Jump to content

'svchost.exe' and 'rukarukumoet.com'


Recommended Posts

post-160297-0-74244700-1396857583_thumb.

 

Hello there. First time poster. Recently, I downloaded Malwarebytes and since that time I get this notification approximately five times a day. For a very short time I had µTorrent installed on my computer but I uninstalled it once I no longer needed it. I suspect this is the cause. I did a scan and removed everything that Malwarebytes detected but I still get this notification. I don't know if this situation is malware or not, but the notification makes me feel uncomfortable.

 

Any help is appreciated and I will gladly participate in any steps or instructions given.

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Hello, I'm sorry for the late reply. Thanks for the help. I hope I did everything correctly.

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by walmart (administrator) on WALMART-HP on 07-04-2014 19:27:52
Running from C:\Users\walmart\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7541976 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-02] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\Run: [bIBLauncher] - C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [2744624 2014-03-27] ()
HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...\MountPoints2: {8fcbc2c5-5efa-11e1-9c3c-74de2bc78cb5} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1412740911-2687528589-1650569461-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\walmart\AppData\Local\Temp\seftxwf\sxeetuk\wow64.dll ATTENTION! ====> ZeroAccess?

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.TelevisionFanatic.com/Plugin - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)
FF Plugin-x32: @ei.TotalRecipeSearch_14.com/Plugin - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\walmart\AppData\Roaming\Mozilla\Firefox\Profiles\9h4utasv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-02]

Chrome:
=======

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (TelevisionFanatic Installer Plugin Stub) - C:\Program Files (x86)\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll (TelevisionFanatic)
CHR Plugin: (TotalRecipeSearch Installer Plugin Stub) - C:\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll (TotalRecipeSearch)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-19]
CHR Extension: (Google Drive) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-19]
CHR Extension: (YouTube) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-19]
CHR Extension: (Adblock Plus) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-17]
CHR Extension: (Google Search) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-19]
CHR Extension: (avast! Online Security) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-02]
CHR Extension: (Google Wallet) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Gmail) - C:\Users\walmart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-02]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-02] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 1999-12-31] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-02] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-02] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 19:27 - 2014-04-07 19:28 - 00017687 _____ () C:\Users\walmart\Downloads\FRST.txt
2014-04-07 19:27 - 2014-04-07 19:27 - 00000000 ____D () C:\FRST
2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe
2014-04-07 03:57 - 2014-04-07 19:22 - 00000280 _____ () C:\Windows\setupact.log
2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg
2014-04-07 03:48 - 2014-04-07 03:48 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-07 03:48 - 2014-04-07 03:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe
2014-04-06 07:40 - 2014-04-07 19:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-06 07:40 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-06 07:40 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-06 07:40 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-06 03:24 - 2014-04-07 03:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc
2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe
2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-06 03:00 - 2014-04-06 03:01 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek
2014-04-06 03:00 - 1999-12-31 19:00 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-06 03:00 - 1999-12-31 19:00 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-06 03:00 - 1999-12-31 19:00 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-04-06 03:00 - 1999-12-31 19:00 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-06 03:00 - 1999-12-31 19:00 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-04-06 03:00 - 1999-12-31 19:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-04-06 02:58 - 1999-12-31 19:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-04-06 02:58 - 1999-12-31 19:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-04-06 02:58 - 1999-12-31 19:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-04-06 02:50 - 1999-12-31 19:00 - 09888912 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll
2014-04-06 02:50 - 1999-12-31 19:00 - 00339600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2014-04-06 02:41 - 2013-11-26 15:49 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-06 02:41 - 2013-11-26 15:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-04-06 02:37 - 1999-12-31 19:00 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-04-06 02:37 - 1999-12-31 19:00 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-04-06 02:37 - 1999-12-31 19:00 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-04-06 02:37 - 1999-12-31 19:00 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-04-06 02:37 - 1999-12-31 19:00 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-04-06 02:37 - 1999-12-31 19:00 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-04-06 02:37 - 1999-12-31 19:00 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc
2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe
2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-04 20:44 - 2014-04-04 20:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe
2014-04-02 03:02 - 2014-04-02 03:02 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AVAST Software
2014-04-02 03:01 - 2014-04-06 03:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-02 03:01 - 2014-04-02 03:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-02 03:01 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-02 03:01 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-02 03:00 - 2014-04-02 03:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-02 03:00 - 2014-04-02 03:00 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-02 02:59 - 2014-04-02 02:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe
2014-04-02 02:58 - 2014-04-02 02:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-01 12:06 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-01 12:06 - 2014-03-01 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-01 12:06 - 2014-03-01 00:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-01 12:06 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-01 12:06 - 2014-02-28 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-01 12:06 - 2014-02-28 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-01 12:06 - 2014-02-28 23:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-01 12:06 - 2014-02-28 23:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-01 12:06 - 2014-02-28 23:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-01 12:06 - 2014-02-28 23:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-01 12:06 - 2014-02-28 23:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-01 12:06 - 2014-02-28 23:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-01 12:06 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-01 12:06 - 2014-02-28 23:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-01 12:06 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-01 12:06 - 2014-02-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-01 12:06 - 2014-02-28 23:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-01 12:06 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-01 12:06 - 2014-02-28 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-01 12:06 - 2014-02-28 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-01 12:06 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-01 12:06 - 2014-02-28 22:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-01 12:06 - 2014-02-28 22:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-01 12:06 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-01 12:06 - 2014-02-28 22:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-01 12:06 - 2014-02-28 22:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-01 12:06 - 2014-02-28 22:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-01 12:06 - 2014-02-28 22:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-01 12:06 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-01 12:06 - 2014-02-28 22:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-01 12:06 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-01 12:06 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-01 12:06 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-01 12:06 - 2014-02-28 22:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-01 12:06 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-01 12:06 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-01 12:06 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-01 12:06 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-01 12:06 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-01 12:06 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2}
2014-04-01 06:48 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-01 06:48 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-01 06:48 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-01 06:47 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-01 03:54 - 2014-04-01 03:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-01 03:54 - 2014-04-01 03:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files
2014-04-01 03:17 - 2014-04-02 02:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-01 03:12 - 2014-04-06 03:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe
2014-04-01 03:04 - 2014-04-06 08:19 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent
2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box
2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls
2014-03-31 19:40 - 2014-03-31 19:45 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip
2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC
2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe
2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe
2014-03-31 15:58 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-31 15:58 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-31 15:58 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-31 15:58 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-31 15:58 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-31 15:58 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-31 15:58 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-31 15:58 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-31 15:58 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-31 15:58 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-31 15:57 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-31 15:57 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-31 15:57 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-31 15:57 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-31 15:57 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-31 15:57 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-31 15:57 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-31 15:57 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-31 15:57 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-31 15:57 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-31 15:57 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-31 15:57 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-31 15:57 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-31 15:57 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-31 15:57 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-31 15:57 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-31 15:57 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-31 15:57 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-31 15:57 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-31 15:57 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-31 15:57 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-31 15:57 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-31 15:55 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-31 15:55 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-31 15:54 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-31 15:54 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 13:46 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-14 13:46 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-14 13:46 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-14 13:46 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-14 13:46 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-14 13:46 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-14 13:45 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-14 13:45 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-14 13:45 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-14 13:45 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-14 13:45 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-14 13:45 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-14 13:45 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-14 13:45 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-14 13:44 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-14 13:44 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-14 13:43 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-14 13:43 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-14 13:43 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-14 13:43 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-14 13:43 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-14 13:43 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-14 13:43 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-14 13:43 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-14 13:43 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-14 13:43 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-14 13:43 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-14 13:43 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-14 13:43 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-14 13:43 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-14 13:43 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-14 13:43 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-14 13:43 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-14 13:43 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-14 13:43 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-14 13:43 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-14 13:38 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-14 13:38 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-14 13:38 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-14 13:38 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-14 13:38 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-14 13:38 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-14 13:38 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-14 13:38 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-14 13:38 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-14 13:38 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-14 13:38 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-14 13:38 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-14 13:38 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-14 13:38 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-14 13:38 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-14 13:38 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-14 13:38 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-14 13:38 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-14 13:36 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-14 13:36 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-14 13:36 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-14 13:36 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-14 13:36 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-14 13:36 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-14 13:36 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-14 13:36 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-14 13:36 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-14 13:35 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-14 13:35 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-14 13:35 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-14 13:34 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-14 13:34 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-14 13:34 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-03-14 13:34 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-14 13:34 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-14 13:34 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-14 13:34 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-14 13:34 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-14 13:34 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-14 13:34 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-14 13:34 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-14 13:34 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-14 13:27 - 2013-08-28 21:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-14 13:27 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-14 13:27 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-14 13:27 - 2013-08-28 21:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-14 13:27 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-14 13:27 - 2013-08-28 20:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-14 13:27 - 2013-08-28 20:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-14 13:27 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-14 13:27 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-14 13:27 - 2013-08-28 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-14 13:27 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-14 13:27 - 2013-08-28 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-14 13:27 - 2013-08-28 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-14 13:27 - 2013-08-28 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-14 13:27 - 2013-08-28 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-14 13:26 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-14 13:26 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-14 13:25 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-14 13:25 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-14 13:25 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-14 13:25 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-14 13:24 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-14 13:24 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-14 13:24 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-14 13:24 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-14 13:19 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-14 13:19 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-14 12:45 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-14 12:45 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-14 12:42 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-14 12:42 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-14 12:42 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-14 12:42 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-14 12:42 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-14 12:42 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache
2014-03-14 11:56 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-14 11:56 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-14 11:56 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-14 11:56 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-14 11:56 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-14 11:56 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-14 11:56 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-14 11:56 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-14 11:56 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios
2014-03-11 22:11 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-03-11 22:11 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-11 22:11 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-03-11 22:11 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-11 22:11 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-11 22:11 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-11 22:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache
2014-03-10 16:10 - 2014-03-10 16:10 - 00012560 ____H () C:\Users\walmart\Documents\~WRL1708.tmp
2014-03-10 14:55 - 2014-03-11 22:12 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Big Fish Games
2014-03-08 20:11 - 2014-03-08 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2014-04-07 19:28 - 2014-04-07 19:27 - 00017687 _____ () C:\Users\walmart\Downloads\FRST.txt
2014-04-07 19:27 - 2014-04-07 19:27 - 00000000 ____D () C:\FRST
2014-04-07 19:26 - 2014-04-07 19:26 - 02157056 _____ (Farbar) C:\Users\walmart\Downloads\FRST64.exe
2014-04-07 19:26 - 2012-01-09 18:06 - 01745398 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 19:24 - 2014-04-06 07:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 19:23 - 2013-05-21 10:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job
2014-04-07 19:23 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 19:22 - 2014-04-07 03:57 - 00000280 _____ () C:\Windows\setupact.log
2014-04-07 19:16 - 2012-07-29 09:45 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 18:29 - 2012-05-01 19:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 18:24 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 18:24 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 03:57 - 2014-04-07 03:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-07 03:54 - 2014-04-07 03:54 - 00108138 _____ () C:\Users\walmart\Desktop\cc_20140407_035406.reg
2014-04-07 03:52 - 2012-05-14 11:50 - 00000000 ____D () C:\Windows\Minidump
2014-04-07 03:52 - 2012-03-18 15:12 - 00000000 ____D () C:\Users\walmart\AppData\Local\CrashDumps
2014-04-07 03:52 - 2012-02-24 13:21 - 00000000 ___DC () C:\Users\walmart\AppData\Local\MigWiz
2014-04-07 03:52 - 2007-01-01 20:25 - 00000000 ____D () C:\Windows\Panther
2014-04-07 03:48 - 2014-04-07 03:48 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-07 03:48 - 2014-04-07 03:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-07 03:46 - 2014-04-07 03:46 - 04787368 _____ (Piriform Ltd) C:\Users\walmart\Downloads\ccsetup412.exe
2014-04-07 03:45 - 2014-04-06 03:24 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\vlc
2014-04-06 22:21 - 2012-01-24 18:23 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{47EB58B7-2A92-44B6-AF61-DCD90F7092D8}
2014-04-06 08:19 - 2014-04-01 03:04 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\uTorrent
2014-04-06 07:40 - 2014-04-06 07:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-06 07:40 - 2014-04-06 07:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-06 07:39 - 2014-04-06 07:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\walmart\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-06 07:19 - 2014-04-06 07:19 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-06 03:23 - 2014-04-06 03:23 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent(1).exe
2014-04-06 03:23 - 2014-04-06 03:23 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-06 03:23 - 2014-04-01 03:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-06 03:12 - 2009-07-14 00:13 - 00727334 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 03:01 - 2014-04-06 03:00 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-06 03:00 - 2014-04-06 03:00 - 00000000 ____D () C:\Program Files\Realtek
2014-04-06 03:00 - 2014-04-02 03:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-06 02:58 - 2012-01-09 18:16 - 00015302 _____ () C:\Windows\system32\results.xml
2014-04-06 02:58 - 2011-04-09 16:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-06 02:53 - 2011-02-10 14:23 - 00000000 ____D () C:\SWSetup
2014-04-06 02:50 - 2012-01-09 18:12 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-04-06 02:50 - 2012-01-09 18:07 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\walmart\AppData\Local\SlimWare Utilities Inc
2014-04-06 02:36 - 2014-04-06 02:36 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-04-06 02:35 - 2014-04-06 02:35 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\walmart\Downloads\slimdrivers-setup.exe
2014-04-04 20:44 - 2014-04-04 20:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-04 20:43 - 2014-04-04 20:44 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-04 20:43 - 2014-04-04 20:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-04 20:43 - 2014-04-04 20:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-04 20:41 - 2014-04-04 20:41 - 00921000 _____ (Oracle Corporation) C:\Users\walmart\Downloads\jxpiinstall.exe
2014-04-03 09:51 - 2014-04-06 07:40 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-06 07:40 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-06 07:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 08:49 - 2012-03-22 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-03 08:49 - 2012-02-24 10:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-02 03:02 - 2014-04-02 03:02 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AVAST Software
2014-04-02 03:01 - 2014-04-02 03:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-02 03:00 - 2014-04-02 03:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-02 03:00 - 2014-04-02 03:00 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-02 03:00 - 2014-04-02 03:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-02 02:59 - 2014-04-02 02:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-02 02:58 - 2014-04-02 02:58 - 88551496 _____ (AVAST Software) C:\Users\walmart\Downloads\avast_free_antivirus_setup.exe
2014-04-02 02:58 - 2014-04-02 02:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-02 02:49 - 2014-04-01 03:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-01 10:26 - 2014-03-07 14:35 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-04-01 10:26 - 2014-02-19 00:59 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\SoftGrid Client
2014-04-01 09:48 - 2014-04-01 09:48 - 00000000 ____D () C:\Users\walmart\AppData\Local\{1DE0C16B-21B7-4980-8CE4-C25E3E1A87F2}
2014-04-01 09:48 - 2012-06-25 18:20 - 00000000 ____D () C:\Users\walmart\AppData\Local\Windows Live
2014-04-01 08:18 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-01 08:17 - 2012-01-24 18:22 - 00001417 _____ () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-01 08:17 - 2012-01-24 18:22 - 00000000 ___RD () C:\Users\walmart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-01 08:15 - 2013-03-13 19:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-01 08:15 - 2009-07-13 23:45 - 00277464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-01 08:11 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-01 08:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 06:47 - 2014-02-19 00:59 - 00744030 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-01 06:47 - 2014-02-19 00:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-01 03:54 - 2014-04-01 03:54 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-01 03:54 - 2014-04-01 03:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-01 03:54 - 2014-04-01 03:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-01 03:54 - 2014-04-01 03:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-01 03:54 - 2014-04-01 03:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-01 03:54 - 2014-04-01 03:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-01 03:54 - 2014-04-01 03:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-01 03:54 - 2014-04-01 03:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-01 03:54 - 2014-04-01 03:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-01 03:36 - 2014-04-01 03:36 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Roxio Log Files
2014-04-01 03:11 - 2014-04-01 03:11 - 24677393 _____ () C:\Users\walmart\Downloads\vlc-2.1.3-win32.exe
2014-04-01 03:11 - 2014-02-04 20:58 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe
2014-04-01 03:11 - 2012-07-29 09:45 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 03:03 - 2014-04-01 03:03 - 01671248 _____ (BitTorrent Inc.) C:\Users\walmart\Downloads\uTorrent.exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup.exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00530736 _____ (Biztree Inc.) C:\Users\walmart\Downloads\Business-in-a-Box_Setup (1).exe
2014-03-31 21:24 - 2014-03-31 21:24 - 00001133 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Users\walmart\Documents\Business-in-a-Box Files
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\ProgramData\Biztree
2014-03-31 21:24 - 2014-03-31 21:24 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box
2014-03-31 21:14 - 2014-03-31 21:14 - 00096256 _____ () C:\Users\walmart\Downloads\quote-template.xls
2014-03-31 19:45 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\AccurateRip
2014-03-31 19:40 - 2014-03-31 19:40 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\EAC
2014-03-31 19:39 - 2014-03-31 19:39 - 04422611 _____ () C:\Users\walmart\Downloads\eac-1.0beta3.exe
2014-03-31 18:16 - 2014-03-31 18:16 - 00000000 ____D () C:\Users\walmart\AppData\Local\Macromedia
2014-03-31 18:16 - 2012-05-01 19:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 18:16 - 2012-05-01 19:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 18:16 - 2012-05-01 19:46 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Users\walmart\AppData\Local\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-31 17:49 - 2014-03-31 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 17:49 - 2012-12-24 16:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-31 17:48 - 2014-03-31 17:48 - 00282880 _____ (Mozilla) C:\Users\walmart\Downloads\Firefox Setup Stub 28.0.exe
2014-03-31 12:10 - 2013-04-19 13:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 12:00 - 2014-03-14 12:00 - 00000000 __RHD () C:\MSOCache
2014-03-13 20:17 - 2014-03-13 20:17 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Vast Studios
2014-03-11 22:12 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\walmart\AppData\Roaming\Big Fish Games
2014-03-11 11:32 - 2014-03-11 11:32 - 00000000 ____D () C:\ProgramData\BigFishGamesCache
2014-03-10 16:10 - 2014-03-10 16:10 - 00012560 ____H () C:\Users\walmart\Documents\~WRL1708.tmp
2014-03-08 20:11 - 2014-03-08 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-25 15:33

==================== End Of Log ============================

 

Link to post
Share on other sites

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by walmart at 2014-04-07 19:28:55
Running from C:\Users\walmart\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 6.0.2 - Biztree Inc.)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.2.1.3726 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version:  - Zecter Inc.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{212A6F92-4871-4BD9-8E4F-F876595DE899}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.045 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{3B37422F-1A58-4138-AB02-0DD9035C02C6}) (Version: 8.6.4516.3597 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13155.3599 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

02-04-2014 07:59:13 avast! antivirus system restore point
02-04-2014 08:00:12 Windows Update
05-04-2014 01:35:52 Removed Java 6 Update 39
05-04-2014 01:40:01 Removed Java 6 Update 22 (64-bit)
05-04-2014 01:43:00 Installed Java 7 Update 51
06-04-2014 07:40:42 Installed Realtek Ethernet Controller Driver
06-04-2014 07:49:45 Installed Realtek PCIE Card Reader
06-04-2014 12:18:45 Adblock Plus for IE
06-04-2014 12:55:17 Removed SlimDrivers

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09F45ECB-415B-4D39-BCB2-0A7ECF0D47C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {146CE913-73E7-46C5-989A-98692C609DE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-31] (Adobe Systems Incorporated)
Task: {2A1E5ECB-9D15-4FBB-BEAF-3B242CDD3CBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {3406380E-B823-4286-B14E-9404A48E6574} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {3E997865-1687-41C9-BBFC-E3E9AA6FF1FE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-12-08] ()
Task: {3FCE58DA-9B6D-4BAE-8798-351F28C8034B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {448DAF13-A07A-4DE6-8C62-4414F3C7D006} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {913686CD-D599-43F9-B90E-F89ACF4DDF95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {97B3CEB7-4986-40FF-ABA3-2FC9FEF75FCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {A989ABB6-D74E-40DC-BBD8-1D3637A06612} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {B1EFBB00-9A6A-4906-BC6D-FDFA050E9750} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C77247DF-F33C-4E49-9917-F08D5D718507} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1412740911-2687528589-1650569461-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CA752EF7-0F25-4C9D-A608-4A1156F0AB56} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {DAC954F1-A9E3-4311-B889-EE907A5BB72C} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
Task: {DE57885C-53ED-4F9A-B0FC-9F269709DCA4} - System32\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-29] (Google Inc.)
Task: {E096F40B-6AB6-44B1-B0A1-0CD0C26AFC9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {E14528C7-E4AB-4DA3-BF44-835FF7F1155B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {E21D688A-A2F4-4951-B57D-FD78D5E75EF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-03-25] (Microsoft)
Task: {E4EBBA08-0CF8-4B70-AC76-571A5C9621A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-02] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce56353e9f9dbe.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-31 21:24 - 2014-03-27 15:47 - 02744624 _____ () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
2010-07-21 16:33 - 2010-07-21 16:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-04-07 03:51 - 2014-04-07 03:51 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040700\algo.dll
2014-04-02 03:00 - 2014-04-02 03:00 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-31 17:49 - 2014-03-15 03:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-01 09:41 - 2014-04-01 09:41 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2012-01-09 18:09 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:15734396
AlternateDataStreams: C:\ProgramData\Temp:C22674B6
AlternateDataStreams: C:\ProgramData\Temp:F2B81C2E
AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 03:06:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 02:59:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 02:40:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 28.0.0.5186, time stamp: 0x53240e5d
Faulting module name: mozalloc.dll, version: 28.0.0.5186, time stamp: 0x5323e5ef
Exception code: 0x80000003
Fault offset: 0x0000119c
Faulting process id: 0xb5c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (04/05/2014 08:51:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 09:15:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 08:13:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/07/2014 07:22:54 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:16:06 PM on ‎4/‎7/‎2014 was unexpected.

Error: (04/07/2014 05:35:06 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (04/06/2014 11:50:08 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0xffffffffc0000005, 0xfffff80002fc301a, 0x0000000000000001, 0x0000000000000018)C:\Windows\MEMORY.DMP040614-19952-01

Error: (04/06/2014 11:50:06 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:45:17 PM on ‎4/‎6/‎2014 was unexpected.

Error: (04/06/2014 09:54:21 AM) (Source: Service Control Manager) (User: )
Description: The Application Experience service failed to start due to the following error:
%%776

Error: (04/06/2014 07:32:02 AM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x0000000000000107, 0x0000000000000002, 0x0000000000000001, 0xfffff80002d08d35)C:\Windows\MEMORY.DMP040614-29624-01

Error: (04/06/2014 07:31:59 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:29:32 AM on ‎4/‎6/‎2014 was unexpected.

Error: (04/06/2014 06:46:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (04/06/2014 03:07:42 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (04/06/2014 03:06:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.


Microsoft Office Sessions:
=========================
Error: (04/07/2014 07:24:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 11:51:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 05:31:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 07:33:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 03:06:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 02:59:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 02:40:19 AM) (Source: Application Error)(User: )
Description: plugin-container.exe28.0.0.518653240e5dmozalloc.dll28.0.0.51865323e5ef800000030000119cb5c01cf5160fe12ecd8C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb3139b56-bd5e-11e3-84f3-ec9a74fb9e7e

Error: (04/05/2014 08:51:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 09:15:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 08:13:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-04-07 19:23:02.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 19:10:33.954
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 18:51:25.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 18:42:50.546
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 18:35:36.061
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 17:41:54.836
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 08:58:40.629
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 07:53:39.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-06 23:50:15.743
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-06 20:01:25.314
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 3001.89 MB
Available physical RAM: 1547.35 MB
Total Pagefile: 6001.96 MB
Available Pagefile: 4230.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.21 GB) (Free:232.82 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.69 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7B0CBEB5)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

Link to post
Share on other sites

TDSSKiller Log [Part 1]

19:36:25.0289 0x0990  TDSS rootkit removing tool 3.0.0.30 Apr  7 2014 15:39:12
19:36:31.0324 0x0990  ============================================================
19:36:31.0324 0x0990  Current date / time: 2014/04/07 19:36:31.0324
19:36:31.0324 0x0990  SystemInfo:
19:36:31.0324 0x0990  
19:36:31.0324 0x0990  OS Version: 6.1.7601 ServicePack: 1.0
19:36:31.0324 0x0990  Product type: Workstation
19:36:31.0325 0x0990  ComputerName: WALMART-HP
19:36:31.0325 0x0990  UserName: walmart
19:36:31.0325 0x0990  Windows directory: C:\Windows
19:36:31.0325 0x0990  System windows directory: C:\Windows
19:36:31.0325 0x0990  Running under WOW64
19:36:31.0326 0x0990  Processor architecture: Intel x64
19:36:31.0326 0x0990  Number of processors: 2
19:36:31.0326 0x0990  Page size: 0x1000
19:36:31.0326 0x0990  Boot type: Normal boot
19:36:31.0326 0x0990  ============================================================
19:36:31.0532 0x0990  KLMD registered as C:\Windows\system32\drivers\94077039.sys
19:36:32.0058 0x0990  System UUID: {F2E90BC9-A548-FF9E-AC89-A246D26B8FE3}
19:36:33.0052 0x0990  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:36:33.0059 0x0990  ============================================================
19:36:33.0059 0x0990  \Device\Harddisk0\DR0:
19:36:33.0059 0x0990  MBR partitions:
19:36:33.0059 0x0990  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:36:33.0059 0x0990  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
19:36:33.0059 0x0990  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
19:36:33.0059 0x0990  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
19:36:33.0059 0x0990  ============================================================
19:36:33.0087 0x0990  C: <-> \Device\Harddisk0\DR0\Partition2
19:36:33.0131 0x0990  D: <-> \Device\Harddisk0\DR0\Partition3
19:36:33.0144 0x0990  F: <-> \Device\Harddisk0\DR0\Partition4
19:36:33.0144 0x0990  ============================================================
19:36:33.0144 0x0990  Initialize success
19:36:33.0144 0x0990  ============================================================
19:36:53.0694 0x102c  ============================================================
19:36:53.0694 0x102c  Scan started
19:36:53.0694 0x102c  Mode: Manual;
19:36:53.0694 0x102c  ============================================================
19:36:53.0694 0x102c  KSN ping started
19:36:56.0224 0x102c  KSN ping finished: true
19:36:56.0794 0x102c  ================ Scan system memory ========================
19:36:56.0794 0x102c  System memory - ok
19:36:56.0794 0x102c  ================ Scan services =============================
19:36:56.0974 0x102c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:36:56.0984 0x102c  1394ohci - ok
19:36:57.0064 0x102c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:36:57.0074 0x102c  ACPI - ok
19:36:57.0114 0x102c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:36:57.0124 0x102c  AcpiPmi - ok
19:36:57.0214 0x102c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:36:57.0224 0x102c  AdobeFlashPlayerUpdateSvc - ok
19:36:57.0294 0x102c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:36:57.0304 0x102c  adp94xx - ok
19:36:57.0354 0x102c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:36:57.0364 0x102c  adpahci - ok
19:36:57.0394 0x102c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:36:57.0404 0x102c  adpu320 - ok
19:36:57.0444 0x102c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:36:57.0444 0x102c  AeLookupSvc - ok
19:36:57.0514 0x102c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:36:57.0514 0x102c  AERTFilters - ok
19:36:57.0564 0x102c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
19:36:57.0574 0x102c  AFD - ok
19:36:57.0614 0x102c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:36:57.0624 0x102c  agp440 - ok
19:36:57.0644 0x102c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:36:57.0654 0x102c  ALG - ok
19:36:57.0674 0x102c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:36:57.0674 0x102c  aliide - ok
19:36:57.0684 0x102c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:36:57.0684 0x102c  amdide - ok
19:36:57.0714 0x102c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:36:57.0714 0x102c  AmdK8 - ok
19:36:57.0734 0x102c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:36:57.0744 0x102c  AmdPPM - ok
19:36:57.0774 0x102c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:36:57.0784 0x102c  amdsata - ok
19:36:57.0804 0x102c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:36:57.0814 0x102c  amdsbs - ok
19:36:57.0824 0x102c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:36:57.0824 0x102c  amdxata - ok
19:36:57.0854 0x102c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:36:57.0854 0x102c  AppID - ok
19:36:57.0894 0x102c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:36:57.0894 0x102c  AppIDSvc - ok
19:36:57.0934 0x102c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:36:57.0934 0x102c  Appinfo - ok
19:36:57.0964 0x102c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:36:57.0964 0x102c  arc - ok
19:36:57.0994 0x102c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:36:57.0994 0x102c  arcsas - ok
19:36:58.0054 0x102c  [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:36:58.0054 0x102c  aswMonFlt - ok
19:36:58.0116 0x102c  [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:36:58.0116 0x102c  aswRdr - ok
19:36:58.0146 0x102c  [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:36:58.0146 0x102c  aswRvrt - ok
19:36:58.0216 0x102c  [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:36:58.0246 0x102c  aswSnx - ok
19:36:58.0286 0x102c  [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:36:58.0306 0x102c  aswSP - ok
19:36:58.0346 0x102c  [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:36:58.0356 0x102c  aswStm - ok
19:36:58.0376 0x102c  [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:36:58.0376 0x102c  aswVmm - ok
19:36:58.0396 0x102c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:58.0396 0x102c  AsyncMac - ok
19:36:58.0426 0x102c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:36:58.0426 0x102c  atapi - ok
19:36:58.0466 0x102c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:36:58.0486 0x102c  AudioEndpointBuilder - ok
19:36:58.0506 0x102c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:36:58.0526 0x102c  AudioSrv - ok
19:36:58.0666 0x102c  [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:36:58.0666 0x102c  avast! Antivirus - ok
19:36:58.0696 0x102c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:36:58.0696 0x102c  AxInstSV - ok
19:36:58.0746 0x102c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:36:58.0766 0x102c  b06bdrv - ok
19:36:58.0796 0x102c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:58.0806 0x102c  b57nd60a - ok
19:36:58.0876 0x102c  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:36:58.0906 0x102c  BCM43XX - ok
19:36:58.0936 0x102c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:36:58.0946 0x102c  BDESVC - ok
19:36:58.0956 0x102c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:36:58.0956 0x102c  Beep - ok
19:36:58.0996 0x102c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:36:59.0016 0x102c  BFE - ok
19:36:59.0066 0x102c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:36:59.0096 0x102c  BITS - ok
19:36:59.0126 0x102c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:36:59.0126 0x102c  blbdrive - ok
19:36:59.0156 0x102c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:36:59.0156 0x102c  bowser - ok
19:36:59.0186 0x102c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:36:59.0186 0x102c  BrFiltLo - ok
19:36:59.0206 0x102c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:36:59.0206 0x102c  BrFiltUp - ok
19:36:59.0236 0x102c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:36:59.0246 0x102c  Browser - ok
19:36:59.0276 0x102c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:36:59.0286 0x102c  Brserid - ok
19:36:59.0306 0x102c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:59.0316 0x102c  BrSerWdm - ok
19:36:59.0346 0x102c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:59.0346 0x102c  BrUsbMdm - ok
19:36:59.0376 0x102c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:59.0386 0x102c  BrUsbSer - ok
19:36:59.0406 0x102c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:36:59.0416 0x102c  BTHMODEM - ok
19:36:59.0446 0x102c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:36:59.0446 0x102c  bthserv - ok
19:36:59.0476 0x102c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:36:59.0486 0x102c  cdfs - ok
19:36:59.0506 0x102c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:36:59.0516 0x102c  cdrom - ok
19:36:59.0536 0x102c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:36:59.0536 0x102c  CertPropSvc - ok
19:36:59.0546 0x102c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:36:59.0556 0x102c  circlass - ok
19:36:59.0586 0x102c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:36:59.0596 0x102c  CLFS - ok
19:36:59.0666 0x102c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:59.0676 0x102c  clr_optimization_v2.0.50727_32 - ok
19:36:59.0706 0x102c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:36:59.0716 0x102c  clr_optimization_v2.0.50727_64 - ok
19:36:59.0766 0x102c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:59.0796 0x102c  clr_optimization_v4.0.30319_32 - ok
19:36:59.0826 0x102c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:36:59.0836 0x102c  clr_optimization_v4.0.30319_64 - ok
19:36:59.0866 0x102c  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
19:36:59.0866 0x102c  clwvd - ok
19:36:59.0896 0x102c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:36:59.0896 0x102c  CmBatt - ok
19:36:59.0926 0x102c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:36:59.0936 0x102c  cmdide - ok
19:36:59.0976 0x102c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:36:59.0996 0x102c  CNG - ok
19:37:00.0016 0x102c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:37:00.0016 0x102c  Compbatt - ok
19:37:00.0036 0x102c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:37:00.0046 0x102c  CompositeBus - ok
19:37:00.0046 0x102c  COMSysApp - ok
19:37:00.0066 0x102c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:37:00.0076 0x102c  crcdisk - ok
19:37:00.0116 0x102c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:37:00.0116 0x102c  CryptSvc - ok
19:37:00.0276 0x102c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:37:00.0286 0x102c  cvhsvc - ok
19:37:00.0346 0x102c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:37:00.0356 0x102c  DcomLaunch - ok
19:37:00.0396 0x102c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:37:00.0406 0x102c  defragsvc - ok
19:37:00.0436 0x102c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:37:00.0436 0x102c  DfsC - ok
19:37:00.0466 0x102c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:37:00.0476 0x102c  Dhcp - ok
19:37:00.0486 0x102c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:37:00.0496 0x102c  discache - ok
19:37:00.0536 0x102c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:37:00.0536 0x102c  Disk - ok
19:37:00.0576 0x102c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:37:00.0576 0x102c  Dnscache - ok
19:37:00.0620 0x102c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:37:00.0628 0x102c  dot3svc - ok
19:37:00.0648 0x102c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:37:00.0658 0x102c  DPS - ok
19:37:00.0698 0x102c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:37:00.0698 0x102c  drmkaud - ok
19:37:00.0768 0x102c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:37:00.0798 0x102c  DXGKrnl - ok
19:37:00.0848 0x102c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:37:00.0858 0x102c  EapHost - ok
19:37:00.0998 0x102c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:37:01.0088 0x102c  ebdrv - ok
19:37:01.0128 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
19:37:01.0128 0x102c  EFS - ok
19:37:01.0208 0x102c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:37:01.0218 0x102c  ehRecvr - ok
19:37:01.0258 0x102c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:37:01.0258 0x102c  ehSched - ok
19:37:01.0308 0x102c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:37:01.0328 0x102c  elxstor - ok
19:37:01.0358 0x102c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:37:01.0368 0x102c  ErrDev - ok
19:37:01.0418 0x102c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:37:01.0428 0x102c  EventSystem - ok
19:37:01.0448 0x102c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:37:01.0458 0x102c  exfat - ok
19:37:01.0498 0x102c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:37:01.0498 0x102c  fastfat - ok
19:37:01.0528 0x102c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:37:01.0548 0x102c  Fax - ok
19:37:01.0568 0x102c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:37:01.0568 0x102c  fdc - ok
19:37:01.0598 0x102c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:37:01.0608 0x102c  fdPHost - ok
19:37:01.0618 0x102c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:37:01.0618 0x102c  FDResPub - ok
19:37:01.0648 0x102c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:37:01.0648 0x102c  FileInfo - ok
19:37:01.0658 0x102c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:37:01.0658 0x102c  Filetrace - ok
19:37:01.0668 0x102c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:37:01.0668 0x102c  flpydisk - ok
19:37:01.0698 0x102c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:37:01.0708 0x102c  FltMgr - ok
19:37:01.0778 0x102c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:37:01.0808 0x102c  FontCache - ok
19:37:01.0858 0x102c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:37:01.0868 0x102c  FontCache3.0.0.0 - ok
19:37:01.0888 0x102c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:37:01.0888 0x102c  FsDepends - ok
19:37:01.0918 0x102c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:37:01.0918 0x102c  Fs_Rec - ok
19:37:01.0958 0x102c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:37:01.0958 0x102c  fvevol - ok
19:37:01.0988 0x102c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:37:01.0988 0x102c  gagp30kx - ok
19:37:02.0038 0x102c  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:37:02.0038 0x102c  GameConsoleService - ok
19:37:02.0098 0x102c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:37:02.0118 0x102c  gpsvc - ok
19:37:02.0178 0x102c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:02.0178 0x102c  gupdate - ok
19:37:02.0188 0x102c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:02.0188 0x102c  gupdatem - ok
19:37:02.0208 0x102c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:37:02.0208 0x102c  hcw85cir - ok
19:37:02.0238 0x102c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:37:02.0248 0x102c  HdAudAddService - ok
19:37:02.0278 0x102c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:37:02.0288 0x102c  HDAudBus - ok
19:37:02.0308 0x102c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:37:02.0308 0x102c  HidBatt - ok
19:37:02.0328 0x102c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:37:02.0328 0x102c  HidBth - ok
19:37:02.0358 0x102c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:37:02.0358 0x102c  HidIr - ok
19:37:02.0378 0x102c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:37:02.0388 0x102c  hidserv - ok
19:37:02.0418 0x102c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:37:02.0418 0x102c  HidUsb - ok
19:37:02.0458 0x102c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:37:02.0458 0x102c  hkmsvc - ok
19:37:02.0478 0x102c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:37:02.0488 0x102c  HomeGroupListener - ok
19:37:02.0518 0x102c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:37:02.0528 0x102c  HomeGroupProvider - ok
19:37:02.0588 0x102c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:37:02.0588 0x102c  HP Support Assistant Service - ok
19:37:02.0638 0x102c  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
19:37:02.0638 0x102c  HP Wireless Assistant Service - ok
19:37:02.0678 0x102c  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:37:02.0688 0x102c  HPClientSvc - ok
19:37:02.0768 0x102c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:37:02.0788 0x102c  hpqwmiex - ok
19:37:02.0818 0x102c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:37:02.0818 0x102c  HpSAMD - ok
19:37:02.0878 0x102c  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:37:02.0878 0x102c  HPWMISVC - ok
19:37:02.0928 0x102c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:37:02.0948 0x102c  HTTP - ok
19:37:02.0968 0x102c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:37:02.0968 0x102c  hwpolicy - ok
19:37:03.0006 0x102c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:03.0010 0x102c  i8042prt - ok
19:37:03.0050 0x102c  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:37:03.0060 0x102c  iaStor - ok
19:37:03.0110 0x102c  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:37:03.0110 0x102c  IAStorDataMgrSvc - ok
19:37:03.0150 0x102c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:37:03.0160 0x102c  iaStorV - ok
19:37:03.0410 0x102c  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:37:03.0460 0x102c  IconMan_R - ok
19:37:03.0550 0x102c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:37:03.0570 0x102c  idsvc - ok
19:37:03.0610 0x102c  IEEtwCollectorService - ok
19:37:04.0052 0x102c  [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:37:04.0432 0x102c  igfx - ok
19:37:04.0502 0x102c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:37:04.0512 0x102c  iirsp - ok
19:37:04.0562 0x102c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:37:04.0592 0x102c  IKEEXT - ok
19:37:04.0764 0x102c  [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:37:04.0914 0x102c  IntcAzAudAddService - ok
19:37:04.0954 0x102c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:37:04.0954 0x102c  intelide - ok
19:37:04.0994 0x102c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:37:04.0994 0x102c  intelppm - ok
19:37:05.0024 0x102c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:37:05.0024 0x102c  IPBusEnum - ok
19:37:05.0044 0x102c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:05.0054 0x102c  IpFilterDriver - ok
19:37:05.0094 0x102c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:37:05.0114 0x102c  iphlpsvc - ok
19:37:05.0154 0x102c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:37:05.0164 0x102c  IPMIDRV - ok
19:37:05.0184 0x102c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:37:05.0194 0x102c  IPNAT - ok
19:37:05.0224 0x102c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:37:05.0234 0x102c  IRENUM - ok
19:37:05.0254 0x102c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:37:05.0254 0x102c  isapnp - ok
19:37:05.0284 0x102c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:37:05.0284 0x102c  iScsiPrt - ok
19:37:05.0314 0x102c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
19:37:05.0314 0x102c  kbdclass - ok
19:37:05.0344 0x102c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:37:05.0344 0x102c  kbdhid - ok
19:37:05.0364 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
19:37:05.0364 0x102c  KeyIso - ok
19:37:05.0404 0x102c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:37:05.0404 0x102c  KSecDD - ok
19:37:05.0444 0x102c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:37:05.0444 0x102c  KSecPkg - ok
19:37:05.0484 0x102c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:37:05.0494 0x102c  ksthunk - ok
19:37:05.0554 0x102c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:37:05.0564 0x102c  KtmRm - ok
19:37:05.0594 0x102c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:37:05.0604 0x102c  LanmanServer - ok
19:37:05.0624 0x102c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:37:05.0634 0x102c  LanmanWorkstation - ok
19:37:05.0674 0x102c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:37:05.0684 0x102c  lltdio - ok
19:37:05.0714 0x102c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:37:05.0734 0x102c  lltdsvc - ok
19:37:05.0774 0x102c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:37:05.0774 0x102c  lmhosts - ok
19:37:05.0804 0x102c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:37:05.0804 0x102c  LSI_FC - ok
19:37:05.0834 0x102c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:37:05.0844 0x102c  LSI_SAS - ok
19:37:05.0854 0x102c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:37:05.0854 0x102c  LSI_SAS2 - ok
19:37:05.0874 0x102c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:37:05.0884 0x102c  LSI_SCSI - ok
19:37:05.0904 0x102c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:37:05.0914 0x102c  luafv - ok
19:37:05.0964 0x102c  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:37:05.0964 0x102c  MBAMProtector - ok
19:37:06.0094 0x102c  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
19:37:06.0134 0x102c  MBAMScheduler - ok
19:37:06.0214 0x102c  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
19:37:06.0244 0x102c  MBAMService - ok
19:37:06.0294 0x102c  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:37:06.0294 0x102c  MBAMSwissArmy - ok
19:37:06.0324 0x102c  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:37:06.0334 0x102c  MBAMWebAccessControl - ok
19:37:06.0364 0x102c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:37:06.0374 0x102c  Mcx2Svc - ok
19:37:06.0404 0x102c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:37:06.0404 0x102c  megasas - ok
19:37:06.0434 0x102c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:37:06.0434 0x102c  MegaSR - ok
19:37:06.0464 0x102c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:37:06.0474 0x102c  MMCSS - ok
19:37:06.0504 0x102c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

Link to post
Share on other sites

TDSSKiller Log [Part 2]

19:37:06.0504 0x102c  Modem - ok
19:37:06.0524 0x102c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:37:06.0524 0x102c  monitor - ok
19:37:06.0554 0x102c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:37:06.0554 0x102c  mouclass - ok
19:37:06.0564 0x102c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
19:37:06.0574 0x102c  mouhid - ok
19:37:06.0594 0x102c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:37:06.0594 0x102c  mountmgr - ok
19:37:06.0654 0x102c  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:37:06.0654 0x102c  MozillaMaintenance - ok
19:37:06.0694 0x102c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:37:06.0704 0x102c  mpio - ok
19:37:06.0724 0x102c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:37:06.0724 0x102c  mpsdrv - ok
19:37:06.0784 0x102c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:37:06.0804 0x102c  MpsSvc - ok
19:37:06.0844 0x102c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:37:06.0854 0x102c  MRxDAV - ok
19:37:06.0884 0x102c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:06.0894 0x102c  mrxsmb - ok
19:37:06.0924 0x102c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:06.0934 0x102c  mrxsmb10 - ok
19:37:06.0944 0x102c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:06.0944 0x102c  mrxsmb20 - ok
19:37:06.0974 0x102c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:37:06.0974 0x102c  msahci - ok
19:37:07.0004 0x102c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:37:07.0004 0x102c  msdsm - ok
19:37:07.0024 0x102c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:37:07.0034 0x102c  MSDTC - ok
19:37:07.0064 0x102c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:37:07.0064 0x102c  Msfs - ok
19:37:07.0084 0x102c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:37:07.0084 0x102c  mshidkmdf - ok
19:37:07.0114 0x102c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:37:07.0124 0x102c  msisadrv - ok
19:37:07.0154 0x102c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:37:07.0154 0x102c  MSiSCSI - ok
19:37:07.0164 0x102c  msiserver - ok
19:37:07.0184 0x102c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:37:07.0184 0x102c  MSKSSRV - ok
19:37:07.0194 0x102c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:07.0204 0x102c  MSPCLOCK - ok
19:37:07.0244 0x102c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:37:07.0244 0x102c  MSPQM - ok
19:37:07.0294 0x102c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:37:07.0304 0x102c  MsRPC - ok
19:37:07.0344 0x102c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:37:07.0344 0x102c  mssmbios - ok
19:37:07.0364 0x102c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:37:07.0364 0x102c  MSTEE - ok
19:37:07.0384 0x102c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:37:07.0384 0x102c  MTConfig - ok
19:37:07.0404 0x102c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:37:07.0404 0x102c  Mup - ok
19:37:07.0454 0x102c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:37:07.0464 0x102c  napagent - ok
19:37:07.0494 0x102c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:37:07.0494 0x102c  NativeWifiP - ok
19:37:07.0554 0x102c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:37:07.0584 0x102c  NDIS - ok
19:37:07.0604 0x102c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:37:07.0604 0x102c  NdisCap - ok
19:37:07.0628 0x102c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:07.0629 0x102c  NdisTapi - ok
19:37:07.0646 0x102c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:07.0646 0x102c  Ndisuio - ok
19:37:07.0656 0x102c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:07.0656 0x102c  NdisWan - ok
19:37:07.0676 0x102c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:37:07.0686 0x102c  NDProxy - ok
19:37:07.0696 0x102c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:37:07.0696 0x102c  NetBIOS - ok
19:37:07.0716 0x102c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:37:07.0726 0x102c  NetBT - ok
19:37:07.0756 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
19:37:07.0756 0x102c  Netlogon - ok
19:37:07.0806 0x102c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:37:07.0816 0x102c  Netman - ok
19:37:07.0836 0x102c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:37:07.0856 0x102c  netprofm - ok
19:37:07.0886 0x102c  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:37:07.0886 0x102c  NetTcpPortSharing - ok
19:37:07.0906 0x102c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:37:07.0906 0x102c  nfrd960 - ok
19:37:07.0946 0x102c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:37:07.0956 0x102c  NlaSvc - ok
19:37:07.0986 0x102c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:37:07.0986 0x102c  Npfs - ok
19:37:08.0016 0x102c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:37:08.0026 0x102c  nsi - ok
19:37:08.0036 0x102c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:37:08.0046 0x102c  nsiproxy - ok
19:37:08.0138 0x102c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:37:08.0198 0x102c  Ntfs - ok
19:37:08.0228 0x102c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:37:08.0228 0x102c  Null - ok
19:37:08.0248 0x102c  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
19:37:08.0258 0x102c  NVENETFD - ok
19:37:08.0278 0x102c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:37:08.0288 0x102c  nvraid - ok
19:37:08.0318 0x102c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:37:08.0318 0x102c  nvstor - ok
19:37:08.0358 0x102c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:37:08.0368 0x102c  nv_agp - ok
19:37:08.0388 0x102c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:37:08.0388 0x102c  ohci1394 - ok
19:37:08.0428 0x102c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:37:08.0428 0x102c  ose - ok
19:37:08.0648 0x102c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:37:08.0818 0x102c  osppsvc - ok
19:37:08.0868 0x102c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:37:08.0878 0x102c  p2pimsvc - ok
19:37:08.0898 0x102c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:37:08.0918 0x102c  p2psvc - ok
19:37:08.0928 0x102c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:37:08.0928 0x102c  Parport - ok
19:37:08.0958 0x102c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:37:08.0968 0x102c  partmgr - ok
19:37:08.0988 0x102c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:37:08.0998 0x102c  PcaSvc - ok
19:37:09.0008 0x102c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:37:09.0008 0x102c  pci - ok
19:37:09.0038 0x102c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:37:09.0038 0x102c  pciide - ok
19:37:09.0068 0x102c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:37:09.0078 0x102c  pcmcia - ok
19:37:09.0108 0x102c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:37:09.0108 0x102c  pcw - ok
19:37:09.0148 0x102c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:37:09.0158 0x102c  PEAUTH - ok
19:37:09.0238 0x102c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:37:09.0238 0x102c  PerfHost - ok
19:37:09.0328 0x102c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:37:09.0368 0x102c  pla - ok
19:37:09.0408 0x102c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:37:09.0418 0x102c  PlugPlay - ok
19:37:09.0438 0x102c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:37:09.0438 0x102c  PNRPAutoReg - ok
19:37:09.0468 0x102c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:37:09.0478 0x102c  PNRPsvc - ok
19:37:09.0518 0x102c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:37:09.0528 0x102c  PolicyAgent - ok
19:37:09.0568 0x102c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:37:09.0578 0x102c  Power - ok
19:37:09.0608 0x102c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:37:09.0608 0x102c  PptpMiniport - ok
19:37:09.0628 0x102c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:37:09.0628 0x102c  Processor - ok
19:37:09.0668 0x102c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:37:09.0678 0x102c  ProfSvc - ok
19:37:09.0698 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:37:09.0698 0x102c  ProtectedStorage - ok
19:37:09.0728 0x102c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:37:09.0728 0x102c  Psched - ok
19:37:09.0808 0x102c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:37:09.0848 0x102c  ql2300 - ok
19:37:09.0888 0x102c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:37:09.0888 0x102c  ql40xx - ok
19:37:09.0918 0x102c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:37:09.0928 0x102c  QWAVE - ok
19:37:09.0968 0x102c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:37:09.0968 0x102c  QWAVEdrv - ok
19:37:09.0988 0x102c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:37:09.0988 0x102c  RasAcd - ok
19:37:10.0008 0x102c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:37:10.0018 0x102c  RasAgileVpn - ok
19:37:10.0038 0x102c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:37:10.0038 0x102c  RasAuto - ok
19:37:10.0048 0x102c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:37:10.0058 0x102c  Rasl2tp - ok
19:37:10.0088 0x102c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:37:10.0098 0x102c  RasMan - ok
19:37:10.0108 0x102c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:37:10.0108 0x102c  RasPppoe - ok
19:37:10.0128 0x102c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:37:10.0128 0x102c  RasSstp - ok
19:37:10.0168 0x102c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:37:10.0178 0x102c  rdbss - ok
19:37:10.0198 0x102c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:37:10.0198 0x102c  rdpbus - ok
19:37:10.0218 0x102c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:37:10.0218 0x102c  RDPCDD - ok
19:37:10.0228 0x102c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:37:10.0228 0x102c  RDPENCDD - ok
19:37:10.0238 0x102c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:37:10.0238 0x102c  RDPREFMP - ok
19:37:10.0278 0x102c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:37:10.0278 0x102c  RDPWD - ok
19:37:10.0308 0x102c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:37:10.0318 0x102c  rdyboost - ok
19:37:10.0358 0x102c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:37:10.0368 0x102c  RemoteAccess - ok
19:37:10.0398 0x102c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:37:10.0408 0x102c  RemoteRegistry - ok
19:37:10.0448 0x102c  [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:37:10.0468 0x102c  RoxioNow Service - ok
19:37:10.0488 0x102c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:37:10.0488 0x102c  RpcEptMapper - ok
19:37:10.0508 0x102c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:37:10.0518 0x102c  RpcLocator - ok
19:37:10.0558 0x102c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:37:10.0568 0x102c  RpcSs - ok
19:37:10.0658 0x102c  [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
19:37:10.0668 0x102c  RSPCIESTOR - ok
19:37:10.0698 0x102c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:37:10.0708 0x102c  rspndr - ok
19:37:10.0768 0x102c  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:37:10.0778 0x102c  RtkAudioService - ok
19:37:10.0868 0x102c  [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:37:10.0888 0x102c  RTL8167 - ok
19:37:10.0978 0x102c  [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:37:11.0008 0x102c  RTL8192Ce - ok
19:37:11.0028 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
19:37:11.0028 0x102c  SamSs - ok
19:37:11.0068 0x102c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:37:11.0068 0x102c  sbp2port - ok
19:37:11.0108 0x102c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:37:11.0118 0x102c  SCardSvr - ok
19:37:11.0138 0x102c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:37:11.0138 0x102c  scfilter - ok
19:37:11.0188 0x102c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:37:11.0228 0x102c  Schedule - ok
19:37:11.0258 0x102c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:37:11.0258 0x102c  SCPolicySvc - ok
19:37:11.0278 0x102c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:37:11.0278 0x102c  sdbus - ok
19:37:11.0308 0x102c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:37:11.0318 0x102c  SDRSVC - ok
19:37:11.0338 0x102c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:37:11.0338 0x102c  secdrv - ok
19:37:11.0358 0x102c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:37:11.0358 0x102c  seclogon - ok
19:37:11.0378 0x102c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:37:11.0388 0x102c  SENS - ok
19:37:11.0398 0x102c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:37:11.0398 0x102c  SensrSvc - ok
19:37:11.0418 0x102c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:37:11.0418 0x102c  Serenum - ok
19:37:11.0438 0x102c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:37:11.0448 0x102c  Serial - ok
19:37:11.0478 0x102c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:37:11.0478 0x102c  sermouse - ok
19:37:11.0518 0x102c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:37:11.0528 0x102c  SessionEnv - ok
19:37:11.0558 0x102c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:37:11.0558 0x102c  sffdisk - ok
19:37:11.0578 0x102c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:37:11.0578 0x102c  sffp_mmc - ok
19:37:11.0608 0x102c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:37:11.0608 0x102c  sffp_sd - ok
19:37:11.0618 0x102c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:37:11.0618 0x102c  sfloppy - ok
19:37:11.0668 0x102c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
19:37:11.0688 0x102c  Sftfs - ok
19:37:11.0768 0x102c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:37:11.0778 0x102c  sftlist - ok
19:37:11.0818 0x102c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:37:11.0828 0x102c  Sftplay - ok
19:37:11.0858 0x102c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:37:11.0858 0x102c  Sftredir - ok
19:37:11.0878 0x102c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
19:37:11.0878 0x102c  Sftvol - ok
19:37:11.0918 0x102c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:37:11.0918 0x102c  sftvsa - ok
19:37:11.0968 0x102c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:37:11.0978 0x102c  SharedAccess - ok
19:37:12.0028 0x102c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:37:12.0038 0x102c  ShellHWDetection - ok
19:37:12.0068 0x102c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:37:12.0068 0x102c  SiSRaid2 - ok
19:37:12.0098 0x102c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:37:12.0108 0x102c  SiSRaid4 - ok
19:37:12.0128 0x102c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:37:12.0128 0x102c  Smb - ok
19:37:12.0158 0x102c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:37:12.0168 0x102c  SNMPTRAP - ok
19:37:12.0178 0x102c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:37:12.0178 0x102c  spldr - ok
19:37:12.0208 0x102c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:37:12.0228 0x102c  Spooler - ok
19:37:12.0368 0x102c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:37:12.0438 0x102c  sppsvc - ok
19:37:12.0468 0x102c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:37:12.0478 0x102c  sppuinotify - ok
19:37:12.0508 0x102c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:37:12.0528 0x102c  srv - ok
19:37:12.0548 0x102c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:37:12.0558 0x102c  srv2 - ok
19:37:12.0618 0x102c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:37:12.0628 0x102c  SrvHsfHDA - ok
19:37:12.0698 0x102c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:37:12.0738 0x102c  SrvHsfV92 - ok
19:37:12.0788 0x102c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:37:12.0808 0x102c  SrvHsfWinac - ok
19:37:12.0838 0x102c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:37:12.0848 0x102c  srvnet - ok
19:37:12.0878 0x102c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:37:12.0888 0x102c  SSDPSRV - ok
19:37:12.0908 0x102c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:37:12.0908 0x102c  SstpSvc - ok
19:37:12.0928 0x102c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:37:12.0938 0x102c  stexstor - ok
19:37:12.0978 0x102c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:37:12.0998 0x102c  stisvc - ok
19:37:13.0028 0x102c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:37:13.0028 0x102c  swenum - ok
19:37:13.0078 0x102c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:37:13.0088 0x102c  swprv - ok
19:37:13.0138 0x102c  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:37:13.0148 0x102c  SynTP - ok
19:37:13.0228 0x102c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:37:13.0268 0x102c  SysMain - ok
19:37:13.0308 0x102c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:37:13.0318 0x102c  TabletInputService - ok
19:37:13.0348 0x102c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:37:13.0358 0x102c  TapiSrv - ok
19:37:13.0378 0x102c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:37:13.0388 0x102c  TBS - ok
19:37:13.0488 0x102c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:37:13.0538 0x102c  Tcpip - ok
19:37:13.0608 0x102c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:37:13.0658 0x102c  TCPIP6 - ok
19:37:13.0698 0x102c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:37:13.0698 0x102c  tcpipreg - ok
19:37:13.0728 0x102c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:37:13.0728 0x102c  TDPIPE - ok
19:37:13.0748 0x102c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:37:13.0748 0x102c  TDTCP - ok
19:37:13.0778 0x102c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:37:13.0778 0x102c  tdx - ok
19:37:13.0798 0x102c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:37:13.0798 0x102c  TermDD - ok
19:37:13.0838 0x102c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:37:13.0858 0x102c  TermService - ok
19:37:13.0878 0x102c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:37:13.0888 0x102c  Themes - ok
19:37:13.0898 0x102c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:37:13.0908 0x102c  THREADORDER - ok
19:37:13.0928 0x102c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:37:13.0938 0x102c  TrkWks - ok
19:37:13.0988 0x102c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:37:13.0988 0x102c  TrustedInstaller - ok
19:37:14.0038 0x102c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:14.0038 0x102c  tssecsrv - ok
19:37:14.0078 0x102c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:37:14.0078 0x102c  TsUsbFlt - ok
19:37:14.0098 0x102c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:37:14.0098 0x102c  TsUsbGD - ok
19:37:14.0118 0x102c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:37:14.0118 0x102c  tunnel - ok
19:37:14.0148 0x102c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:37:14.0148 0x102c  uagp35 - ok
19:37:14.0178 0x102c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:37:14.0188 0x102c  udfs - ok
19:37:14.0228 0x102c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:37:14.0228 0x102c  UI0Detect - ok
19:37:14.0258 0x102c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:37:14.0258 0x102c  uliagpkx - ok
19:37:14.0288 0x102c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:37:14.0288 0x102c  umbus - ok
19:37:14.0318 0x102c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:37:14.0318 0x102c  UmPass - ok
19:37:14.0348 0x102c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:37:14.0358 0x102c  upnphost - ok
19:37:14.0398 0x102c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:14.0398 0x102c  usbccgp - ok
19:37:14.0418 0x102c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:37:14.0428 0x102c  usbcir - ok
19:37:14.0438 0x102c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:37:14.0438 0x102c  usbehci - ok
19:37:14.0468 0x102c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:37:14.0478 0x102c  usbhub - ok
19:37:14.0498 0x102c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:37:14.0498 0x102c  usbohci - ok
19:37:14.0528 0x102c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:37:14.0528 0x102c  usbprint - ok
19:37:14.0548 0x102c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:14.0548 0x102c  USBSTOR - ok
19:37:14.0588 0x102c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:37:14.0588 0x102c  usbuhci - ok
19:37:14.0628 0x102c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:37:14.0638 0x102c  usbvideo - ok
19:37:14.0668 0x102c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:37:14.0668 0x102c  UxSms - ok
19:37:14.0698 0x102c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
19:37:14.0698 0x102c  VaultSvc - ok
19:37:14.0728 0x102c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:37:14.0738 0x102c  vdrvroot - ok
19:37:14.0768 0x102c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:37:14.0788 0x102c  vds - ok
19:37:14.0818 0x102c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:14.0818 0x102c  vga - ok
19:37:14.0848 0x102c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:37:14.0848 0x102c  VgaSave - ok
19:37:14.0878 0x102c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:37:14.0888 0x102c  vhdmp - ok
19:37:14.0918 0x102c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:37:14.0918 0x102c  viaide - ok
19:37:14.0968 0x102c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:37:14.0968 0x102c  volmgr - ok
19:37:15.0008 0x102c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:37:15.0018 0x102c  volmgrx - ok
19:37:15.0048 0x102c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:37:15.0048 0x102c  volsnap - ok
19:37:15.0078 0x102c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:37:15.0088 0x102c  vsmraid - ok
19:37:15.0168 0x102c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:37:15.0208 0x102c  VSS - ok
19:37:15.0238 0x102c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:37:15.0238 0x102c  vwifibus - ok
19:37:15.0258 0x102c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:37:15.0268 0x102c  vwififlt - ok
19:37:15.0298 0x102c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:37:15.0308 0x102c  W32Time - ok
19:37:15.0328 0x102c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:37:15.0328 0x102c  WacomPen - ok
19:37:15.0338 0x102c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:37:15.0348 0x102c  WANARP - ok
19:37:15.0348 0x102c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:37:15.0358 0x102c  Wanarpv6 - ok
19:37:15.0428 0x102c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:15.0458 0x102c  WatAdminSvc - ok
19:37:15.0538 0x102c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:37:15.0578 0x102c  wbengine - ok
19:37:15.0598 0x102c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:37:15.0608 0x102c  WbioSrvc - ok
19:37:15.0638 0x102c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:37:15.0648 0x102c  wcncsvc - ok
19:37:15.0678 0x102c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:15.0688 0x102c  WcsPlugInService - ok
19:37:15.0708 0x102c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:37:15.0708 0x102c  Wd - ok
19:37:15.0768 0x102c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:37:15.0788 0x102c  Wdf01000 - ok
19:37:15.0798 0x102c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:37:15.0808 0x102c  WdiServiceHost - ok
19:37:15.0818 0x102c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:37:15.0818 0x102c  WdiSystemHost - ok
19:37:15.0868 0x102c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:37:15.0878 0x102c  WebClient - ok
19:37:15.0918 0x102c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:37:15.0928 0x102c  Wecsvc - ok
19:37:15.0948 0x102c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:37:15.0958 0x102c  wercplsupport - ok
19:37:15.0968 0x102c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:37:15.0978 0x102c  WerSvc - ok
19:37:15.0998 0x102c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:16.0008 0x102c  WfpLwf - ok
19:37:16.0018 0x102c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:37:16.0028 0x102c  WIMMount - ok
19:37:16.0058 0x102c  WinDefend - ok
19:37:16.0058 0x102c  WinHttpAutoProxySvc - ok
19:37:16.0118 0x102c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:37:16.0118 0x102c  Winmgmt - ok
19:37:16.0218 0x102c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:37:16.0268 0x102c  WinRM - ok
19:37:16.0328 0x102c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:37:16.0338 0x102c  WinUsb - ok
19:37:16.0378 0x102c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:37:16.0408 0x102c  Wlansvc - ok
19:37:16.0448 0x102c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:37:16.0448 0x102c  wlcrasvc - ok
19:37:16.0558 0x102c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:37:16.0618 0x102c  wlidsvc - ok
19:37:16.0658 0x102c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:37:16.0658 0x102c  WmiAcpi - ok
19:37:16.0708 0x102c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:37:16.0718 0x102c  wmiApSrv - ok
19:37:16.0758 0x102c  WMPNetworkSvc - ok
19:37:16.0778 0x102c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:37:16.0788 0x102c  WPCSvc - ok
19:37:16.0798 0x102c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:37:16.0808 0x102c  WPDBusEnum - ok
19:37:16.0838 0x102c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:37:16.0838 0x102c  ws2ifsl - ok
19:37:16.0858 0x102c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:37:16.0858 0x102c  wscsvc - ok
19:37:16.0868 0x102c  WSearch - ok
19:37:16.0978 0x102c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:37:17.0038 0x102c  wuauserv - ok
19:37:17.0068 0x102c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:37:17.0078 0x102c  WudfPf - ok
19:37:17.0098 0x102c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:17.0108 0x102c  WUDFRd - ok
19:37:17.0128 0x102c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:37:17.0128 0x102c  wudfsvc - ok
19:37:17.0168 0x102c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:37:17.0178 0x102c  WwanSvc - ok
19:37:17.0188 0x102c  ================ Scan global ===============================
19:37:17.0238 0x102c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:37:17.0278 0x102c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:37:17.0298 0x102c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:37:17.0328 0x102c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:37:17.0378 0x102c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:37:17.0388 0x102c  [ Global ] - ok
19:37:17.0388 0x102c  ================ Scan MBR ==================================
19:37:17.0398 0x102c  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
19:37:17.0398 0x102c  Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:37:17.0508 0x102c  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a ( 0 )
19:37:17.0508 0x102c  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
19:37:30.0500 0x102c  ================ Scan VBR ==================================
19:37:30.0830 0x102c  [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1
19:37:30.0840 0x102c  \Device\Harddisk0\DR0\Partition1 - ok
19:37:30.0850 0x102c  [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2
19:37:30.0850 0x102c  \Device\Harddisk0\DR0\Partition2 - ok
19:37:30.0880 0x102c  [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3
19:37:30.0880 0x102c  \Device\Harddisk0\DR0\Partition3 - ok
19:37:30.0890 0x102c  [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4
19:37:30.0900 0x102c  \Device\Harddisk0\DR0\Partition4 - ok
19:37:31.0100 0x102c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated )
19:37:31.0230 0x102c  Win FW state via NFP2: enabled
19:37:33.0822 0x102c  ============================================================
19:37:33.0822 0x102c  Scan finished
19:37:33.0822 0x102c  ============================================================
19:37:33.0842 0x0d40  Detected object count: 1
19:37:33.0842 0x0d40  Actual detected object count: 1
19:38:16.0764 0x0d40  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - skipped by user
19:38:16.0764 0x0d40  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Skip
19:40:09.0771 0x02d0  Deinitialize success

Link to post
Share on other sites

Fix with TDSS-Killer

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select copy to quarantine for the following entry.

    Rootkit.Boot.Harbinger.a
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

21:15:49.0030 3824  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:15:56.0342 3824  ============================================================
21:15:56.0342 3824  Current date / time: 2014/04/08 21:15:56.0342
21:15:56.0342 3824  SystemInfo:
21:15:56.0342 3824  
21:15:56.0342 3824  OS Version: 6.1.7601 ServicePack: 1.0
21:15:56.0342 3824  Product type: Workstation
21:15:56.0342 3824  ComputerName: WALMART-HP
21:15:56.0343 3824  UserName: walmart
21:15:56.0343 3824  Windows directory: C:\Windows
21:15:56.0343 3824  System windows directory: C:\Windows
21:15:56.0343 3824  Running under WOW64
21:15:56.0343 3824  Processor architecture: Intel x64
21:15:56.0343 3824  Number of processors: 2
21:15:56.0343 3824  Page size: 0x1000
21:15:56.0343 3824  Boot type: Normal boot
21:15:56.0343 3824  ============================================================
21:15:57.0092 3824  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:15:57.0100 3824  ============================================================
21:15:57.0100 3824  \Device\Harddisk0\DR0:
21:15:57.0100 3824  MBR partitions:
21:15:57.0100 3824  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:15:57.0100 3824  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
21:15:57.0100 3824  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
21:15:57.0100 3824  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
21:15:57.0100 3824  ============================================================
21:15:57.0128 3824  C: <-> \Device\Harddisk0\DR0\Partition2
21:15:57.0171 3824  D: <-> \Device\Harddisk0\DR0\Partition3
21:15:57.0184 3824  F: <-> \Device\Harddisk0\DR0\Partition4
21:15:57.0222 3824  ============================================================
21:15:57.0222 3824  Initialize success
21:15:57.0222 3824  ============================================================
21:16:02.0319 6508  ============================================================
21:16:02.0319 6508  Scan started
21:16:02.0319 6508  Mode: Manual;
21:16:02.0319 6508  ============================================================
21:16:03.0487 6508  ================ Scan system memory ========================
21:16:03.0487 6508  System memory - ok
21:16:03.0488 6508  ================ Scan services =============================
21:16:03.0653 6508  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:16:03.0657 6508  1394ohci - ok
21:16:03.0696 6508  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:16:03.0701 6508  ACPI - ok
21:16:03.0719 6508  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:16:03.0721 6508  AcpiPmi - ok
21:16:03.0837 6508  [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:16:03.0839 6508  AdobeFlashPlayerUpdateSvc - ok
21:16:03.0895 6508  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:16:03.0901 6508  adp94xx - ok
21:16:03.0931 6508  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:16:03.0936 6508  adpahci - ok
21:16:03.0959 6508  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:16:03.0963 6508  adpu320 - ok
21:16:03.0998 6508  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:16:03.0999 6508  AeLookupSvc - ok
21:16:04.0089 6508  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:16:04.0092 6508  AERTFilters - ok
21:16:04.0142 6508  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
21:16:04.0149 6508  AFD - ok
21:16:04.0186 6508  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:16:04.0188 6508  agp440 - ok
21:16:04.0215 6508  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:16:04.0217 6508  ALG - ok
21:16:04.0242 6508  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:16:04.0244 6508  aliide - ok
21:16:04.0265 6508  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:16:04.0266 6508  amdide - ok
21:16:04.0290 6508  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:16:04.0292 6508  AmdK8 - ok
21:16:04.0315 6508  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:16:04.0317 6508  AmdPPM - ok
21:16:04.0354 6508  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:16:04.0357 6508  amdsata - ok
21:16:04.0406 6508  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:16:04.0410 6508  amdsbs - ok
21:16:04.0428 6508  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:16:04.0430 6508  amdxata - ok
21:16:04.0467 6508  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:16:04.0469 6508  AppID - ok
21:16:04.0502 6508  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:16:04.0504 6508  AppIDSvc - ok
21:16:04.0547 6508  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:16:04.0548 6508  Appinfo - ok
21:16:04.0582 6508  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:16:04.0584 6508  arc - ok
21:16:04.0614 6508  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:16:04.0616 6508  arcsas - ok
21:16:04.0674 6508  [ 8BE618EB795A87DBFD1E09DA63F009C7 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:16:04.0676 6508  aswMonFlt - ok
21:16:04.0738 6508  [ D4259F75734EBCC8D815753B09EB2F0A ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
21:16:04.0740 6508  aswRdr - ok
21:16:04.0770 6508  [ 8D4B8BF93C65BDBC133B20706A3B5208 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
21:16:04.0772 6508  aswRvrt - ok
21:16:04.0826 6508  [ AA0D1B47BE967E1E17301DDFB66C432C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:16:04.0838 6508  aswSnx - ok
21:16:04.0885 6508  [ 15C6B7D20EE0E44A4DF82183A89CCFC2 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:16:04.0891 6508  aswSP - ok
21:16:04.0940 6508  [ 81FA56F29440406A7264CBD7B1C7CB29 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
21:16:04.0942 6508  aswStm - ok
21:16:04.0960 6508  [ 0606875650850B0697D662934529F6FC ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:16:04.0963 6508  aswVmm - ok
21:16:04.0989 6508  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:16:04.0990 6508  AsyncMac - ok
21:16:05.0038 6508  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:16:05.0039 6508  atapi - ok
21:16:05.0083 6508  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:16:05.0088 6508  AudioEndpointBuilder - ok
21:16:05.0100 6508  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:16:05.0104 6508  AudioSrv - ok
21:16:05.0257 6508  [ BEA8D0FA8805CC2E6BB49728166699C7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:16:05.0259 6508  avast! Antivirus - ok
21:16:05.0293 6508  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:16:05.0296 6508  AxInstSV - ok
21:16:05.0343 6508  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:16:05.0349 6508  b06bdrv - ok
21:16:05.0385 6508  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:16:05.0389 6508  b57nd60a - ok
21:16:05.0443 6508  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
21:16:05.0457 6508  BCM43XX - ok
21:16:05.0483 6508  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:16:05.0486 6508  BDESVC - ok
21:16:05.0503 6508  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:16:05.0504 6508  Beep - ok
21:16:05.0534 6508  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:16:05.0539 6508  BFE - ok
21:16:05.0602 6508  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:16:05.0687 6508  BITS - ok
21:16:05.0714 6508  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:16:05.0715 6508  blbdrive - ok
21:16:05.0742 6508  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:16:05.0744 6508  bowser - ok
21:16:05.0774 6508  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:16:05.0775 6508  BrFiltLo - ok
21:16:05.0795 6508  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:16:05.0796 6508  BrFiltUp - ok
21:16:05.0829 6508  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:16:05.0831 6508  Browser - ok
21:16:05.0853 6508  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:16:05.0857 6508  Brserid - ok
21:16:05.0878 6508  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:16:05.0880 6508  BrSerWdm - ok
21:16:05.0913 6508  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:16:05.0914 6508  BrUsbMdm - ok
21:16:05.0948 6508  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:16:05.0950 6508  BrUsbSer - ok
21:16:05.0977 6508  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:16:05.0978 6508  BTHMODEM - ok
21:16:06.0012 6508  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:16:06.0014 6508  bthserv - ok
21:16:06.0044 6508  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:16:06.0047 6508  cdfs - ok
21:16:06.0075 6508  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:16:06.0078 6508  cdrom - ok
21:16:06.0102 6508  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:16:06.0104 6508  CertPropSvc - ok
21:16:06.0117 6508  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:16:06.0119 6508  circlass - ok
21:16:06.0147 6508  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:16:06.0152 6508  CLFS - ok
21:16:06.0224 6508  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:16:06.0227 6508  clr_optimization_v2.0.50727_32 - ok
21:16:06.0266 6508  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:16:06.0270 6508  clr_optimization_v2.0.50727_64 - ok
21:16:06.0313 6508  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:16:06.0352 6508  clr_optimization_v4.0.30319_32 - ok
21:16:06.0385 6508  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:16:06.0388 6508  clr_optimization_v4.0.30319_64 - ok
21:16:06.0409 6508  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
21:16:06.0411 6508  clwvd - ok
21:16:06.0438 6508  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:16:06.0439 6508  CmBatt - ok
21:16:06.0476 6508  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:16:06.0477 6508  cmdide - ok
21:16:06.0506 6508  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:16:06.0512 6508  CNG - ok
21:16:06.0538 6508  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:16:06.0539 6508  Compbatt - ok
21:16:06.0564 6508  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:16:06.0565 6508  CompositeBus - ok
21:16:06.0572 6508  COMSysApp - ok
21:16:06.0594 6508  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:16:06.0595 6508  crcdisk - ok
21:16:06.0632 6508  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:16:06.0635 6508  CryptSvc - ok
21:16:06.0784 6508  [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:16:06.0793 6508  cvhsvc - ok
21:16:06.0838 6508  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:16:06.0845 6508  DcomLaunch - ok
21:16:06.0873 6508  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:16:06.0878 6508  defragsvc - ok
21:16:06.0903 6508  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:16:06.0905 6508  DfsC - ok
21:16:06.0922 6508  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:16:06.0925 6508  Dhcp - ok
21:16:06.0936 6508  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:16:06.0937 6508  discache - ok
21:16:06.0965 6508  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:16:06.0967 6508  Disk - ok
21:16:06.0993 6508  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:16:06.0996 6508  Dnscache - ok
21:16:07.0024 6508  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:16:07.0029 6508  dot3svc - ok
21:16:07.0047 6508  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:16:07.0050 6508  DPS - ok
21:16:07.0095 6508  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:16:07.0097 6508  drmkaud - ok
21:16:07.0157 6508  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:16:07.0167 6508  DXGKrnl - ok
21:16:07.0219 6508  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:16:07.0221 6508  EapHost - ok
21:16:07.0306 6508  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:16:07.0387 6508  ebdrv - ok
21:16:07.0430 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
21:16:07.0433 6508  EFS - ok
21:16:07.0496 6508  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:16:07.0505 6508  ehRecvr - ok
21:16:07.0520 6508  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:16:07.0523 6508  ehSched - ok
21:16:07.0549 6508  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:16:07.0556 6508  elxstor - ok
21:16:07.0575 6508  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:16:07.0576 6508  ErrDev - ok
21:16:07.0625 6508  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:16:07.0629 6508  EventSystem - ok
21:16:07.0662 6508  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:16:07.0665 6508  exfat - ok
21:16:07.0691 6508  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:16:07.0695 6508  fastfat - ok
21:16:07.0724 6508  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:16:07.0733 6508  Fax - ok
21:16:07.0748 6508  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:16:07.0750 6508  fdc - ok
21:16:07.0770 6508  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:16:07.0772 6508  fdPHost - ok
21:16:07.0786 6508  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:16:07.0789 6508  FDResPub - ok
21:16:07.0814 6508  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:16:07.0816 6508  FileInfo - ok
21:16:07.0827 6508  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:16:07.0828 6508  Filetrace - ok
21:16:07.0839 6508  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:16:07.0840 6508  flpydisk - ok
21:16:07.0850 6508  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:16:07.0854 6508  FltMgr - ok
21:16:07.0892 6508  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:16:07.0907 6508  FontCache - ok
21:16:07.0962 6508  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:16:07.0964 6508  FontCache3.0.0.0 - ok
21:16:07.0984 6508  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:16:07.0986 6508  FsDepends - ok
21:16:08.0008 6508  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:16:08.0010 6508  Fs_Rec - ok
21:16:08.0043 6508  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:16:08.0046 6508  fvevol - ok
21:16:08.0075 6508  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:16:08.0077 6508  gagp30kx - ok
21:16:08.0121 6508  [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:16:08.0124 6508  GameConsoleService - ok
21:16:08.0164 6508  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:16:08.0171 6508  gpsvc - ok
21:16:08.0229 6508  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:16:08.0231 6508  gupdate - ok
21:16:08.0236 6508  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:16:08.0238 6508  gupdatem - ok
21:16:08.0261 6508  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:16:08.0262 6508  hcw85cir - ok
21:16:08.0294 6508  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:16:08.0298 6508  HdAudAddService - ok
21:16:08.0326 6508  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:16:08.0328 6508  HDAudBus - ok
21:16:08.0340 6508  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:16:08.0342 6508  HidBatt - ok
21:16:08.0362 6508  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:16:08.0364 6508  HidBth - ok
21:16:08.0382 6508  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:16:08.0384 6508  HidIr - ok
21:16:08.0403 6508  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:16:08.0406 6508  hidserv - ok
21:16:08.0440 6508  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:16:08.0441 6508  HidUsb - ok
21:16:08.0475 6508  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:16:08.0479 6508  hkmsvc - ok
21:16:08.0497 6508  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:16:08.0502 6508  HomeGroupListener - ok
21:16:08.0529 6508  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:16:08.0534 6508  HomeGroupProvider - ok
21:16:08.0597 6508  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:16:08.0599 6508  HP Support Assistant Service - ok
21:16:08.0637 6508  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
21:16:08.0640 6508  HP Wireless Assistant Service - ok
21:16:08.0667 6508  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:16:08.0671 6508  HPClientSvc - ok
21:16:08.0733 6508  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:16:08.0740 6508  hpqwmiex - ok
21:16:08.0776 6508  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:16:08.0777 6508  HpSAMD - ok
21:16:08.0830 6508  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:16:08.0832 6508  HPWMISVC - ok
21:16:08.0874 6508  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:16:08.0883 6508  HTTP - ok
21:16:08.0898 6508  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:16:08.0899 6508  hwpolicy - ok
21:16:08.0935 6508  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:16:08.0937 6508  i8042prt - ok
21:16:08.0972 6508  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:16:08.0976 6508  iaStor - ok
21:16:09.0033 6508  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:16:09.0035 6508  IAStorDataMgrSvc - ok
21:16:09.0070 6508  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:16:09.0076 6508  iaStorV - ok
21:16:09.0252 6508  [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:16:09.0274 6508  IconMan_R - ok
21:16:09.0334 6508  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:16:09.0344 6508  idsvc - ok
21:16:09.0375 6508  IEEtwCollectorService - ok
21:16:09.0596 6508  [ 8814F0B9A09C647D3D7BE735450E7B4C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:16:09.0788 6508  igfx - ok
21:16:09.0806 6508  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:16:09.0808 6508  iirsp - ok
21:16:09.0855 6508  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:16:09.0862 6508  IKEEXT - ok
21:16:09.0973 6508  [ ECA5E9DA350D2D21376260CD3602449A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:16:10.0056 6508  IntcAzAudAddService - ok
21:16:10.0086 6508  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:16:10.0088 6508  intelide - ok
21:16:10.0127 6508  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:16:10.0129 6508  intelppm - ok
21:16:10.0153 6508  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:16:10.0156 6508  IPBusEnum - ok
21:16:10.0181 6508  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:16:10.0184 6508  IpFilterDriver - ok
21:16:10.0234 6508  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:16:10.0240 6508  iphlpsvc - ok
21:16:10.0268 6508  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:16:10.0270 6508  IPMIDRV - ok
21:16:10.0287 6508  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:16:10.0289 6508  IPNAT - ok
21:16:10.0318 6508  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:16:10.0320 6508  IRENUM - ok
21:16:10.0333 6508  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:16:10.0334 6508  isapnp - ok
21:16:10.0355 6508  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:16:10.0359 6508  iScsiPrt - ok
21:16:10.0379 6508  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:16:10.0381 6508  kbdclass - ok
21:16:10.0410 6508  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:16:10.0412 6508  kbdhid - ok
21:16:10.0430 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
21:16:10.0433 6508  KeyIso - ok
21:16:10.0477 6508  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:16:10.0479 6508  KSecDD - ok
21:16:10.0509 6508  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:16:10.0512 6508  KSecPkg - ok
21:16:10.0544 6508  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:16:10.0546 6508  ksthunk - ok
21:16:10.0579 6508  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:16:10.0587 6508  KtmRm - ok
21:16:10.0616 6508  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:16:10.0621 6508  LanmanServer - ok
21:16:10.0636 6508  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:16:10.0641 6508  LanmanWorkstation - ok
21:16:10.0677 6508  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:16:10.0679 6508  lltdio - ok
21:16:10.0715 6508  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:16:10.0721 6508  lltdsvc - ok
21:16:10.0765 6508  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:16:10.0768 6508  lmhosts - ok
21:16:10.0792 6508  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:16:10.0794 6508  LSI_FC - ok
21:16:10.0814 6508  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:16:10.0817 6508  LSI_SAS - ok
21:16:10.0834 6508  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:16:10.0837 6508  LSI_SAS2 - ok
21:16:10.0854 6508  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:16:10.0856 6508  LSI_SCSI - ok
21:16:10.0883 6508  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:16:10.0885 6508  luafv - ok
21:16:10.0934 6508  [ FD5465B876D55534117963FAAA4B9DFC ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:16:10.0935 6508  MBAMProtector - ok
21:16:11.0022 6508  [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
21:16:11.0042 6508  MBAMScheduler - ok
21:16:11.0096 6508  [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:16:11.0105 6508  MBAMService - ok
21:16:11.0164 6508  [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:16:11.0165 6508  MBAMSwissArmy - ok
21:16:11.0205 6508  [ C49915271600CFC2305FAA4271D0002F ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:16:11.0206 6508  MBAMWebAccessControl - ok
21:16:11.0245 6508  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:16:11.0249 6508  Mcx2Svc - ok
21:16:11.0272 6508  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:16:11.0274 6508  megasas - ok
21:16:11.0294 6508  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:16:11.0298 6508  MegaSR - ok
21:16:11.0322 6508  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:16:11.0325 6508  MMCSS - ok
21:16:11.0355 6508  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:16:11.0357 6508  Modem - ok
21:16:11.0376 6508  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:16:11.0377 6508  monitor - ok
21:16:11.0406 6508  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:16:11.0407 6508  mouclass - ok
21:16:11.0424 6508  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
21:16:11.0426 6508  mouhid - ok
21:16:11.0439 6508  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:16:11.0441 6508  mountmgr - ok
21:16:11.0498 6508  [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:16:11.0500 6508  MozillaMaintenance - ok
21:16:11.0538 6508  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:16:11.0541 6508  mpio - ok
21:16:11.0568 6508  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:16:11.0570 6508  mpsdrv - ok
21:16:11.0618 6508  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:16:11.0626 6508  MpsSvc - ok
21:16:11.0658 6508  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:16:11.0661 6508  MRxDAV - ok
21:16:11.0698 6508  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:16:11.0701 6508  mrxsmb - ok
21:16:11.0718 6508  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:16:11.0722 6508  mrxsmb10 - ok
21:16:11.0729 6508  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:16:11.0732 6508  mrxsmb20 - ok
21:16:11.0763 6508  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:16:11.0765 6508  msahci - ok
21:16:11.0788 6508  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:16:11.0791 6508  msdsm - ok
21:16:11.0811 6508  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:16:11.0815 6508  MSDTC - ok
21:16:11.0840 6508  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:16:11.0841 6508  Msfs - ok
21:16:11.0861 6508  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:16:11.0862 6508  mshidkmdf - ok
21:16:11.0885 6508  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:16:11.0887 6508  msisadrv - ok
21:16:11.0915 6508  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:16:11.0919 6508  MSiSCSI - ok
21:16:11.0925 6508  msiserver - ok
21:16:11.0940 6508  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:16:11.0951 6508  MSKSSRV - ok
21:16:11.0966 6508  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:16:11.0967 6508  MSPCLOCK - ok
21:16:11.0987 6508  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:16:11.0989 6508  MSPQM - ok
21:16:12.0010 6508  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:16:12.0016 6508  MsRPC - ok
21:16:12.0051 6508  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:16:12.0053 6508  mssmbios - ok
21:16:12.0072 6508  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:16:12.0085 6508  MSTEE - ok
21:16:12.0102 6508  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:16:12.0104 6508  MTConfig - ok
21:16:12.0127 6508  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:16:12.0129 6508  Mup - ok
21:16:12.0166 6508  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:16:12.0175 6508  napagent - ok
21:16:12.0197 6508  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:16:12.0202 6508  NativeWifiP - ok
21:16:12.0263 6508  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:16:12.0274 6508  NDIS - ok
21:16:12.0301 6508  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:16:12.0303 6508  NdisCap - ok
21:16:12.0324 6508  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:16:12.0325 6508  NdisTapi - ok
21:16:12.0343 6508  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:16:12.0345 6508  Ndisuio - ok
21:16:12.0352 6508  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:16:12.0355 6508  NdisWan - ok
21:16:12.0368 6508  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:16:12.0370 6508  NDProxy - ok
21:16:12.0386 6508  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:16:12.0388 6508  NetBIOS - ok
21:16:12.0404 6508  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:16:12.0408 6508  NetBT - ok
21:16:12.0430 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
21:16:12.0433 6508  Netlogon - ok
21:16:12.0466 6508  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:16:12.0471 6508  Netman - ok
21:16:12.0491 6508  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:16:12.0496 6508  netprofm - ok
21:16:12.0528 6508  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:16:12.0531 6508  NetTcpPortSharing - ok
21:16:12.0548 6508  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:16:12.0549 6508  nfrd960 - ok
21:16:12.0586 6508  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:16:12.0591 6508  NlaSvc - ok
21:16:12.0620 6508  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:16:12.0622 6508  Npfs - ok
21:16:12.0653 6508  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:16:12.0656 6508  nsi - ok
21:16:12.0673 6508  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:16:12.0674 6508  nsiproxy - ok
21:16:12.0735 6508  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:16:12.0771 6508  Ntfs - ok
21:16:12.0791 6508  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:16:12.0792 6508  Null - ok
21:16:12.0813 6508  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
21:16:12.0819 6508  NVENETFD - ok
21:16:12.0837 6508  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:16:12.0840 6508  nvraid - ok
21:16:12.0871 6508  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:16:12.0874 6508  nvstor - ok
21:16:12.0914 6508  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:16:12.0917 6508  nv_agp - ok
21:16:12.0930 6508  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:16:12.0932 6508  ohci1394 - ok
21:16:12.0968 6508  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:16:12.0971 6508  ose - ok
21:16:13.0115 6508  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:16:13.0181 6508  osppsvc - ok
21:16:13.0218 6508  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:16:13.0223 6508  p2pimsvc - ok
21:16:13.0240 6508  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:16:13.0245 6508  p2psvc - ok
21:16:13.0262 6508  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:16:13.0264 6508  Parport - ok
21:16:13.0294 6508  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:16:13.0297 6508  partmgr - ok
21:16:13.0320 6508  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:16:13.0324 6508  PcaSvc - ok
21:16:13.0331 6508  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:16:13.0335 6508  pci - ok
21:16:13.0371 6508  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:16:13.0373 6508  pciide - ok
21:16:13.0400 6508  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:16:13.0403 6508  pcmcia - ok
21:16:13.0430 6508  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:16:13.0432 6508  pcw - ok
21:16:13.0457 6508  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:16:13.0465 6508  PEAUTH - ok
21:16:13.0523 6508  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:16:13.0526 6508  PerfHost - ok
21:16:13.0587 6508  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:16:13.0605 6508  pla - ok
21:16:13.0637 6508  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:16:13.0644 6508  PlugPlay - ok
21:16:13.0661 6508  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:16:13.0665 6508  PNRPAutoReg - ok
21:16:13.0684 6508  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:16:13.0689 6508  PNRPsvc - ok
21:16:13.0722 6508  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:16:13.0726 6508  PolicyAgent - ok
21:16:13.0756 6508  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:16:13.0761 6508  Power - ok
21:16:13.0783 6508  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:16:13.0786 6508  PptpMiniport - ok
21:16:13.0808 6508  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:16:13.0810 6508  Processor - ok
21:16:13.0842 6508  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:16:13.0847 6508  ProfSvc - ok
21:16:13.0863 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
21:16:13.0866 6508  ProtectedStorage - ok
21:16:13.0882 6508  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:16:13.0884 6508  Psched - ok
21:16:13.0944 6508  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:16:13.0960 6508  ql2300 - ok
21:16:13.0983 6508  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:16:13.0986 6508  ql40xx - ok
21:16:14.0017 6508  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:16:14.0023 6508  QWAVE - ok
21:16:14.0053 6508  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:16:14.0055 6508  QWAVEdrv - ok
21:16:14.0067 6508  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:16:14.0069 6508  RasAcd - ok
21:16:14.0089 6508  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:16:14.0091 6508  RasAgileVpn - ok
21:16:14.0112 6508  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:16:14.0117 6508  RasAuto - ok
21:16:14.0123 6508  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:16:14.0126 6508  Rasl2tp - ok
21:16:14.0150 6508  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:16:14.0158 6508  RasMan - ok
21:16:14.0164 6508  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:16:14.0168 6508  RasPppoe - ok
21:16:14.0184 6508  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:16:14.0186 6508  RasSstp - ok
21:16:14.0224 6508  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:16:14.0229 6508  rdbss - ok
21:16:14.0243 6508  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:16:14.0245 6508  rdpbus - ok
21:16:14.0271 6508  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:16:14.0272 6508  RDPCDD - ok
21:16:14.0280 6508  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:16:14.0282 6508  RDPENCDD - ok
21:16:14.0292 6508  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:16:14.0293 6508  RDPREFMP - ok
21:16:14.0329 6508  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:16:14.0332 6508  RDPWD - ok
21:16:14.0355 6508  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:16:14.0358 6508  rdyboost - ok
21:16:14.0396 6508  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:16:14.0400 6508  RemoteAccess - ok
21:16:14.0433 6508  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:16:14.0438 6508  RemoteRegistry - ok
21:16:14.0469 6508  [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
21:16:14.0474 6508  RoxioNow Service - ok
21:16:14.0495 6508  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:16:14.0499 6508  RpcEptMapper - ok
21:16:14.0511 6508  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:16:14.0514 6508  RpcLocator - ok
21:16:14.0538 6508  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:16:14.0545 6508  RpcSs - ok
21:16:14.0620 6508  [ 7BFDFD1D2244B444D7BBC55087426518 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
21:16:14.0625 6508  RSPCIESTOR - ok
21:16:14.0656 6508  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:16:14.0659 6508  rspndr - ok
21:16:14.0724 6508  [ F1D20C2B36F78863530B251DF504CC51 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:16:14.0728 6508  RtkAudioService - ok
21:16:14.0799 6508  [ AC4CA62572CA516945AB92D6C9F501F4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:16:14.0809 6508  RTL8167 - ok
21:16:14.0869 6508  [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
21:16:14.0881 6508  RTL8192Ce - ok
21:16:14.0896 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
21:16:14.0899 6508  SamSs - ok
21:16:14.0933 6508  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:16:14.0935 6508  sbp2port - ok
21:16:14.0971 6508  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:16:14.0977 6508  SCardSvr - ok
21:16:15.0002 6508  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:16:15.0004 6508  scfilter - ok
21:16:15.0041 6508  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:16:15.0052 6508  Schedule - ok
21:16:15.0079 6508  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:16:15.0080 6508  SCPolicySvc - ok
21:16:15.0100 6508  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:16:15.0108 6508  sdbus - ok
21:16:15.0133 6508  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:16:15.0138 6508  SDRSVC - ok
21:16:15.0156 6508  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:16:15.0158 6508  secdrv - ok
21:16:15.0169 6508  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:16:15.0173 6508  seclogon - ok
21:16:15.0193 6508  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:16:15.0197 6508  SENS - ok
21:16:15.0213 6508  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:16:15.0218 6508  SensrSvc - ok
21:16:15.0230 6508  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:16:15.0232 6508  Serenum - ok
21:16:15.0253 6508  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
21:16:15.0255 6508  Serial - ok
21:16:15.0287 6508  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:16:15.0289 6508  sermouse - ok
21:16:15.0332 6508  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:16:15.0337 6508  SessionEnv - ok
21:16:15.0366 6508  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:16:15.0368 6508  sffdisk - ok
21:16:15.0388 6508  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:16:15.0390 6508  sffp_mmc - ok
21:16:15.0417 6508  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:16:15.0419 6508  sffp_sd - ok
21:16:15.0426 6508  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:16:15.0428 6508  sfloppy - ok
21:16:15.0477 6508  [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:16:15.0486 6508  Sftfs - ok
21:16:15.0561 6508  [ 77C5A741A7452812F278EF2C18478862 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:16:15.0568 6508  sftlist - ok
21:16:15.0593 6508  [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:16:15.0598 6508  Sftplay - ok
21:16:15.0623 6508  [ C5FB982CD266E604ED3142102C26D62C ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:16:15.0625 6508  Sftredir - ok
21:16:15.0646 6508  [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:16:15.0648 6508  Sftvol - ok
21:16:15.0690 6508  [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:16:15.0693 6508  sftvsa - ok
21:16:15.0739 6508  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:16:15.0745 6508  SharedAccess - ok
21:16:15.0782 6508  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:16:15.0788 6508  ShellHWDetection - ok
21:16:15.0808 6508  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:16:15.0810 6508  SiSRaid2 - ok
21:16:15.0844 6508  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:16:15.0847 6508  SiSRaid4 - ok
21:16:15.0873 6508  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:16:15.0875 6508  Smb - ok
21:16:15.0907 6508  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:16:15.0911 6508  SNMPTRAP - ok
21:16:15.0920 6508  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:16:15.0922 6508  spldr - ok
21:16:15.0949 6508  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:16:15.0956 6508  Spooler - ok
21:16:16.0033 6508  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:16:16.0074 6508  sppsvc - ok
21:16:16.0101 6508  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:16:16.0106 6508  sppuinotify - ok
21:16:16.0138 6508  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:16:16.0144 6508  srv - ok
21:16:16.0155 6508  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:16:16.0161 6508  srv2 - ok
21:16:16.0193 6508  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:16:16.0197 6508  SrvHsfHDA - ok
21:16:16.0269 6508  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:16:16.0312 6508  SrvHsfV92 - ok
21:16:16.0344 6508  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:16:16.0353 6508  SrvHsfWinac - ok
21:16:16.0384 6508  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:16:16.0387 6508  srvnet - ok
21:16:16.0436 6508  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:16:16.0441 6508  SSDPSRV - ok
21:16:16.0460 6508  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:16:16.0473 6508  SstpSvc - ok
21:16:16.0489 6508  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:16:16.0490 6508  stexstor - ok
21:16:16.0511 6508  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:16:16.0521 6508  stisvc - ok
21:16:16.0550 6508  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:16:16.0552 6508  swenum - ok
21:16:16.0588 6508  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:16:16.0598 6508  swprv - ok
21:16:16.0640 6508  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:16:16.0645 6508  SynTP - ok
21:16:16.0708 6508  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:16:16.0725 6508  SysMain - ok
21:16:16.0744 6508  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:16:16.0749 6508  TabletInputService - ok
21:16:16.0766 6508  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:16:16.0773 6508  TapiSrv - ok
21:16:16.0813 6508  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:16:16.0817 6508  TBS - ok
21:16:16.0892 6508  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:16:16.0912 6508  Tcpip - ok
21:16:16.0939 6508  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:16:16.0951 6508  TCPIP6 - ok
21:16:16.0996 6508  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:16:16.0998 6508  tcpipreg - ok
21:16:17.0025 6508  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:16:17.0026 6508  TDPIPE - ok
21:16:17.0049 6508  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:16:17.0051 6508  TDTCP - ok
21:16:17.0072 6508  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:16:17.0075 6508  tdx - ok
21:16:17.0084 6508  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:16:17.0086 6508  TermDD - ok
21:16:17.0120 6508  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:16:17.0130 6508  TermService - ok
21:16:17.0147 6508  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:16:17.0152 6508  Themes - ok
21:16:17.0168 6508  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:16:17.0171 6508  THREADORDER - ok
21:16:17.0183 6508  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:16:17.0187 6508  TrkWks - ok
21:16:17.0239 6508  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:16:17.0242 6508  TrustedInstaller - ok
21:16:17.0280 6508  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:16:17.0282 6508  tssecsrv - ok
21:16:17.0309 6508  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:16:17.0311 6508  TsUsbFlt - ok
21:16:17.0328 6508  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:16:17.0329 6508  TsUsbGD - ok
21:16:17.0349 6508  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:16:17.0353 6508  tunnel - ok
21:16:17.0379 6508  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:16:17.0399 6508  uagp35 - ok
21:16:17.0421 6508  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:16:17.0434 6508  udfs - ok
21:16:17.0471 6508  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:16:17.0476 6508  UI0Detect - ok
21:16:17.0487 6508  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:16:17.0489 6508  uliagpkx - ok
21:16:17.0518 6508  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:16:17.0521 6508  umbus - ok
21:16:17.0552 6508  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:16:17.0554 6508  UmPass - ok
21:16:17.0578 6508  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:16:17.0585 6508  upnphost - ok
21:16:17.0616 6508  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:16:17.0618 6508  usbccgp - ok
21:16:17.0631 6508  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:16:17.0633 6508  usbcir - ok
21:16:17.0652 6508  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:16:17.0654 6508  usbehci - ok
21:16:17.0677 6508  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:16:17.0682 6508  usbhub - ok
21:16:17.0701 6508  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:16:17.0703 6508  usbohci - ok
21:16:17.0725 6508  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:16:17.0727 6508  usbprint - ok
21:16:17.0745 6508  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:16:17.0747 6508  USBSTOR - ok
21:16:17.0776 6508  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:16:17.0778 6508  usbuhci - ok
21:16:17.0820 6508  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:16:17.0823 6508  usbvideo - ok
21:16:17.0846 6508  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:16:17.0851 6508  UxSms - ok
21:16:17.0875 6508  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
21:16:17.0878 6508  VaultSvc - ok
21:16:17.0900 6508  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:16:17.0902 6508  vdrvroot - ok
21:16:17.0927 6508  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:16:17.0937 6508  vds - ok
21:16:17.0965 6508  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:16:17.0967 6508  vga - ok
21:16:17.0981 6508  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:16:17.0983 6508  VgaSave - ok
21:16:18.0009 6508  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:16:18.0012 6508  vhdmp - ok
21:16:18.0041 6508  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:16:18.0043 6508  viaide - ok
21:16:18.0079 6508  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:16:18.0081 6508  volmgr - ok
21:16:18.0101 6508  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:16:18.0107 6508  volmgrx - ok
21:16:18.0130 6508  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:16:18.0134 6508  volsnap - ok
21:16:18.0157 6508  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:16:18.0160 6508  vsmraid - ok
21:16:18.0232 6508  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:16:18.0252 6508  VSS - ok
21:16:18.0286 6508  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:16:18.0288 6508  vwifibus - ok
21:16:18.0305 6508  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:16:18.0308 6508  vwififlt - ok
21:16:18.0349 6508  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:16:18.0358 6508  W32Time - ok
21:16:18.0385 6508  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:16:18.0387 6508  WacomPen - ok
21:16:18.0393 6508  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:16:18.0397 6508  WANARP - ok
21:16:18.0402 6508  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:16:18.0404 6508  Wanarpv6 - ok
21:16:18.0464 6508  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:16:18.0478 6508  WatAdminSvc - ok
21:16:18.0538 6508  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:16:18.0557 6508  wbengine - ok
21:16:18.0578 6508  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:16:18.0584 6508  WbioSrvc - ok
21:16:18.0608 6508  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:16:18.0616 6508  wcncsvc - ok
21:16:18.0647 6508  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:16:18.0652 6508  WcsPlugInService - ok
21:16:18.0677 6508  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:16:18.0678 6508  Wd - ok
21:16:18.0721 6508  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:16:18.0730 6508  Wdf01000 - ok
21:16:18.0746 6508  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:16:18.0751 6508  WdiServiceHost - ok
21:16:18.0756 6508  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:16:18.0761 6508  WdiSystemHost - ok
21:16:18.0796 6508  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
21:16:18.0803 6508  WebClient - ok
21:16:18.0843 6508  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:16:18.0850 6508  Wecsvc - ok
21:16:18.0859 6508  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:16:18.0865 6508  wercplsupport - ok
21:16:18.0883 6508  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:16:18.0888 6508  WerSvc - ok
21:16:18.0915 6508  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:16:18.0916 6508  WfpLwf - ok
21:16:18.0935 6508  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:16:18.0936 6508  WIMMount - ok
21:16:18.0968 6508  WinDefend - ok
21:16:18.0975 6508  WinHttpAutoProxySvc - ok
21:16:19.0022 6508  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:16:19.0025 6508  Winmgmt - ok
21:16:19.0085 6508  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:16:19.0110 6508  WinRM - ok
21:16:19.0156 6508  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:16:19.0158 6508  WinUsb - ok
21:16:19.0192 6508  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:16:19.0202 6508  Wlansvc - ok
21:16:19.0233 6508  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:16:19.0235 6508  wlcrasvc - ok
21:16:19.0316 6508  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:16:19.0339 6508  wlidsvc - ok
21:16:19.0373 6508  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:16:19.0375 6508  WmiAcpi - ok
21:16:19.0417 6508  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:16:19.0420 6508  wmiApSrv - ok
21:16:19.0455 6508  WMPNetworkSvc - ok
21:16:19.0483 6508  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:16:19.0488 6508  WPCSvc - ok
21:16:19.0501 6508  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:16:19.0507 6508  WPDBusEnum - ok
21:16:19.0528 6508  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:16:19.0530 6508  ws2ifsl - ok
21:16:19.0536 6508  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:16:19.0541 6508  wscsvc - ok
21:16:19.0547 6508  WSearch - ok
21:16:19.0622 6508  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:16:19.0641 6508  wuauserv - ok
21:16:19.0672 6508  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:16:19.0674 6508  WudfPf - ok
21:16:19.0688 6508  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:16:19.0691 6508  WUDFRd - ok
21:16:19.0703 6508  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:16:19.0709 6508  wudfsvc - ok
21:16:19.0742 6508  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:16:19.0749 6508  WwanSvc - ok
21:16:19.0760 6508  ================ Scan global ===============================
21:16:19.0806 6508  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:16:19.0846 6508  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:16:19.0857 6508  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:16:19.0888 6508  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:16:19.0916 6508  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:16:19.0921 6508  [Global] - ok
21:16:19.0922 6508  ================ Scan MBR ==================================
21:16:19.0938 6508  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
21:16:19.0938 6508  Suspicious mbr (Forged): \Device\Harddisk0\DR0
21:16:19.0992 6508  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
21:16:19.0992 6508  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
21:16:19.0992 6508  ================ Scan VBR ==================================
21:16:19.0996 6508  [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1
21:16:19.0997 6508  \Device\Harddisk0\DR0\Partition1 - ok
21:16:20.0005 6508  [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2
21:16:20.0007 6508  \Device\Harddisk0\DR0\Partition2 - ok
21:16:20.0035 6508  [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3
21:16:20.0036 6508  \Device\Harddisk0\DR0\Partition3 - ok
21:16:20.0052 6508  [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4
21:16:20.0052 6508  \Device\Harddisk0\DR0\Partition4 - ok
21:16:20.0053 6508  ============================================================
21:16:20.0053 6508  Scan finished
21:16:20.0053 6508  ============================================================
21:16:20.0067 6768  Detected object count: 1
21:16:20.0067 6768  Actual detected object count: 1
21:16:42.0297 6768  \Device\Harddisk0\DR0\# - copied to quarantine
21:16:42.0299 6768  \Device\Harddisk0\DR0 - copied to quarantine
21:16:42.0318 6768  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Quarantine
 

Link to post
Share on other sites

03:17:00.0146 0x1500  TDSS rootkit removing tool 3.0.0.30 Apr  7 2014 15:39:12
03:17:04.0901 0x1500  ============================================================
03:17:04.0901 0x1500  Current date / time: 2014/04/09 03:17:04.0901
03:17:04.0901 0x1500  SystemInfo:
03:17:04.0901 0x1500  
03:17:04.0901 0x1500  OS Version: 6.1.7601 ServicePack: 1.0
03:17:04.0901 0x1500  Product type: Workstation
03:17:04.0901 0x1500  ComputerName: WALMART-HP
03:17:04.0901 0x1500  UserName: walmart
03:17:04.0901 0x1500  Windows directory: C:\Windows
03:17:04.0901 0x1500  System windows directory: C:\Windows
03:17:04.0901 0x1500  Running under WOW64
03:17:04.0901 0x1500  Processor architecture: Intel x64
03:17:04.0901 0x1500  Number of processors: 2
03:17:04.0901 0x1500  Page size: 0x1000
03:17:04.0901 0x1500  Boot type: Normal boot
03:17:04.0901 0x1500  ============================================================
03:17:05.0198 0x1500  KLMD registered as C:\Windows\system32\drivers\49512773.sys
03:17:05.0980 0x1500  System UUID: {F2E90BC9-A548-FF9E-AC89-A246D26B8FE3}
03:17:07.0132 0x1500  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:17:07.0139 0x1500  ============================================================
03:17:07.0139 0x1500  \Device\Harddisk0\DR0:
03:17:07.0139 0x1500  MBR partitions:
03:17:07.0139 0x1500  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
03:17:07.0140 0x1500  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
03:17:07.0140 0x1500  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
03:17:07.0140 0x1500  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
03:17:07.0140 0x1500  ============================================================
03:17:07.0167 0x1500  C: <-> \Device\Harddisk0\DR0\Partition2
03:17:07.0211 0x1500  D: <-> \Device\Harddisk0\DR0\Partition3
03:17:07.0224 0x1500  F: <-> \Device\Harddisk0\DR0\Partition4
03:17:07.0224 0x1500  ============================================================
03:17:07.0224 0x1500  Initialize success
03:17:07.0224 0x1500  ============================================================
03:17:25.0474 0x0824  ============================================================
03:17:25.0475 0x0824  Scan started
03:17:25.0475 0x0824  Mode: Manual;
03:17:25.0475 0x0824  ============================================================
03:17:25.0475 0x0824  KSN ping started
03:17:27.0999 0x0824  KSN ping finished: true
03:17:28.0778 0x0824  ================ Scan system memory ========================
03:17:28.0778 0x0824  System memory - ok
03:17:28.0778 0x0824  ================ Scan services =============================
03:17:28.0962 0x0824  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
03:17:28.0969 0x0824  1394ohci - ok
03:17:29.0040 0x0824  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
03:17:29.0048 0x0824  ACPI - ok
03:17:29.0091 0x0824  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
03:17:29.0093 0x0824  AcpiPmi - ok
03:17:29.0191 0x0824  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:17:29.0198 0x0824  AdobeFlashPlayerUpdateSvc - ok
03:17:29.0252 0x0824  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
03:17:29.0266 0x0824  adp94xx - ok
03:17:29.0308 0x0824  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
03:17:29.0318 0x0824  adpahci - ok
03:17:29.0346 0x0824  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
03:17:29.0352 0x0824  adpu320 - ok
03:17:29.0393 0x0824  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:17:29.0396 0x0824  AeLookupSvc - ok
03:17:29.0530 0x0824  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
03:17:29.0533 0x0824  AERTFilters - ok
03:17:29.0887 0x0824  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
03:17:29.0901 0x0824  AFD - ok
03:17:29.0948 0x0824  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
03:17:29.0951 0x0824  agp440 - ok
03:17:29.0977 0x0824  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
03:17:29.0981 0x0824  ALG - ok
03:17:30.0003 0x0824  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
03:17:30.0005 0x0824  aliide - ok
03:17:30.0027 0x0824  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
03:17:30.0028 0x0824  amdide - ok
03:17:30.0052 0x0824  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
03:17:30.0055 0x0824  AmdK8 - ok
03:17:30.0077 0x0824  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
03:17:30.0080 0x0824  AmdPPM - ok
03:17:30.0117 0x0824  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
03:17:30.0121 0x0824  amdsata - ok
03:17:30.0160 0x0824  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
03:17:30.0167 0x0824  amdsbs - ok
03:17:30.0212 0x0824  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
03:17:30.0214 0x0824  amdxata - ok
03:17:30.0240 0x0824  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
03:17:30.0243 0x0824  AppID - ok
03:17:30.0275 0x0824  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
03:17:30.0277 0x0824  AppIDSvc - ok
03:17:30.0320 0x0824  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
03:17:30.0323 0x0824  Appinfo - ok
03:17:30.0367 0x0824  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
03:17:30.0371 0x0824  arc - ok
03:17:30.0399 0x0824  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
03:17:30.0403 0x0824  arcsas - ok
03:17:30.0503 0x0824  [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
03:17:30.0689 0x0824  aswMonFlt - ok
03:17:30.0746 0x0824  [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
03:17:30.0749 0x0824  aswRdr - ok
03:17:30.0788 0x0824  [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
03:17:30.0957 0x0824  aswRvrt - ok
03:17:31.0047 0x0824  [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
03:17:31.0075 0x0824  aswSnx - ok
03:17:31.0130 0x0824  [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP           C:\Windows\system32\drivers\aswSP.sys
03:17:31.0142 0x0824  aswSP - ok
03:17:31.0180 0x0824  [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
03:17:31.0183 0x0824  aswStm - ok
03:17:31.0201 0x0824  [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
03:17:31.0208 0x0824  aswVmm - ok
03:17:31.0228 0x0824  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:17:31.0229 0x0824  AsyncMac - ok
03:17:31.0255 0x0824  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
03:17:31.0257 0x0824  atapi - ok
03:17:31.0299 0x0824  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:17:31.0314 0x0824  AudioEndpointBuilder - ok
03:17:31.0339 0x0824  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
03:17:31.0355 0x0824  AudioSrv - ok
03:17:31.0497 0x0824  [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
03:17:31.0499 0x0824  avast! Antivirus - ok
03:17:31.0523 0x0824  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
03:17:31.0527 0x0824  AxInstSV - ok
03:17:31.0577 0x0824  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
03:17:31.0590 0x0824  b06bdrv - ok
03:17:31.0627 0x0824  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
03:17:31.0635 0x0824  b57nd60a - ok
03:17:31.0701 0x0824  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
03:17:31.0734 0x0824  BCM43XX - ok
03:17:31.0768 0x0824  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
03:17:31.0772 0x0824  BDESVC - ok
03:17:31.0786 0x0824  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:17:31.0787 0x0824  Beep - ok
03:17:31.0828 0x0824  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
03:17:31.0847 0x0824  BFE - ok
03:17:31.0921 0x0824  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
03:17:31.0976 0x0824  BITS - ok
03:17:32.0009 0x0824  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
03:17:32.0011 0x0824  blbdrive - ok
03:17:32.0038 0x0824  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:17:32.0041 0x0824  bowser - ok
03:17:32.0069 0x0824  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
03:17:32.0070 0x0824  BrFiltLo - ok
03:17:32.0090 0x0824  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
03:17:32.0091 0x0824  BrFiltUp - ok
03:17:32.0125 0x0824  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
03:17:32.0130 0x0824  Browser - ok
03:17:32.0152 0x0824  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
03:17:32.0160 0x0824  Brserid - ok
03:17:32.0173 0x0824  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
03:17:32.0177 0x0824  BrSerWdm - ok
03:17:32.0207 0x0824  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
03:17:32.0209 0x0824  BrUsbMdm - ok
03:17:32.0243 0x0824  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
03:17:32.0244 0x0824  BrUsbSer - ok
03:17:32.0272 0x0824  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
03:17:32.0275 0x0824  BTHMODEM - ok
03:17:32.0308 0x0824  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
03:17:32.0311 0x0824  bthserv - ok
03:17:32.0351 0x0824  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:17:32.0355 0x0824  cdfs - ok
03:17:32.0383 0x0824  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:17:32.0388 0x0824  cdrom - ok
03:17:32.0408 0x0824  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
03:17:32.0411 0x0824  CertPropSvc - ok
03:17:32.0423 0x0824  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
03:17:32.0426 0x0824  circlass - ok
03:17:32.0458 0x0824  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
03:17:32.0468 0x0824  CLFS - ok
03:17:32.0541 0x0824  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:17:32.0545 0x0824  clr_optimization_v2.0.50727_32 - ok
03:17:32.0584 0x0824  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:17:32.0588 0x0824  clr_optimization_v2.0.50727_64 - ok
03:17:32.0643 0x0824  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:17:32.0660 0x0824  clr_optimization_v4.0.30319_32 - ok
03:17:32.0692 0x0824  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:17:32.0698 0x0824  clr_optimization_v4.0.30319_64 - ok
03:17:32.0726 0x0824  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
03:17:32.0728 0x0824  clwvd - ok
03:17:32.0755 0x0824  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
03:17:32.0757 0x0824  CmBatt - ok
03:17:32.0793 0x0824  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:17:32.0795 0x0824  cmdide - ok
03:17:32.0830 0x0824  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
03:17:32.0843 0x0824  CNG - ok
03:17:32.0866 0x0824  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
03:17:32.0867 0x0824  Compbatt - ok
03:17:32.0892 0x0824  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
03:17:32.0894 0x0824  CompositeBus - ok
03:17:32.0901 0x0824  COMSysApp - ok
03:17:32.0922 0x0824  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
03:17:32.0924 0x0824  crcdisk - ok
03:17:32.0962 0x0824  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:17:32.0969 0x0824  CryptSvc - ok
03:17:33.0124 0x0824  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
03:17:33.0147 0x0824  cvhsvc - ok
03:17:33.0196 0x0824  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:17:33.0213 0x0824  DcomLaunch - ok
03:17:33.0250 0x0824  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
03:17:33.0259 0x0824  defragsvc - ok
03:17:33.0287 0x0824  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:17:33.0291 0x0824  DfsC - ok
03:17:33.0321 0x0824  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
03:17:33.0331 0x0824  Dhcp - ok
03:17:33.0343 0x0824  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
03:17:33.0345 0x0824  discache - ok
03:17:33.0383 0x0824  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
03:17:33.0386 0x0824  Disk - ok
03:17:33.0424 0x0824  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:17:33.0430 0x0824  Dnscache - ok
03:17:33.0456 0x0824  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
03:17:33.0464 0x0824  dot3svc - ok
03:17:33.0490 0x0824  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
03:17:33.0497 0x0824  DPS - ok
03:17:33.0534 0x0824  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:17:33.0536 0x0824  drmkaud - ok
03:17:33.0610 0x0824  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:17:33.0636 0x0824  DXGKrnl - ok
03:17:33.0692 0x0824  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
03:17:33.0697 0x0824  EapHost - ok
03:17:33.0838 0x0824  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
03:17:33.0963 0x0824  ebdrv - ok
03:17:34.0014 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
03:17:34.0017 0x0824  EFS - ok
03:17:34.0090 0x0824  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:17:34.0109 0x0824  ehRecvr - ok
03:17:34.0127 0x0824  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
03:17:34.0132 0x0824  ehSched - ok
03:17:34.0162 0x0824  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
03:17:34.0177 0x0824  elxstor - ok
03:17:34.0236 0x0824  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:17:34.0238 0x0824  ErrDev - ok
03:17:34.0303 0x0824  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
03:17:34.0316 0x0824  EventSystem - ok
03:17:34.0348 0x0824  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
03:17:34.0354 0x0824  exfat - ok
03:17:34.0389 0x0824  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:17:34.0395 0x0824  fastfat - ok
03:17:34.0428 0x0824  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
03:17:34.0445 0x0824  Fax - ok
03:17:34.0465 0x0824  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
03:17:34.0467 0x0824  fdc - ok
03:17:34.0487 0x0824  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
03:17:34.0489 0x0824  fdPHost - ok
03:17:34.0503 0x0824  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:17:34.0506 0x0824  FDResPub - ok
03:17:34.0531 0x0824  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:17:34.0535 0x0824  FileInfo - ok
03:17:34.0555 0x0824  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:17:34.0557 0x0824  Filetrace - ok
03:17:34.0567 0x0824  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
03:17:34.0569 0x0824  flpydisk - ok
03:17:34.0596 0x0824  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:17:34.0605 0x0824  FltMgr - ok
03:17:34.0659 0x0824  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
03:17:34.0686 0x0824  FontCache - ok
03:17:34.0746 0x0824  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:17:34.0749 0x0824  FontCache3.0.0.0 - ok
03:17:34.0769 0x0824  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
03:17:34.0771 0x0824  FsDepends - ok
03:17:34.0803 0x0824  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:17:34.0805 0x0824  Fs_Rec - ok
03:17:34.0841 0x0824  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
03:17:34.0847 0x0824  fvevol - ok
03:17:34.0870 0x0824  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
03:17:34.0873 0x0824  gagp30kx - ok
03:17:34.0919 0x0824  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
03:17:34.0926 0x0824  GameConsoleService - ok
03:17:34.0981 0x0824  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
03:17:35.0003 0x0824  gpsvc - ok
03:17:35.0059 0x0824  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:17:35.0062 0x0824  gupdate - ok
03:17:35.0070 0x0824  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:17:35.0073 0x0824  gupdatem - ok
03:17:35.0089 0x0824  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
03:17:35.0091 0x0824  hcw85cir - ok
03:17:35.0126 0x0824  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:17:35.0136 0x0824  HdAudAddService - ok
03:17:35.0166 0x0824  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
03:17:35.0170 0x0824  HDAudBus - ok
03:17:35.0190 0x0824  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
03:17:35.0192 0x0824  HidBatt - ok
03:17:35.0213 0x0824  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
03:17:35.0217 0x0824  HidBth - ok
03:17:35.0243 0x0824  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
03:17:35.0246 0x0824  HidIr - ok
03:17:35.0265 0x0824  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
03:17:35.0268 0x0824  hidserv - ok
03:17:35.0301 0x0824  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:17:35.0303 0x0824  HidUsb - ok
03:17:35.0338 0x0824  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:17:35.0342 0x0824  hkmsvc - ok
03:17:35.0361 0x0824  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:17:35.0369 0x0824  HomeGroupListener - ok
03:17:35.0404 0x0824  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:17:35.0412 0x0824  HomeGroupProvider - ok
03:17:35.0470 0x0824  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
03:17:35.0474 0x0824  HP Support Assistant Service - ok
03:17:35.0511 0x0824  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
03:17:35.0515 0x0824  HP Wireless Assistant Service - ok
03:17:35.0543 0x0824  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
03:17:35.0550 0x0824  HPClientSvc - ok
03:17:35.0631 0x0824  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
03:17:35.0656 0x0824  hpqwmiex - ok
03:17:35.0693 0x0824  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
03:17:35.0697 0x0824  HpSAMD - ok
03:17:35.0747 0x0824  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
03:17:35.0749 0x0824  HPWMISVC - ok
03:17:35.0802 0x0824  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:17:35.0822 0x0824  HTTP - ok
03:17:35.0837 0x0824  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
03:17:35.0838 0x0824  hwpolicy - ok
03:17:35.0875 0x0824  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
03:17:35.0879 0x0824  i8042prt - ok
03:17:35.0919 0x0824  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
03:17:35.0931 0x0824  iaStor - ok
03:17:35.0984 0x0824  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
03:17:35.0985 0x0824  IAStorDataMgrSvc - ok
03:17:36.0037 0x0824  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
03:17:36.0048 0x0824  iaStorV - ok
03:17:36.0283 0x0824  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
03:17:36.0395 0x0824  IconMan_R - ok
03:17:36.0462 0x0824  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:17:36.0485 0x0824  idsvc - ok
03:17:36.0524 0x0824  IEEtwCollectorService - ok
03:17:36.0903 0x0824  [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
03:17:37.0288 0x0824  igfx - ok
03:17:37.0347 0x0824  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
03:17:37.0349 0x0824  iirsp - ok
03:17:37.0408 0x0824  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
03:17:37.0431 0x0824  IKEEXT - ok
03:17:37.0603 0x0824  [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:17:37.0739 0x0824  IntcAzAudAddService - ok
03:17:37.0771 0x0824  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
03:17:37.0773 0x0824  intelide - ok
03:17:37.0812 0x0824  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:17:37.0815 0x0824  intelppm - ok
03:17:37.0838 0x0824  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:17:37.0844 0x0824  IPBusEnum - ok
03:17:37.0867 0x0824  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:17:37.0870 0x0824  IpFilterDriver - ok
03:17:37.0916 0x0824  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:17:37.0930 0x0824  iphlpsvc - ok
03:17:37.0964 0x0824  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
03:17:37.0967 0x0824  IPMIDRV - ok
03:17:37.0995 0x0824  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
03:17:37.0999 0x0824  IPNAT - ok
03:17:38.0025 0x0824  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:17:38.0027 0x0824  IRENUM - ok
03:17:38.0050 0x0824  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:17:38.0052 0x0824  isapnp - ok
03:17:38.0076 0x0824  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
03:17:38.0084 0x0824  iScsiPrt - ok
03:17:38.0098 0x0824  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
03:17:38.0100 0x0824  kbdclass - ok
03:17:38.0128 0x0824  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
03:17:38.0130 0x0824  kbdhid - ok
03:17:38.0148 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
03:17:38.0151 0x0824  KeyIso - ok
03:17:38.0185 0x0824  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:17:38.0189 0x0824  KSecDD - ok
03:17:38.0240 0x0824  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

 

Link to post
Share on other sites

03:17:38.0245 0x0824  KSecPkg - ok
03:17:38.0284 0x0824  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
03:17:38.0286 0x0824  ksthunk - ok
03:17:38.0325 0x0824  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:17:38.0337 0x0824  KtmRm - ok
03:17:38.0371 0x0824  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
03:17:38.0380 0x0824  LanmanServer - ok
03:17:38.0400 0x0824  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:17:38.0408 0x0824  LanmanWorkstation - ok
03:17:38.0440 0x0824  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:17:38.0442 0x0824  lltdio - ok
03:17:38.0482 0x0824  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:17:38.0492 0x0824  lltdsvc - ok
03:17:38.0538 0x0824  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:17:38.0542 0x0824  lmhosts - ok
03:17:38.0567 0x0824  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
03:17:38.0571 0x0824  LSI_FC - ok
03:17:38.0600 0x0824  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
03:17:38.0604 0x0824  LSI_SAS - ok
03:17:38.0619 0x0824  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
03:17:38.0622 0x0824  LSI_SAS2 - ok
03:17:38.0640 0x0824  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
03:17:38.0644 0x0824  LSI_SCSI - ok
03:17:38.0669 0x0824  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
03:17:38.0673 0x0824  luafv - ok
03:17:38.0729 0x0824  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
03:17:38.0731 0x0824  MBAMProtector - ok
03:17:38.0855 0x0824  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
03:17:38.0894 0x0824  MBAMScheduler - ok
03:17:38.0970 0x0824  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
03:17:38.0989 0x0824  MBAMService - ok
03:17:39.0061 0x0824  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
03:17:39.0065 0x0824  MBAMSwissArmy - ok
03:17:39.0113 0x0824  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
03:17:39.0115 0x0824  MBAMWebAccessControl - ok
03:17:39.0153 0x0824  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:17:39.0158 0x0824  Mcx2Svc - ok
03:17:39.0190 0x0824  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
03:17:39.0193 0x0824  megasas - ok
03:17:39.0216 0x0824  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
03:17:39.0224 0x0824  MegaSR - ok
03:17:39.0252 0x0824  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
03:17:39.0256 0x0824  MMCSS - ok
03:17:39.0285 0x0824  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
03:17:39.0287 0x0824  Modem - ok
03:17:39.0305 0x0824  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:17:39.0307 0x0824  monitor - ok
03:17:39.0335 0x0824  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:17:39.0338 0x0824  mouclass - ok
03:17:39.0353 0x0824  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
03:17:39.0355 0x0824  mouhid - ok
03:17:39.0369 0x0824  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
03:17:39.0373 0x0824  mountmgr - ok
03:17:39.0429 0x0824  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:17:39.0432 0x0824  MozillaMaintenance - ok
03:17:39.0469 0x0824  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
03:17:39.0474 0x0824  mpio - ok
03:17:39.0498 0x0824  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:17:39.0501 0x0824  mpsdrv - ok
03:17:39.0559 0x0824  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:17:39.0583 0x0824  MpsSvc - ok
03:17:39.0622 0x0824  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:17:39.0627 0x0824  MRxDAV - ok
03:17:39.0674 0x0824  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:17:39.0679 0x0824  mrxsmb - ok
03:17:39.0695 0x0824  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:17:39.0703 0x0824  mrxsmb10 - ok
03:17:39.0713 0x0824  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:17:39.0718 0x0824  mrxsmb20 - ok
03:17:39.0748 0x0824  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
03:17:39.0750 0x0824  msahci - ok
03:17:39.0774 0x0824  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:17:39.0780 0x0824  msdsm - ok
03:17:39.0819 0x0824  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
03:17:39.0826 0x0824  MSDTC - ok
03:17:39.0859 0x0824  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:17:39.0861 0x0824  Msfs - ok
03:17:39.0878 0x0824  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
03:17:39.0880 0x0824  mshidkmdf - ok
03:17:39.0901 0x0824  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:17:39.0903 0x0824  msisadrv - ok
03:17:39.0935 0x0824  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:17:39.0941 0x0824  MSiSCSI - ok
03:17:39.0947 0x0824  msiserver - ok
03:17:39.0969 0x0824  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:17:39.0980 0x0824  MSKSSRV - ok
03:17:39.0995 0x0824  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:17:39.0996 0x0824  MSPCLOCK - ok
03:17:40.0016 0x0824  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:17:40.0018 0x0824  MSPQM - ok
03:17:40.0044 0x0824  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:17:40.0054 0x0824  MsRPC - ok
03:17:40.0092 0x0824  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
03:17:40.0094 0x0824  mssmbios - ok
03:17:40.0112 0x0824  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:17:40.0124 0x0824  MSTEE - ok
03:17:40.0142 0x0824  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
03:17:40.0144 0x0824  MTConfig - ok
03:17:40.0168 0x0824  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
03:17:40.0170 0x0824  Mup - ok
03:17:40.0213 0x0824  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
03:17:40.0227 0x0824  napagent - ok
03:17:40.0253 0x0824  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:17:40.0262 0x0824  NativeWifiP - ok
03:17:40.0340 0x0824  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:17:40.0365 0x0824  NDIS - ok
03:17:40.0397 0x0824  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
03:17:40.0399 0x0824  NdisCap - ok
03:17:40.0419 0x0824  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:17:40.0421 0x0824  NdisTapi - ok
03:17:40.0439 0x0824  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:17:40.0442 0x0824  Ndisuio - ok
03:17:40.0452 0x0824  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:17:40.0457 0x0824  NdisWan - ok
03:17:40.0475 0x0824  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:17:40.0478 0x0824  NDProxy - ok
03:17:40.0493 0x0824  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:17:40.0496 0x0824  NetBIOS - ok
03:17:40.0514 0x0824  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
03:17:40.0522 0x0824  NetBT - ok
03:17:40.0548 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
03:17:40.0551 0x0824  Netlogon - ok
03:17:40.0600 0x0824  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
03:17:40.0612 0x0824  Netman - ok
03:17:40.0637 0x0824  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
03:17:40.0651 0x0824  netprofm - ok
03:17:40.0681 0x0824  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:17:40.0685 0x0824  NetTcpPortSharing - ok
03:17:40.0699 0x0824  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
03:17:40.0702 0x0824  nfrd960 - ok
03:17:40.0741 0x0824  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:17:40.0751 0x0824  NlaSvc - ok
03:17:40.0783 0x0824  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:17:40.0785 0x0824  Npfs - ok
03:17:40.0815 0x0824  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
03:17:40.0819 0x0824  nsi - ok
03:17:40.0836 0x0824  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:17:40.0837 0x0824  nsiproxy - ok
03:17:40.0922 0x0824  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:17:40.0979 0x0824  Ntfs - ok
03:17:41.0009 0x0824  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
03:17:41.0010 0x0824  Null - ok
03:17:41.0036 0x0824  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
03:17:41.0048 0x0824  NVENETFD - ok
03:17:41.0068 0x0824  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:17:41.0073 0x0824  nvraid - ok
03:17:41.0103 0x0824  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:17:41.0108 0x0824  nvstor - ok
03:17:41.0145 0x0824  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:17:41.0149 0x0824  nv_agp - ok
03:17:41.0171 0x0824  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:17:41.0174 0x0824  ohci1394 - ok
03:17:41.0210 0x0824  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:17:41.0216 0x0824  ose - ok
03:17:41.0417 0x0824  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:17:41.0577 0x0824  osppsvc - ok
03:17:41.0618 0x0824  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
03:17:41.0628 0x0824  p2pimsvc - ok
03:17:41.0652 0x0824  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
03:17:41.0666 0x0824  p2psvc - ok
03:17:41.0692 0x0824  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
03:17:41.0696 0x0824  Parport - ok
03:17:41.0724 0x0824  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:17:41.0727 0x0824  partmgr - ok
03:17:41.0751 0x0824  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:17:41.0759 0x0824  PcaSvc - ok
03:17:41.0770 0x0824  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
03:17:41.0776 0x0824  pci - ok
03:17:41.0800 0x0824  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
03:17:41.0801 0x0824  pciide - ok
03:17:41.0832 0x0824  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
03:17:41.0838 0x0824  pcmcia - ok
03:17:41.0870 0x0824  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
03:17:41.0873 0x0824  pcw - ok
03:17:41.0906 0x0824  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:17:41.0924 0x0824  PEAUTH - ok
03:17:41.0985 0x0824  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
03:17:41.0988 0x0824  PerfHost - ok
03:17:42.0070 0x0824  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
03:17:42.0108 0x0824  pla - ok
03:17:42.0150 0x0824  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:17:42.0164 0x0824  PlugPlay - ok
03:17:42.0179 0x0824  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
03:17:42.0183 0x0824  PNRPAutoReg - ok
03:17:42.0218 0x0824  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
03:17:42.0228 0x0824  PNRPsvc - ok
03:17:42.0280 0x0824  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:17:42.0295 0x0824  PolicyAgent - ok
03:17:42.0331 0x0824  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
03:17:42.0340 0x0824  Power - ok
03:17:42.0369 0x0824  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:17:42.0373 0x0824  PptpMiniport - ok
03:17:42.0393 0x0824  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
03:17:42.0396 0x0824  Processor - ok
03:17:42.0429 0x0824  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
03:17:42.0437 0x0824  ProfSvc - ok
03:17:42.0459 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
03:17:42.0462 0x0824  ProtectedStorage - ok
03:17:42.0491 0x0824  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
03:17:42.0495 0x0824  Psched - ok
03:17:42.0573 0x0824  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
03:17:42.0613 0x0824  ql2300 - ok
03:17:42.0647 0x0824  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
03:17:42.0652 0x0824  ql40xx - ok
03:17:42.0683 0x0824  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
03:17:42.0693 0x0824  QWAVE - ok
03:17:42.0727 0x0824  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:17:42.0729 0x0824  QWAVEdrv - ok
03:17:42.0752 0x0824  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:17:42.0753 0x0824  RasAcd - ok
03:17:42.0774 0x0824  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
03:17:42.0777 0x0824  RasAgileVpn - ok
03:17:42.0797 0x0824  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
03:17:42.0804 0x0824  RasAuto - ok
03:17:42.0814 0x0824  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:17:42.0818 0x0824  Rasl2tp - ok
03:17:42.0850 0x0824  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
03:17:42.0863 0x0824  RasMan - ok
03:17:42.0872 0x0824  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:17:42.0875 0x0824  RasPppoe - ok
03:17:42.0891 0x0824  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:17:42.0895 0x0824  RasSstp - ok
03:17:42.0935 0x0824  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:17:42.0944 0x0824  rdbss - ok
03:17:42.0961 0x0824  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
03:17:42.0963 0x0824  rdpbus - ok
03:17:42.0977 0x0824  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:17:42.0979 0x0824  RDPCDD - ok
03:17:42.0988 0x0824  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:17:42.0989 0x0824  RDPENCDD - ok
03:17:43.0000 0x0824  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
03:17:43.0001 0x0824  RDPREFMP - ok
03:17:43.0038 0x0824  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:17:43.0045 0x0824  RDPWD - ok
03:17:43.0075 0x0824  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
03:17:43.0082 0x0824  rdyboost - ok
03:17:43.0126 0x0824  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:17:43.0131 0x0824  RemoteAccess - ok
03:17:43.0164 0x0824  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:17:43.0172 0x0824  RemoteRegistry - ok
03:17:43.0215 0x0824  [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
03:17:43.0226 0x0824  RoxioNow Service - ok
03:17:43.0247 0x0824  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
03:17:43.0252 0x0824  RpcEptMapper - ok
03:17:43.0273 0x0824  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
03:17:43.0276 0x0824  RpcLocator - ok
03:17:43.0308 0x0824  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
03:17:43.0322 0x0824  RpcSs - ok
03:17:43.0410 0x0824  [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
03:17:43.0419 0x0824  RSPCIESTOR - ok
03:17:43.0453 0x0824  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:17:43.0456 0x0824  rspndr - ok
03:17:43.0524 0x0824  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
03:17:43.0532 0x0824  RtkAudioService - ok
03:17:43.0619 0x0824  [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
03:17:43.0642 0x0824  RTL8167 - ok
03:17:43.0725 0x0824  [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
03:17:43.0755 0x0824  RTL8192Ce - ok
03:17:43.0781 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
03:17:43.0784 0x0824  SamSs - ok
03:17:43.0818 0x0824  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:17:43.0822 0x0824  sbp2port - ok
03:17:43.0858 0x0824  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:17:43.0867 0x0824  SCardSvr - ok
03:17:43.0887 0x0824  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
03:17:43.0889 0x0824  scfilter - ok
03:17:43.0942 0x0824  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
03:17:43.0969 0x0824  Schedule - ok
03:17:44.0009 0x0824  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:17:44.0011 0x0824  SCPolicySvc - ok
03:17:44.0030 0x0824  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
03:17:44.0034 0x0824  sdbus - ok
03:17:44.0064 0x0824  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:17:44.0072 0x0824  SDRSVC - ok
03:17:44.0085 0x0824  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:17:44.0087 0x0824  secdrv - ok
03:17:44.0109 0x0824  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
03:17:44.0114 0x0824  seclogon - ok
03:17:44.0133 0x0824  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
03:17:44.0139 0x0824  SENS - ok
03:17:44.0145 0x0824  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
03:17:44.0151 0x0824  SensrSvc - ok
03:17:44.0170 0x0824  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
03:17:44.0172 0x0824  Serenum - ok
03:17:44.0205 0x0824  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
03:17:44.0209 0x0824  Serial - ok
03:17:44.0250 0x0824  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
03:17:44.0252 0x0824  sermouse - ok
03:17:44.0296 0x0824  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
03:17:44.0303 0x0824  SessionEnv - ok
03:17:44.0328 0x0824  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:17:44.0330 0x0824  sffdisk - ok
03:17:44.0350 0x0824  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:17:44.0352 0x0824  sffp_mmc - ok
03:17:44.0379 0x0824  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:17:44.0381 0x0824  sffp_sd - ok
03:17:44.0389 0x0824  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
03:17:44.0390 0x0824  sfloppy - ok
03:17:44.0439 0x0824  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
03:17:44.0459 0x0824  Sftfs - ok
03:17:44.0530 0x0824  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
03:17:44.0544 0x0824  sftlist - ok
03:17:44.0581 0x0824  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
03:17:44.0589 0x0824  Sftplay - ok
03:17:44.0608 0x0824  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
03:17:44.0610 0x0824  Sftredir - ok
03:17:44.0631 0x0824  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
03:17:44.0633 0x0824  Sftvol - ok
03:17:44.0666 0x0824  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
03:17:44.0672 0x0824  sftvsa - ok
03:17:44.0728 0x0824  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:17:44.0740 0x0824  SharedAccess - ok
03:17:44.0783 0x0824  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:17:44.0795 0x0824  ShellHWDetection - ok
03:17:44.0815 0x0824  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
03:17:44.0818 0x0824  SiSRaid2 - ok
03:17:44.0852 0x0824  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
03:17:44.0855 0x0824  SiSRaid4 - ok
03:17:44.0881 0x0824  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:17:44.0884 0x0824  Smb - ok
03:17:44.0914 0x0824  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:17:44.0918 0x0824  SNMPTRAP - ok
03:17:44.0938 0x0824  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:17:44.0940 0x0824  spldr - ok
03:17:44.0975 0x0824  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
03:17:44.0990 0x0824  Spooler - ok
03:17:45.0116 0x0824  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
03:17:45.0207 0x0824  sppsvc - ok
03:17:45.0242 0x0824  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
03:17:45.0248 0x0824  sppuinotify - ok
03:17:45.0284 0x0824  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:17:45.0297 0x0824  srv - ok
03:17:45.0324 0x0824  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:17:45.0335 0x0824  srv2 - ok
03:17:45.0370 0x0824  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
03:17:45.0378 0x0824  SrvHsfHDA - ok
03:17:45.0453 0x0824  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
03:17:45.0492 0x0824  SrvHsfV92 - ok
03:17:45.0539 0x0824  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
03:17:45.0559 0x0824  SrvHsfWinac - ok
03:17:45.0593 0x0824  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:17:45.0599 0x0824  srvnet - ok
03:17:45.0645 0x0824  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:17:45.0653 0x0824  SSDPSRV - ok
03:17:45.0667 0x0824  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:17:45.0674 0x0824  SstpSvc - ok
03:17:45.0695 0x0824  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
03:17:45.0698 0x0824  stexstor - ok
03:17:45.0726 0x0824  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
03:17:45.0743 0x0824  stisvc - ok
03:17:45.0768 0x0824  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
03:17:45.0770 0x0824  swenum - ok
03:17:45.0814 0x0824  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
03:17:45.0831 0x0824  swprv - ok
03:17:45.0886 0x0824  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
03:17:45.0897 0x0824  SynTP - ok
03:17:45.0974 0x0824  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
03:17:46.0015 0x0824  SysMain - ok
03:17:46.0052 0x0824  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:17:46.0058 0x0824  TabletInputService - ok
03:17:46.0088 0x0824  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:17:46.0100 0x0824  TapiSrv - ok
03:17:46.0120 0x0824  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
03:17:46.0126 0x0824  TBS - ok
03:17:46.0271 0x0824  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:17:46.0322 0x0824  Tcpip - ok
03:17:46.0386 0x0824  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
03:17:46.0429 0x0824  TCPIP6 - ok
03:17:46.0470 0x0824  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:17:46.0472 0x0824  tcpipreg - ok
03:17:46.0498 0x0824  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:17:46.0500 0x0824  TDPIPE - ok
03:17:46.0523 0x0824  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:17:46.0525 0x0824  TDTCP - ok
03:17:46.0547 0x0824  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:17:46.0551 0x0824  tdx - ok
03:17:46.0569 0x0824  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
03:17:46.0572 0x0824  TermDD - ok
03:17:46.0625 0x0824  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
03:17:46.0643 0x0824  TermService - ok
03:17:46.0665 0x0824  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
03:17:46.0671 0x0824  Themes - ok
03:17:46.0685 0x0824  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
03:17:46.0689 0x0824  THREADORDER - ok
03:17:46.0701 0x0824  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
03:17:46.0708 0x0824  TrkWks - ok
03:17:46.0759 0x0824  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:17:46.0765 0x0824  TrustedInstaller - ok
03:17:46.0808 0x0824  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:17:46.0810 0x0824  tssecsrv - ok
03:17:46.0849 0x0824  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
03:17:46.0851 0x0824  TsUsbFlt - ok
03:17:46.0867 0x0824  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
03:17:46.0869 0x0824  TsUsbGD - ok
03:17:46.0890 0x0824  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:17:46.0895 0x0824  tunnel - ok
03:17:46.0919 0x0824  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
03:17:46.0922 0x0824  uagp35 - ok
03:17:46.0953 0x0824  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:17:46.0963 0x0824  udfs - ok
03:17:46.0999 0x0824  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:17:47.0005 0x0824  UI0Detect - ok
03:17:47.0027 0x0824  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:17:47.0030 0x0824  uliagpkx - ok
03:17:47.0058 0x0824  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
03:17:47.0060 0x0824  umbus - ok
03:17:47.0091 0x0824  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
03:17:47.0093 0x0824  UmPass - ok
03:17:47.0122 0x0824  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
03:17:47.0134 0x0824  upnphost - ok
03:17:47.0167 0x0824  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:17:47.0171 0x0824  usbccgp - ok
03:17:47.0193 0x0824  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:17:47.0197 0x0824  usbcir - ok
03:17:47.0214 0x0824  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
03:17:47.0217 0x0824  usbehci - ok
03:17:47.0243 0x0824  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
03:17:47.0253 0x0824  usbhub - ok
03:17:47.0273 0x0824  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
03:17:47.0275 0x0824  usbohci - ok
03:17:47.0298 0x0824  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
03:17:47.0300 0x0824  usbprint - ok
03:17:47.0318 0x0824  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:17:47.0323 0x0824  USBSTOR - ok
03:17:47.0360 0x0824  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
03:17:47.0362 0x0824  usbuhci - ok
03:17:47.0406 0x0824  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
03:17:47.0412 0x0824  usbvideo - ok
03:17:47.0441 0x0824  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
03:17:47.0447 0x0824  UxSms - ok
03:17:47.0470 0x0824  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
03:17:47.0473 0x0824  VaultSvc - ok
03:17:47.0495 0x0824  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
03:17:47.0497 0x0824  vdrvroot - ok
03:17:47.0530 0x0824  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
03:17:47.0547 0x0824  vds - ok
03:17:47.0582 0x0824  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:17:47.0584 0x0824  vga - ok
03:17:47.0598 0x0824  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:17:47.0600 0x0824  VgaSave - ok
03:17:47.0629 0x0824  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
03:17:47.0635 0x0824  vhdmp - ok
03:17:47.0669 0x0824  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
03:17:47.0671 0x0824  viaide - ok
03:17:47.0707 0x0824  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:17:47.0711 0x0824  volmgr - ok
03:17:47.0735 0x0824  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:17:47.0745 0x0824  volmgrx - ok
03:17:47.0773 0x0824  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:17:47.0782 0x0824  volsnap - ok
03:17:47.0809 0x0824  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
03:17:47.0814 0x0824  vsmraid - ok
03:17:47.0894 0x0824  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
03:17:47.0939 0x0824  VSS - ok
03:17:47.0970 0x0824  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
03:17:47.0972 0x0824  vwifibus - ok
03:17:47.0989 0x0824  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
03:17:47.0992 0x0824  vwififlt - ok
03:17:48.0026 0x0824  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
03:17:48.0038 0x0824  W32Time - ok
03:17:48.0057 0x0824  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
03:17:48.0060 0x0824  WacomPen - ok
03:17:48.0068 0x0824  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
03:17:48.0072 0x0824  WANARP - ok
03:17:48.0093 0x0824  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:17:48.0096 0x0824  Wanarpv6 - ok
03:17:48.0166 0x0824  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
03:17:48.0200 0x0824  WatAdminSvc - ok
03:17:48.0276 0x0824  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
03:17:48.0318 0x0824  wbengine - ok
03:17:48.0353 0x0824  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
03:17:48.0362 0x0824  WbioSrvc - ok
03:17:48.0386 0x0824  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:17:48.0399 0x0824  wcncsvc - ok
03:17:48.0431 0x0824  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:17:48.0436 0x0824  WcsPlugInService - ok
03:17:48.0460 0x0824  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
03:17:48.0462 0x0824  Wd - ok
03:17:48.0519 0x0824  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:17:48.0543 0x0824  Wdf01000 - ok
03:17:48.0564 0x0824  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:17:48.0571 0x0824  WdiServiceHost - ok
03:17:48.0579 0x0824  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:17:48.0585 0x0824  WdiSystemHost - ok
03:17:48.0628 0x0824  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
03:17:48.0638 0x0824  WebClient - ok
03:17:48.0685 0x0824  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:17:48.0695 0x0824  Wecsvc - ok
03:17:48.0710 0x0824  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:17:48.0716 0x0824  wercplsupport - ok
03:17:48.0734 0x0824  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:17:48.0740 0x0824  WerSvc - ok
03:17:48.0765 0x0824  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
03:17:48.0766 0x0824  WfpLwf - ok
03:17:48.0785 0x0824  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
03:17:48.0787 0x0824  WIMMount - ok
03:17:48.0817 0x0824  WinDefend - ok
03:17:48.0825 0x0824  WinHttpAutoProxySvc - ok
03:17:48.0876 0x0824  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:17:48.0884 0x0824  Winmgmt - ok
03:17:48.0976 0x0824  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
03:17:49.0030 0x0824  WinRM - ok
03:17:49.0084 0x0824  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
03:17:49.0087 0x0824  WinUsb - ok
03:17:49.0133 0x0824  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:17:49.0156 0x0824  Wlansvc - ok
03:17:49.0195 0x0824  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:17:49.0198 0x0824  wlcrasvc - ok
03:17:49.0299 0x0824  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:17:49.0357 0x0824  wlidsvc - ok
03:17:49.0401 0x0824  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
03:17:49.0402 0x0824  WmiAcpi - ok
03:17:49.0447 0x0824  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:17:49.0453 0x0824  wmiApSrv - ok
03:17:49.0483 0x0824  WMPNetworkSvc - ok
03:17:49.0511 0x0824  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:17:49.0516 0x0824  WPCSvc - ok
03:17:49.0530 0x0824  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:17:49.0538 0x0824  WPDBusEnum - ok
03:17:49.0567 0x0824  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:17:49.0569 0x0824  ws2ifsl - ok
03:17:49.0584 0x0824  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
03:17:49.0592 0x0824  wscsvc - ok
03:17:49.0598 0x0824  WSearch - ok
03:17:49.0707 0x0824  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:17:49.0771 0x0824  wuauserv - ok
03:17:49.0812 0x0824  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:17:49.0815 0x0824  WudfPf - ok
03:17:49.0840 0x0824  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:17:49.0847 0x0824  WUDFRd - ok
03:17:49.0865 0x0824  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:17:49.0873 0x0824  wudfsvc - ok
03:17:49.0906 0x0824  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
03:17:49.0917 0x0824  WwanSvc - ok
03:17:49.0927 0x0824  ================ Scan global ===============================
03:17:49.0979 0x0824  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
03:17:50.0021 0x0824  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
03:17:50.0039 0x0824  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
03:17:50.0072 0x0824  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
03:17:50.0115 0x0824  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
03:17:50.0126 0x0824  [ Global ] - ok
03:17:50.0127 0x0824  ================ Scan MBR ==================================
03:17:50.0143 0x0824  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
03:17:50.0144 0x0824  Suspicious mbr (Forged): \Device\Harddisk0\DR0
03:17:50.0246 0x0824  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a ( 0 )
03:17:50.0246 0x0824  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
03:17:52.0761 0x0824  ================ Scan VBR ==================================
03:17:52.0852 0x0824  [ 5D4E390FFF451DB24DA20AE32DD517C4 ] \Device\Harddisk0\DR0\Partition1
03:17:52.0853 0x0824  \Device\Harddisk0\DR0\Partition1 - ok
03:17:52.0866 0x0824  [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2
03:17:52.0868 0x0824  \Device\Harddisk0\DR0\Partition2 - ok
03:17:52.0895 0x0824  [ B6DBB97E5B76B359CD024E79D8E00344 ] \Device\Harddisk0\DR0\Partition3
03:17:52.0897 0x0824  \Device\Harddisk0\DR0\Partition3 - ok
03:17:52.0912 0x0824  [ 0A5BE981B0FFD8E59527DEB079BD397B ] \Device\Harddisk0\DR0\Partition4
03:17:52.0913 0x0824  \Device\Harddisk0\DR0\Partition4 - ok
03:17:52.0914 0x0824  Waiting for KSN requests completion. In queue: 28
03:17:53.0914 0x0824  Waiting for KSN requests completion. In queue: 28
03:17:54.0915 0x0824  Waiting for KSN requests completion. In queue: 28
03:17:56.0009 0x0824  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated )
03:17:56.0146 0x0824  Win FW state via NFP2: enabled
03:17:58.0667 0x0824  ============================================================
03:17:58.0667 0x0824  Scan finished
03:17:58.0667 0x0824  ============================================================
03:17:58.0678 0x0980  Detected object count: 1
03:17:58.0678 0x0980  Actual detected object count: 1

Link to post
Share on other sites

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

    [*]Click Finish. [*]On the Dashboard, click the 'Update Now >>' link [*]After the update completes, navigate to the Scan tab, select Custom Scan. [*]Click the Scan Now >> button. [*]Under 'Custom Scanning Options' uncheck all boxes. [*]Select only 'Scan for rootkits'. [*]Do not select any drive letter. [*]Click 'Start Scan'. [*]When the scan is complete, click on 'Cancel'. [*]Click Yes at the next message. [*]Click on the History tab > Application Logs. [*]Double click on the scan log which shows the Date and time of the scan just performed. [*]Click 'Copy to Clipboard' [*]Paste the contents of the clipboard into your reply.

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/9/2014
Scan Time: 4:54:51 AM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.09.03
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: walmart

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 199919
Time Elapsed: 23 min, 57 sec

Memory: Disabled
Startup: Disabled
Filesystem: Disabled
Archives: Disabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 1
Forged physical sector, Physical Sector #625142190 on Drive #0, No Action By User, [de03fe65a6765caa8c91343acc62cffc],


(end)

Link to post
Share on other sites

Rootkit Scan with Malwarebytes Antimalware

  • On the Scan tab, select Custom Scan.
  • Click the Scan Now >> button.
  • Under 'Custom Scanning Options' uncheck all boxes.
  • Select only 'Scan for rootkits'.
  • Do not select any drive letter.
  • Click 'Start Scan'. If an update is available, click the Update Now button.
  • When the scan is complete, if there have been detections, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
    Note:
    If there were no detections, you can click on the 'View detailed log' link after the scan completes.

Link to post
Share on other sites