 0x08f8  storvsc - ok

20:52:29.0183 0x08f8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll

20:52:29.0183 0x08f8  svsvc - ok

20:52:29.0215 0x08f8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys

20:52:29.0215 0x08f8  swenum - ok

20:52:29.0277 0x08f8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll

20:52:29.0308 0x08f8  swprv - ok

20:52:29.0339 0x08f8  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

20:52:29.0355 0x08f8  SynTP - ok

20:52:29.0480 0x08f8  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll

20:52:29.0511 0x08f8  SysMain - ok

20:52:29.0573 0x08f8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll

20:52:29.0589 0x08f8  SystemEventsBroker - ok

20:52:29.0604 0x08f8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll

20:52:29.0620 0x08f8  TabletInputService - ok

20:52:29.0636 0x08f8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:52:29.0651 0x08f8  TapiSrv - ok

20:52:29.0776 0x08f8  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:52:29.0838 0x08f8  Tcpip - ok

20:52:29.0916 0x08f8  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:52:29.0979 0x08f8  TCPIP6 - ok

20:52:30.0010 0x08f8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:52:30.0010 0x08f8  tcpipreg - ok

20:52:30.0026 0x08f8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:52:30.0041 0x08f8  tdx - ok

20:52:30.0057 0x08f8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys

20:52:30.0057 0x08f8  terminpt - ok

20:52:30.0104 0x08f8  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll

20:52:30.0135 0x08f8  TermService - ok

20:52:30.0166 0x08f8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll

20:52:30.0166 0x08f8  Themes - ok

20:52:30.0213 0x08f8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll

20:52:30.0228 0x08f8  THREADORDER - ok

20:52:30.0291 0x08f8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll

20:52:30.0306 0x08f8  TimeBroker - ok

20:52:30.0369 0x08f8  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys

20:52:30.0369 0x08f8  TPM - ok

20:52:30.0400 0x08f8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll

20:52:30.0416 0x08f8  TrkWks - ok

20:52:30.0494 0x08f8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:52:30.0494 0x08f8  TrustedInstaller - ok

20:52:30.0540 0x08f8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

20:52:30.0540 0x08f8  TsUsbFlt - ok

20:52:30.0572 0x08f8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys

20:52:30.0572 0x08f8  TsUsbGD - ok

20:52:30.0603 0x08f8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:52:30.0618 0x08f8  tunnel - ok

20:52:30.0634 0x08f8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys

20:52:30.0650 0x08f8  uagp35 - ok

20:52:30.0665 0x08f8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys

20:52:30.0665 0x08f8  UASPStor - ok

20:52:30.0728 0x08f8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys

20:52:30.0728 0x08f8  UCX01000 - ok

20:52:30.0790 0x08f8  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:52:30.0790 0x08f8  udfs - ok

20:52:30.0821 0x08f8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:52:30.0837 0x08f8  UI0Detect - ok

20:52:30.0852 0x08f8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

20:52:30.0868 0x08f8  uliagpkx - ok

20:52:30.0868 0x08f8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys

20:52:30.0868 0x08f8  umbus - ok

20:52:30.0899 0x08f8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys

20:52:30.0899 0x08f8  UmPass - ok

20:52:30.0915 0x08f8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll

20:52:30.0930 0x08f8  UmRdpService - ok

20:52:30.0977 0x08f8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll

20:52:30.0993 0x08f8  upnphost - ok

20:52:31.0040 0x08f8  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys

20:52:31.0055 0x08f8  USBAAPL64 - ok

20:52:31.0087 0x08f8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys

20:52:31.0102 0x08f8  usbccgp - ok

20:52:31.0149 0x08f8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys

20:52:31.0164 0x08f8  usbcir - ok

20:52:31.0196 0x08f8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys

20:52:31.0211 0x08f8  usbehci - ok

20:52:31.0243 0x08f8  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys

20:52:31.0243 0x08f8  usbfilter - ok

20:52:31.0289 0x08f8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys

20:52:31.0305 0x08f8  usbhub - ok

20:52:31.0367 0x08f8  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys

20:52:31.0383 0x08f8  USBHUB3 - ok

20:52:31.0414 0x08f8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys

20:52:31.0445 0x08f8  usbohci - ok

20:52:31.0477 0x08f8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys

20:52:31.0477 0x08f8  usbprint - ok

20:52:31.0508 0x08f8  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\Windows\System32\drivers\usbscan.sys

20:52:31.0508 0x08f8  usbscan - ok

20:52:31.0555 0x08f8  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS

20:52:31.0555 0x08f8  USBSTOR - ok

20:52:31.0601 0x08f8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys

20:52:31.0617 0x08f8  usbuhci - ok

20:52:31.0664 0x08f8  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

20:52:31.0679 0x08f8  usbvideo - ok

20:52:31.0742 0x08f8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS

20:52:31.0757 0x08f8  USBXHCI - ok

20:52:31.0773 0x08f8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe

20:52:31.0788 0x08f8  VaultSvc - ok

20:52:31.0820 0x08f8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

20:52:31.0820 0x08f8  vdrvroot - ok

20:52:31.0913 0x08f8  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe

20:52:31.0929 0x08f8  vds - ok

20:52:31.0944 0x08f8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys

20:52:31.0960 0x08f8  VerifierExt - ok

20:52:32.0022 0x08f8  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys

20:52:32.0038 0x08f8  vhdmp - ok

20:52:32.0054 0x08f8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys

20:52:32.0054 0x08f8  viaide - ok

20:52:32.0069 0x08f8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

20:52:32.0085 0x08f8  vmbus - ok

20:52:32.0101 0x08f8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys

20:52:32.0101 0x08f8  VMBusHID - ok

20:52:32.0147 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll

20:52:32.0178 0x08f8  vmicheartbeat - ok

20:52:32.0194 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll

20:52:32.0210 0x08f8  vmickvpexchange - ok

20:52:32.0225 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll

20:52:32.0225 0x08f8  vmicrdv - ok

20:52:32.0256 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll

20:52:32.0256 0x08f8  vmicshutdown - ok

20:52:32.0272 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll

20:52:32.0288 0x08f8  vmictimesync - ok

20:52:32.0303 0x08f8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll

20:52:32.0319 0x08f8  vmicvss - ok

20:52:32.0334 0x08f8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

20:52:32.0334 0x08f8  volmgr - ok

20:52:32.0366 0x08f8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:52:32.0381 0x08f8  volmgrx - ok

20:52:32.0413 0x08f8  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

20:52:32.0428 0x08f8  volsnap - ok

20:52:32.0444 0x08f8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys

20:52:32.0444 0x08f8  vpci - ok

20:52:32.0475 0x08f8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

20:52:32.0490 0x08f8  vsmraid - ok

20:52:32.0615 0x08f8  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe

20:52:32.0662 0x08f8  VSS - ok

20:52:32.0709 0x08f8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys

20:52:32.0724 0x08f8  VSTXRAID - ok

20:52:32.0740 0x08f8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

20:52:32.0756 0x08f8  vwifibus - ok

20:52:32.0771 0x08f8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

20:52:32.0771 0x08f8  vwififlt - ok

20:52:32.0787 0x08f8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

20:52:32.0787 0x08f8  vwifimp - ok

20:52:32.0865 0x08f8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll

20:52:32.0896 0x08f8  W32Time - ok

20:52:32.0912 0x08f8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys

20:52:32.0912 0x08f8  WacomPen - ok

20:52:32.0943 0x08f8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

20:52:32.0943 0x08f8  Wanarp - ok

20:52:32.0958 0x08f8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:52:32.0974 0x08f8  Wanarpv6 - ok

20:52:33.0036 0x08f8  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll

20:52:33.0052 0x08f8  WAS - ok

20:52:33.0146 0x08f8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe

20:52:33.0192 0x08f8  wbengine - ok

20:52:33.0239 0x08f8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:52:33.0255 0x08f8  WbioSrvc - ok

20:52:33.0317 0x08f8  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll

20:52:33.0333 0x08f8  Wcmsvc - ok

20:52:33.0395 0x08f8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:52:33.0426 0x08f8  wcncsvc - ok

20:52:33.0473 0x08f8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:52:33.0504 0x08f8  WcsPlugInService - ok

20:52:33.0567 0x08f8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys

20:52:33.0567 0x08f8  Wd - ok

20:52:33.0598 0x08f8  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys

20:52:33.0614 0x08f8  WdBoot - ok

20:52:33.0676 0x08f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:52:33.0723 0x08f8  Wdf01000 - ok

20:52:33.0785 0x08f8  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys

20:52:33.0801 0x08f8  WdFilter - ok

20:52:33.0816 0x08f8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:52:33.0832 0x08f8  WdiServiceHost - ok

20:52:33.0848 0x08f8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:52:33.0863 0x08f8  WdiSystemHost - ok

20:52:33.0910 0x08f8  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll

20:52:33.0941 0x08f8  WebClient - ok

20:52:33.0973 0x08f8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:52:33.0988 0x08f8  Wecsvc - ok

20:52:34.0019 0x08f8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:52:34.0019 0x08f8  wercplsupport - ok

20:52:34.0066 0x08f8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:52:34.0082 0x08f8  WerSvc - ok

20:52:34.0144 0x08f8  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys

20:52:34.0144 0x08f8  WFPLWFS - ok

20:52:34.0175 0x08f8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll

20:52:34.0191 0x08f8  WiaRpc - ok

20:52:34.0238 0x08f8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:52:34.0253 0x08f8  WIMMount - ok

20:52:34.0300 0x08f8  WinDefend - ok

20:52:34.0378 0x08f8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll

20:52:34.0409 0x08f8  WinHttpAutoProxySvc - ok

20:52:34.0472 0x08f8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:52:34.0487 0x08f8  Winmgmt - ok

20:52:34.0643 0x08f8  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll

20:52:34.0737 0x08f8  WinRM - ok

20:52:34.0784 0x08f8  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

20:52:34.0799 0x08f8  WinUsb - ok

20:52:34.0830 0x08f8  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys

20:52:34.0830 0x08f8  WirelessButtonDriver - ok

20:52:34.0940 0x08f8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll

20:52:34.0986 0x08f8  WlanSvc - ok

20:52:35.0096 0x08f8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll

20:52:35.0158 0x08f8  wlidsvc - ok

20:52:35.0189 0x08f8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys

20:52:35.0189 0x08f8  WmiAcpi - ok

20:52:35.0236 0x08f8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:52:35.0252 0x08f8  wmiApSrv - ok

20:52:35.0267 0x08f8  WMPNetworkSvc - ok

20:52:35.0298 0x08f8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys

20:52:35.0298 0x08f8  wpcfltr - ok

20:52:35.0330 0x08f8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:52:35.0345 0x08f8  WPCSvc - ok

20:52:35.0392 0x08f8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:52:35.0392 0x08f8  WPDBusEnum - ok

20:52:35.0423 0x08f8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys

20:52:35.0423 0x08f8  WpdUpFltr - ok

20:52:35.0470 0x08f8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:52:35.0470 0x08f8  ws2ifsl - ok

20:52:35.0517 0x08f8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\system32\wscsvc.dll

20:52:35.0532 0x08f8  wscsvc - ok

20:52:35.0579 0x08f8  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys

20:52:35.0579 0x08f8  WSDPrintDevice - ok

20:52:35.0595 0x08f8  WSearch - ok

20:52:35.0751 0x08f8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll

20:52:35.0813 0x08f8  WSService - ok

20:52:36.0000 0x08f8  [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv        C:\Windows\system32\wuaueng.dll

20:52:36.0110 0x08f8  wuauserv - ok

20:52:36.0172 0x08f8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:52:36.0172 0x08f8  WudfPf - ok

20:52:36.0203 0x08f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys

20:52:36.0203 0x08f8  WUDFRd - ok

20:52:36.0219 0x08f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys

20:52:36.0234 0x08f8  WUDFSensorLP - ok

20:52:36.0266 0x08f8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:52:36.0281 0x08f8  wudfsvc - ok

20:52:36.0297 0x08f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys

20:52:36.0297 0x08f8  WUDFWpdFs - ok

20:52:36.0312 0x08f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys

20:52:36.0312 0x08f8  WUDFWpdMtp - ok

20:52:36.0359 0x08f8  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:52:36.0390 0x08f8  WwanSvc - ok

20:52:36.0406 0x08f8  ================ Scan global ===============================

20:52:36.0484 0x08f8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll

20:52:36.0546 0x08f8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll

20:52:36.0593 0x08f8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll

20:52:36.0656 0x08f8  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe

20:52:36.0687 0x08f8  [ Global ] - ok

20:52:36.0687 0x08f8  ================ Scan MBR ==================================

20:52:36.0702 0x08f8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

20:52:36.0749 0x08f8  \Device\Harddisk0\DR0 - ok

20:52:36.0765 0x08f8  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR2

20:52:37.0030 0x08f8  \Device\Harddisk1\DR2 - ok

20:52:37.0030 0x08f8  ================ Scan VBR ==================================

20:52:37.0046 0x08f8  [ 2BF02853364F6CE0BF1BEE84D0ABCFC2 ] \Device\Harddisk0\DR0\Partition1

20:52:37.0061 0x08f8  \Device\Harddisk0\DR0\Partition1 - ok

20:52:37.0077 0x08f8  [ 4894A6AC05FF98D52FB7C67493867216 ] \Device\Harddisk0\DR0\Partition2

20:52:37.0093 0x08f8  \Device\Harddisk0\DR0\Partition2 - ok

20:52:37.0108 0x08f8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3

20:52:37.0108 0x08f8  \Device\Harddisk0\DR0\Partition3 - ok

20:52:37.0124 0x08f8  [ 4AF3092DC9360115331D32CFE69AA0FE ] \Device\Harddisk0\DR0\Partition4

20:52:37.0124 0x08f8  \Device\Harddisk0\DR0\Partition4 - ok

20:52:37.0155 0x08f8  [ 77BC1D3362BEBD34F002D1D246D5D194 ] \Device\Harddisk0\DR0\Partition5

20:52:37.0171 0x08f8  \Device\Harddisk0\DR0\Partition5 - ok

20:52:37.0186 0x08f8  [ D39BFD9840316005E5D9CFD8225B7C30 ] \Device\Harddisk1\DR2\Partition1

20:52:37.0186 0x08f8  \Device\Harddisk1\DR2\Partition1 - ok

20:52:37.0186 0x08f8  ================ Scan generic autorun ======================

20:52:37.0280 0x08f8  [ 21247A9F74DA9C8AF98E6847F82D07A8, BE84D3CD0A2149E3FC5EDC78C09C0A94FD3CE354B7C5C3F88457C6C1FAF82ECF ] C:\Program Files\IDT\WDM\sttray64.exe

20:52:37.0326 0x08f8  SysTrayApp - ok

20:52:37.0326 0x08f8  SynTPEnh - ok

20:52:37.0483 0x08f8  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe

20:52:37.0483 0x08f8  NCPluginUpdater - ok

20:52:37.0607 0x08f8  [ 38161F642AA7A2882914DDB0E90FF41C, 76236F618A6646BFD286641543E068285B71169FBF44381BB7EE6396EA67EC24 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

20:52:37.0638 0x08f8  StartCCC - ok

20:52:37.0732 0x08f8  [ D6FF94ED4D086489A453134F0AE33FD3, 47E1CE640E9AB6B8DD148DACA80B1D07BCF69DF9F6B109285419447B9A4025FF ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe

20:52:37.0748 0x08f8  CLVirtualDrive - ok

20:52:37.0810 0x08f8  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

20:52:37.0810 0x08f8  RemoteControl10 - ok

20:52:37.0904 0x08f8  [ EBAE9EE13F51F38B57D616CF4A420682, E27969D5F0B796C2C8DA7C46680AB6C797A8F297B105477B71B4871F8F7B62FD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

20:52:37.0935 0x08f8  HP Quick Launch - ok

20:52:38.0028 0x08f8  [ 9F3655267BA37004F519ABDDB3AEE244, 971BA4937F103F09C166BBCAE6D48688251AD603A743C81D9A50480BFEF22C83 ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

20:52:38.0060 0x08f8  HP CoolSense - ok

20:52:38.0169 0x08f8  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

20:52:38.0169 0x08f8  APSDaemon - ok

20:52:38.0262 0x08f8  [ DA6D879F890699D24E50C5CA8901C180, ECA491649CD2188512F3AA5CF5F788521FA838F45BD0658CE387A1E9443D2D7D ] C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE

20:52:38.0278 0x08f8  QuickFinder Scheduler - ok

20:52:38.0356 0x08f8  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

20:52:38.0356 0x08f8  iTunesHelper - ok

20:52:38.0606 0x08f8  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

20:52:38.0699 0x08f8  AvastUI.exe - ok

20:52:38.0793 0x08f8  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe

20:52:38.0808 0x08f8  QuickTime Task - ok

20:52:38.0918 0x08f8  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

20:52:38.0918 0x08f8  SunJavaUpdateSched - ok

20:52:39.0167 0x08f8  [ 5B522E61A39D2237F21CFB4A9612FF14, 70676002A6438BE281F1EBAA86E32BF68928E2A753BA2B3821CB2C9DA2069EB6 ] C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

20:52:39.0198 0x08f8  Spotify Web Helper - ok

20:52:39.0432 0x08f8  [ 908C1F67D497BC05408D85AE6404AFAE, 4C7E8D74E570C945705AB89F167E737D24BF449E7F4FE0241992CBAF821F579B ] C:\Users\JimAngehr\AppData\Roaming\Spotify\Spotify.exe

20:52:39.0573 0x08f8  Spotify - ok

20:52:39.0713 0x08f8  [ AC08A03D7E579E2903925736E7AB48F2, B4350DFB5BF153D60C38835FD0D4A13A993B5FCEDE04F98750396EDF0070B3FE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

20:52:39.0729 0x08f8  GoogleChromeAutoLaunch_C003498800951E7DAE59A0A337978D44 - ok

20:52:39.0729 0x08f8  Waiting for KSN requests completion. In queue: 113

20:52:40.0759 0x08f8  Waiting for KSN requests completion. In queue: 113

20:52:41.0773 0x08f8  Waiting for KSN requests completion. In queue: 113

20:52:42.0865 0x08f8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )

20:52:42.0880 0x08f8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )

20:52:42.0911 0x08f8  Win FW state via NFP2: enabled

20:52:45.0532 0x08f8  ============================================================

20:52:45.0532 0x08f8  Scan finished

20:52:45.0532 0x08f8  ============================================================

20:52:45.0548 0x11e8  Detected object count: 0

20:52:45.0548 0x11e8  Actual detected object count: 0

20:52:57.0951 0x1420  Deinitialize success


    Advertisements

Register to Remove


#32 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 September 2014 - 07:03 PM

Hello, 
 
Lets check for remnants of those adware programmes. 

YjhLJro.png SystemLook

  • Please download SystemLook (x64) and save the file to your USB drive.
  • Right-Click SystemLook_x64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Copy the entire contents of the codebox below and paste into the textfield.
    :filefind
    *Klip Pal*
    *Optimizer Pro*
     
    :folderfind
    *Klip Pal*
    *Optimizer Pro*
     
    :regfind
    Klip Pal
    Optimizer Pro
  • Click the xJi0XpU4.png.pagespeed.ic.rkYoTeR5E5.png button to start the scan.
  • Upon completion, a log (SystemLook.txt) will open. Copy the contents of the log and paste in your next reply.
  • Click the xOCFv7xc.png.pagespeed.ic.8zW6PCGeOh.png button.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#33 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 21 September 2014 - 07:36 PM

The log is below.  I want to also mention, that my google chrome browser still opens random websites: "trovi.com" and "yahoo.com" tabs when I open it, and Internet Explorer does not work at all. 

 

 

SystemLook 30.07.11 by jpshortstuff
Log created at 21:21 on 21/09/2014 by JimAngehr
Administrator - Elevation successful

========== filefind ==========

Searching for "*Klip Pal*"
No files found.

Searching for "*Optimizer Pro*"
C:\FRST\Quarantine\c\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro on the Web.lnk    --a---- 1064 bytes    [17:12 17/09/2014]    [17:12 17/09/2014] BAD32D626DF2488F85029E0F0424BF50
C:\FRST\Quarantine\c\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro.lnk    --a---- 1084 bytes    [17:12 17/09/2014]    [17:12 17/09/2014] 7F24D7BBE7DFAC08CAF712F8A77178F9
C:\FRST\Quarantine\c\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Uninstall Optimizer Pro.lnk    --a---- 1090 bytes    [17:12 17/09/2014]    [17:12 17/09/2014] 3B58B1979C16576DDA4F39B813CDD646
C:\FRST\Quarantine\c\Windows\System32\Tasks\Optimizer Pro Schedule.xBAD    --a---- 3266 bytes    [17:17 17/09/2014]    [02:22 21/09/2014] EF2B57813CEACE52E844F69AA54BE912

Searching for " "
No files found.

========== folderfind ==========

Searching for "*Klip Pal*"
C:\FRST\Quarantine\c\Program Files (x86)\Klip Pal    d------    [17:14 17/09/2014]

Searching for "*Optimizer Pro*"
C:\FRST\Quarantine\c\Program Files (x86)\Optimizer Pro    d------    [17:12 17/09/2014]
C:\FRST\Quarantine\c\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2    d------    [17:12 17/09/2014]
C:\FRST\Quarantine\c\Users\JimAngehr\AppData\Roaming\Optimizer Pro    d------    [17:17 17/09/2014]
C:\FRST\Quarantine\c\Users\JimAngehr\Documents\Optimizer Pro    d------    [17:17 17/09/2014]

Searching for " "
No folders found.

========== regfind ==========

Searching for "Klip Pal"
[HKEY_CURRENT_USER\Software\Klip Pal]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\KlipPalbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal\bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\KlipPalbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal\bin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Klip Pal]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\KlipPalbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\0\win32]
@="C:\Program Files (x86)\Klip Pal\bin\{be5bf058-a067-4076-8c2e-22b9345a0260}64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}\1.0\HELPDIR]
@="C:\Program Files (x86)\Klip Pal\bin"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Update Klip Pal]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Util Klip Pal]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Klip Pal]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Klip Pal]
[HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Klip Pal]

Searching for "Optimizer Pro"
[HKEY_CURRENT_USER\Software\Optimizer Pro]
[HKEY_CURRENT_USER\Software\Optimizer Pro]
"DisplayName"="Optimizer Pro"
[HKEY_CURRENT_USER\Software\Optimizer Pro]
"LogDir"="C:\Users\JimAngehr\AppData\Roaming\Optimizer Pro\Log"
[HKEY_CURRENT_USER\Software\Optimizer Pro]
"UndoDir"="C:\Users\JimAngehr\AppData\Roaming\Optimizer Pro\Undo"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_70e6ca8c]
"svn"="Optimizer Pro Crash Monitor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}\_70e6ca8c]
"svpath"="c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}]
"70e6ca8c"="C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll"
[HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Optimizer Pro]
[HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Optimizer Pro]
"DisplayName"="Optimizer Pro"
[HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Optimizer Pro]
"LogDir"="C:\Users\JimAngehr\AppData\Roaming\Optimizer Pro\Log"
[HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Optimizer Pro]
"UndoDir"="C:\Users\JimAngehr\AppData\Roaming\Optimizer Pro\Undo"

-= EOF =-



#34 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 September 2014 - 08:25 PM

Hello, 
 
After completing the following, please provide an update on your computer. Are there any outstanding issues (bar our tools not running from your Desktop)?
 
STEP 1
GIRjHjL.png Reg Fix 

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    Windows Registry Editor Version 5.00
    
    [-HKEY_CURRENT_USER\Software\Klip Pal]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Klip Pal]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{929A1D7A-A365-4142-B82D-571B6F3B6E65}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Update Klip Pal]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Util Klip Pal]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Klip Pal]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Klip Pal]
    [-HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Klip Pal]
    [-HKEY_CURRENT_USER\Software\Optimizer Pro]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}]
    [-HKEY_USERS\S-1-5-21-2393212166-3480209652-2217339028-1004\Software\Optimizer Pro]
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file regfix.reg.
  • Select All Files as the Save as type.
  • Save the file to your Desktop
  • Locate regfix.reg GIRjHjL.png on your Desktop. Right-click the file and click Merge with the Registry
  • Accept any prompts.
  • Reboot your computer for the changes to take effect.
     

STEP 2
b8zkrsY.png Browser Reset
 
Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

Proceed with the reset once done.

STEP 3
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and leave the file in your Downloads Folder.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • If the programme does not run, please download and run from your USB drive.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 4
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and leave the file in your Downloads Folder.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • If the programme does not run, please download and run from your USB drive.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the regfix merge successfully?
  • Did your browsers reset OK?
  • AdwCleaner[S0].txt
  • JRT.txt
  • Update on computer

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#35 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 22 September 2014 - 03:14 PM

- Yes Regfix merged

- yes browsers are ok

- Everything on my computer is running much faster and seems clear now!  Thank you!

 

 

# AdwCleaner v3.310 - Report created 22/09/2014 at 15:30:32

# Updated 12/09/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : JimAngehr - JIMCOMPUTER

# Running from : C:\Users\JimAngehr\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\SOFTWARE\SearchProtect

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16537

 

 

-\\ Mozilla Firefox v32.0.2 (x86 en-US)

 

[ File : C:\Users\JimAngehr\AppData\Roaming\Mozilla\Firefox\Profiles\7zcy930i.default\prefs.js ]

 

 

-\\ Google Chrome v37.0.2062.120

 

[ File : C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1381 octets] - [11/06/2014 15:51:07]

AdwCleaner[R1].txt - [2128 octets] - [22/09/2014 15:20:27]

AdwCleaner[S0].txt - [1458 octets] - [11/06/2014 15:52:08]

AdwCleaner[S1].txt - [2063 octets] - [22/09/2014 15:30:32]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2123 octets] ##########

 

 

 

 

------------------ 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 8 x64
Ran by JimAngehr on Mon 09/22/2014 at 15:49:46.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F05749BB-0626-4108-9BA0-E2C7F7D1B555}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F05749BB-0626-4108-9BA0-E2C7F7D1B555}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\JimAngehr\appdata\local\{A68AEFBC-DD87-43C2-9E26-1323A89F5570}
Successfully deleted: [Empty Folder] C:\Users\JimAngehr\appdata\local\{B3779D02-02DF-4589-94B3-2AD5264F5113}
Successfully deleted: [Empty Folder] C:\Users\JimAngehr\appdata\local\{CE153A61-1131-4CD0-B4DF-4E56A2B0ACAC}



~~~ FireFox

Emptied folder: C:\Users\JimAngehr\AppData\Roaming\mozilla\firefox\profiles\7zcy930i.default\minidumps [74 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\JimAngehr\appdata\local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/22/2014 at 16:08:47.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#36 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 September 2014 - 06:10 PM

Very good. 

 

I'd like you to download and run the following programme from your Downloads folder. 

Copy the contents of FixExec.txt in your next reply. 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#37 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 24 September 2014 - 10:30 AM

FixExec by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about FixExec can be found at this link:

 http://www.bleepingc...ilities/fixexec

 

Program started at: 09/24/2014 12:30:01 PM in x64 mode.

Windows Version: Windows 8

 

Checking for processes to terminate before fixing executable associations.

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (4928) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\spotify.exe (4976) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Dropbox\bin\Dropbox.exe (4456) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (1752) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (4412) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (4392) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (5144) [Terminated].

 * C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (5344) [Terminated].

 

8 proccesses terminated!

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

  * HKLM\Software\Classes\.com\\@ has been changed to ComFile!

  * HKLM\Software\Classes\.com\\@ was reset to comfile!

 

 

Program finished at: 09/24/2014 12:30:10 PM

Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)



#38 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 24 September 2014 - 12:21 PM

OK. Lets see if we can run an executable normally. Please let me know how you get on. 
 
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Delete your copy of FRST.exe (right-click + Delete). 
  • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpgRun as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#39 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 25 September 2014 - 06:42 PM

It worked!  That was the thing that probably freaked me out the most thinking it was a virus - the fact that I couldn't run any scans.  (and the pop ups and the incredibly slow internet). 

 

I don't see an addition.txt  - here is the frst.txt below: 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by JimAngehr (administrator) on JIMCOMPUTER on 25-09-2014 20:38:04
Running from C:\Users\JimAngehr\Desktop
Loaded Profile: JimAngehr (Available profiles: James & JimAngehr)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
( ) C:\Windows\System32\lxebcoms.exe
() C:\Windows\SysWOW64\PSIService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [83568 2007-01-03] (Corel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-14] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKU\S-1-5-21-2393212166-3480209652-2217339028-1004\...\Run: [Spotify Web Helper] => C:\Users\JimAngehr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-20] (Spotify Ltd)
HKU\S-1-5-21-2393212166-3480209652-2217339028-1004\...\Run: [Spotify] => C:\Users\JimAngehr\AppData\Roaming\Spotify\Spotify.exe [6342200 2014-09-20] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\JimAngehr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\JimAngehr\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM - {F05749BB-0626-4108-9BA0-E2C7F7D1B555} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\JimAngehr\AppData\Roaming\Mozilla\Firefox\Profiles\7zcy930i.default
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Pin It button - C:\Users\JimAngehr\AppData\Roaming\Mozilla\Firefox\Profiles\7zcy930i.default\Extensions\pinterest@robertnyman.com.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\JimAngehr\AppData\Roaming\Mozilla\Firefox\Profiles\7zcy930i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-07]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\npcoplgn.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-07]
CHR Extension: (Google Search) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-07]
CHR Extension: (avast! Online Security) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-16]
CHR Extension: (Pin It Button) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-06-09]
CHR Extension: (Google Wallet) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Gmail) - C:\Users\JimAngehr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-14] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
U2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-14] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-20] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 20:38 - 2014-09-25 20:38 - 00018435 _____ () C:\Users\JimAngehr\Desktop\FRST.txt
2014-09-25 20:37 - 2014-09-25 20:37 - 02108928 _____ (Farbar) C:\Users\JimAngehr\Desktop\FRST64.exe
2014-09-24 12:30 - 2014-09-24 12:30 - 00002902 _____ () C:\Users\JimAngehr\Desktop\FixExec.txt
2014-09-24 12:29 - 2014-09-24 12:29 - 00457632 _____ (Bleeping Computer, LLC) C:\Users\JimAngehr\Downloads\FixExec.exe
2014-09-23 21:56 - 2014-09-23 21:56 - 00000886 _____ () C:\Windows\BWDir.ini
2014-09-23 21:12 - 2014-09-23 21:56 - 00010849 _____ () C:\Windows\bw500.ini
2014-09-23 08:15 - 2014-08-09 04:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-23 08:15 - 2014-08-09 04:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-09-22 16:08 - 2014-09-22 16:08 - 00001680 _____ () C:\Users\JimAngehr\Desktop\JRT.txt
2014-09-22 15:48 - 2014-09-22 15:48 - 01027006 _____ (Thisisu) C:\Users\JimAngehr\Downloads\JRT.exe
2014-09-22 15:19 - 2014-09-22 15:20 - 01373475 _____ () C:\Users\JimAngehr\Downloads\AdwCleaner.exe
2014-09-22 15:15 - 2014-09-22 15:15 - 00659968 _____ () C:\Users\JimAngehr\Downloads\MicrosoftFixit50195(1).msi
2014-09-22 14:59 - 2014-09-22 14:59 - 00001720 _____ () C:\Users\JimAngehr\Desktop\regfix.reg
2014-09-21 19:50 - 2014-09-21 19:50 - 00002560 _____ () C:\Users\JimAngehr\Desktop\fixlist.txt
2014-09-21 17:15 - 2014-09-21 17:17 - 00004406 _____ () C:\Users\JimAngehr\Desktop\Rkill.txt
2014-09-21 16:26 - 2014-09-21 16:26 - 00000000 ____D () C:\Windows\pss
2014-09-21 02:35 - 2014-09-25 20:38 - 00000000 ____D () C:\FRST
2014-09-20 21:09 - 2014-09-20 21:10 - 01267132 _____ () C:\Users\JimAngehr\Desktop\system summary.nfo
2014-09-20 20:01 - 2014-09-20 20:01 - 01911244 _____ () C:\Users\JimAngehr\Desktop\rkill.exe
2014-09-20 19:00 - 2014-09-20 19:02 - 04149736 _____ () C:\Users\JimAngehr\Downloads\tdsskiller.exe.part
2014-09-20 14:45 - 2014-09-20 14:45 - 00684612 _____ (Swearware) C:\Users\JimAngehr\Desktop\dds.scr
2014-09-20 14:41 - 2014-09-20 14:42 - 00596272 _____ () C:\Users\JimAngehr\Downloads\OTL.exe
2014-09-20 14:35 - 2014-09-20 14:36 - 19273568 _____ () C:\Users\JimAngehr\Downloads\SUPERAntiSpyware(1).exe
2014-09-20 14:33 - 2014-09-20 14:33 - 02321104 _____ () C:\Users\JimAngehr\Downloads\esetsmartinstaller_enu.exe
2014-09-20 13:50 - 2014-09-20 13:50 - 00364640 _____ (Kaspersky Lab) C:\Users\JimAngehr\Downloads\kss12.0.1.808_6398_6399.exe
2014-09-20 13:48 - 2014-09-20 13:49 - 17111720 _____ () C:\Users\JimAngehr\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 18:13 - 2014-08-16 05:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 18:13 - 2014-08-16 05:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 18:13 - 2014-08-16 05:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-11 18:13 - 2014-08-16 05:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 18:13 - 2014-08-16 05:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 18:13 - 2014-08-16 05:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 18:13 - 2014-08-16 05:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 18:13 - 2014-08-16 05:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 18:13 - 2014-08-16 03:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 18:13 - 2014-08-16 03:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 18:13 - 2014-08-16 03:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 18:13 - 2014-08-16 03:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 18:13 - 2014-03-06 20:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 18:13 - 2013-05-15 18:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-11 18:13 - 2013-05-15 18:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-11 18:13 - 2013-05-14 09:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 18:13 - 2013-05-14 05:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 18:13 - 2013-02-21 06:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 18:13 - 2013-02-21 06:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 18:13 - 2013-02-21 06:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 18:13 - 2013-02-21 06:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 18:13 - 2013-02-21 06:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 18:13 - 2013-02-21 06:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 18:13 - 2013-02-19 05:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-11 18:13 - 2012-11-08 00:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 18:13 - 2012-11-08 00:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 18:13 - 2012-07-25 23:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 18:12 - 2014-08-16 05:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 18:12 - 2014-08-16 03:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 08:08 - 2014-09-04 18:36 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 08:08 - 2014-09-02 21:49 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 07:58 - 2014-07-31 19:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-11 07:58 - 2014-06-04 21:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-11 07:58 - 2014-06-03 19:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-11 07:57 - 2014-08-28 07:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-11 07:57 - 2014-08-28 02:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-11 07:57 - 2014-08-28 02:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-11 07:57 - 2014-08-28 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-11 07:57 - 2014-08-28 02:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-11 07:57 - 2014-08-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-11 07:57 - 2014-08-28 02:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-11 07:57 - 2014-08-28 02:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-11 07:57 - 2014-07-23 23:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 07:57 - 2014-07-23 23:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-08 19:27 - 2014-09-08 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-09-08 19:27 - 2014-09-08 19:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-09-02 14:06 - 2014-09-22 15:50 - 00003194 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJimAngehr
2014-08-28 07:54 - 2014-08-23 02:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 20:35 - 2012-11-04 15:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 20:20 - 2013-07-04 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 20:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-25 19:53 - 2012-11-05 12:45 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 19:42 - 2012-11-01 21:35 - 01325582 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 19:29 - 2012-11-01 21:39 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3C235ACB-A9BA-47EB-A95E-3C18B997246B}
2014-09-24 12:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2014-09-24 12:39 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 12:29 - 2012-11-07 14:40 - 00000000 ___RD () C:\Users\JimAngehr\Dropbox
2014-09-24 12:28 - 2012-11-07 12:47 - 00000000 ____D () C:\Users\JimAngehr\AppData\Roaming\Dropbox
2014-09-24 12:28 - 2012-11-07 11:27 - 00000000 ____D () C:\Users\JimAngehr\AppData\Local\Spotify
2014-09-24 12:28 - 2012-11-07 11:26 - 00000000 ____D () C:\Users\JimAngehr\AppData\Roaming\Spotify
2014-09-24 12:27 - 2012-11-05 12:45 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 10:23 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 07:54 - 2014-07-16 07:56 - 00351008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 07:54 - 2013-05-25 13:32 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForJimAngehr.job
2014-09-23 21:12 - 2013-01-09 10:32 - 00000000 ____D () C:\Program Files (x86)\BibleWorks 5
2014-09-22 17:15 - 2014-06-11 15:51 - 00000000 ____D () C:\AdwCleaner
2014-09-22 15:50 - 2012-11-01 21:36 - 00000000 ____D () C:\Users\JimAngehr
2014-09-22 15:49 - 2013-08-03 17:03 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 15:31 - 2012-08-03 18:23 - 00633280 _____ () C:\Windows\PFRO.log
2014-09-22 15:30 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-21 21:22 - 2014-05-29 17:34 - 00000000 ____D () C:\Program Files (x86)\PFPortChecker
2014-09-21 21:22 - 2013-07-27 11:12 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-09-21 21:22 - 2012-12-21 17:56 - 00000000 ____D () C:\Program Files (x86)\FLAC
2014-09-21 21:22 - 2012-11-05 12:47 - 00002247 _____ () C:\Users\JimAngehr\Desktop\Google Chrome.lnk
2014-09-21 20:17 - 2012-11-01 21:45 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2393212166-3480209652-2217339028-1004
2014-09-21 19:58 - 2014-04-14 10:20 - 00025088 ___SH () C:\Users\JimAngehr\Desktop\Thumbs.db
2014-09-21 19:41 - 2012-12-21 18:01 - 00000000 ____D () C:\Program Files (x86)\BitTorrent
2014-09-21 19:40 - 2012-12-21 17:58 - 00000000 ____D () C:\Users\JimAngehr\AppData\Roaming\BitTorrent
2014-09-21 16:24 - 2012-11-01 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-21 16:21 - 2014-06-06 19:40 - 00000380 _____ () C:\Windows\Tasks\HPCeeScheduleForJIMCOMPUTER$.job
2014-09-21 13:21 - 2014-06-06 19:40 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJIMCOMPUTER$
2014-09-20 23:20 - 2012-11-07 14:40 - 00001032 _____ () C:\Users\JimAngehr\Desktop\Dropbox.lnk
2014-09-20 23:20 - 2012-11-07 12:49 - 00000000 ____D () C:\Users\JimAngehr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-20 23:18 - 2012-07-26 03:28 - 00006428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-20 23:09 - 2012-07-26 03:21 - 00040094 _____ () C:\Windows\setupact.log
2014-09-20 23:07 - 2012-07-26 01:26 - 00000194 _____ () C:\Windows\win.ini
2014-09-20 22:01 - 2014-05-13 10:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 22:01 - 2013-07-07 18:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-20 14:25 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\addins
2014-09-20 07:56 - 2012-11-10 14:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-20 07:55 - 2012-12-22 12:44 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-18 07:41 - 2012-11-01 21:44 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 07:41 - 2012-11-01 21:44 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-16 17:10 - 2012-11-07 14:48 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-09-15 19:47 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-14 19:56 - 2014-07-14 09:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-14 08:28 - 2013-08-14 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 08:19 - 2012-12-15 18:44 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-09 13:35 - 2012-11-04 15:20 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:27 - 2014-08-24 12:55 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-02 15:32 - 2014-08-17 09:45 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 15:32 - 2014-08-17 09:45 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\JimAngehr\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplryixn.dll
C:\Users\JimAngehr\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 08:09

==================== End Of Log ============================



#40 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 25 September 2014 - 09:14 PM

Very good. I'm pleased we've got to the bottom of this. 
 

I don't see an addition.txt  - here is the frst.txt below: 

That's because addition.txt wasn't checked when you ran FRST. But not to worry, the log is clean. We can move on.  

 

Lets check for remnants and confirm your machine appears free of malware. 
 
STEP 1
CXrghb6.png Update/Remove Java

  • Download the latest version of j8JVMVP.jpg Java from here (watch out for "Optional Offers" during the update process).
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
  • Note: The programmes below may not be present. If this is the case, please skip to the next step.
    • Java 7 Update 60
  • Follow the prompts, and reboot if necessary. 
     

STEP 2
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 3
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did Java update/remove successfully? 
  • MBAM Scan log
  • ESET Online Scan log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

    Advertisements

Register to Remove


#41 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 29 September 2014 - 03:00 AM

Hello,

Do you still require assistance?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#42 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 29 September 2014 - 06:02 AM

Still working through all the scans.  Doing eset right now, actually.  Thanks for the patience!  I took my foot off the gas pedal once the laptop was actually functional.  :)



#43 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 29 September 2014 - 06:10 AM

No problem at all. :)

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#44 lookingforaname

lookingforaname

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 01 October 2014 - 10:58 AM

yes, Java was successful.  Here are the logs, thanks for your patience and your help!  Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/28/2014
Scan Time: 10:14:02 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.29.02
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: JimAngehr

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368653
Time Elapsed: 25 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

--------------

 

 

eset: 

C:\FRST\Quarantine\c\Program Files (x86)\Optimizer Pro\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC application

C:\FRST\Quarantine\c\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe    a variant of Win32/Adware.SpeedingUpMyPC.C application

C:\FRST\Quarantine\c\Users\JimAngehr\AppData\Local\Temp\OptimizerPro.exe.xBAD multiple threats

C:\FRST\Quarantine\c\Users\JimAngehr\Downloads\fl_setup.exe.xBAD  a variant of Win32/AdWare.iBryte.BI application

 

 



#45 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 01 October 2014 - 11:14 AM

No problem. 

Those detections by ESET are for files we've already removed, and pose no risk. 

 

Lets update your software to reduce the risk of reinfection.

 

STEP 1
CXrghb6.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

STEP 2
EtQetiM.png Remove Outdated Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
  • Note: The programmes below may not be present. If this is the case, please skip to the next step.
    • Adobe Shockwave Player 11.6
  • Follow the prompts, and reboot if necessary.
     

STEP 3
zANS9oB.png Disable Java in Your Browser
Due to frequent exploits we recommend you disable Java in your browser.
For information on Java vulnerabilities, please read the following article (point #7).

  • Press the Windows Key pdKOQKY.png on your keyboard at the same time. Type Java Control Panel (or javacpl) in the search bar. 
  • Click on the Java Control Panel. Once opened, click the Security tab.
  • Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser. 
  • Click Apply. When the AVOiBNU.jpg Windows User Account Control (UAC) appears, allow permissions to make the changes. 
  • Click OK in the Java Plug-in confirmation window.
  • Restart your browser(s) for changes to take effect.
  • More information can be found here and here.
     

STEP 4
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your Desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your Desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • checkup.txt
  • How is your computer performing? Are there any outstanding issues?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users