Jump to content

Possible infection/possible false positive


Recommended Posts

Hello, MBAM is coming up clean but MSE occasionally pops up and tells me threats are being detected. When I check the history, Trojan:DOS/Alureon.J was detected, however, an error code of 0x80508023 says the program could not find the malware and other potentially unwanted software on the computer.

A quick scan of MSE also comes up clean.

Here are the logs from farbar:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-10-2014

Ran by Tim (administrator) on TSR on 01-10-2014 14:44:59

Running from C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2212OU44

Loaded Profile: Tim (Available profiles: Tim)

Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Starfield Technologies) C:\Program Files\Workspace\offSyncService.exe

(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

(Starfield Technologies) C:\Users\Tim\AppData\Local\Workspace\workspaceupdate.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(Southwest Securities, Inc.) C:\Program Files\SWS\SWSAgent\Sws.Agent.Service.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [stanley-H_XRX_S2P] => C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe [253952 2010-01-26] ()

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)

HKLM\...\Run: [intuit SyncManager] => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [3761464 2013-09-30] (Intuit Inc. All rights reserved.)

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKU\S-1-5-21-2371214144-1427845669-1413801427-1000\...\Run: [starfield Updater] => C:\Users\Tim\AppData\Local\Workspace\workspaceupdate.exe [35008 2013-05-15] (Starfield Technologies)

HKU\S-1-5-21-2371214144-1427845669-1413801427-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)

ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files\Workspace\offsyncext.dll (Starfield Technologies, LLC)

ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files\Workspace\offsyncext.dll (Starfield Technologies, LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: {A1B8A30B-8AAA-4A3E-8869-1DA509E8A011} https://reports.igrs-ips.com/crystalreportviewers10/ActiveXControls/ActiveXViewer.cab

Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 10.1.10.1

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @starfield.com/off -> C:\Users\Tim\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)

FF Plugin HKCU: @starfield.com/wbe -> C:\Users\Tim\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)

FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)

FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)

FF Extension: WBE Paste - C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2013-05-15]

FF Extension: Workspace Email Zoom - C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2013-05-15]

Chrome:

=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]

R2 File Backup; C:\Program Files\Workspace\offSyncService.exe [1187040 2013-07-22] (Starfield Technologies)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)

R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-02-04] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]

R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1257760 2011-03-05] (Intuit Inc.)

R2 Sws.Agent.Service; C:\Program Files\SWS\SWSAgent\Sws.Agent.Service.exe [50272 2012-04-24] (Southwest Securities, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]

R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [2747424 2009-09-04] (Realtek Semiconductor Corp.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)

R1 MpKsl02b23edc; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F574392-E885-4386-A741-A6A884B2E4AC}\MpKsl02b23edc.sys [39464 2014-10-01] (Microsoft Corporation)

R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)

R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]

U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 14:44 - 2014-10-01 14:45 - 00000000 ____D () C:\FRST

2014-10-01 13:58 - 2014-10-01 13:58 - 00000056 _____ () C:\Windows\setupact.log

2014-10-01 13:58 - 2014-10-01 13:58 - 00000000 _____ () C:\Windows\setuperr.log

2014-10-01 11:57 - 2014-10-01 12:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-10-01 11:56 - 2014-10-01 12:08 - 00000000 ____D () C:\Users\Tim\Desktop\mbar

2014-10-01 11:08 - 2014-07-08 21:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-10-01 11:08 - 2014-07-08 21:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-10-01 11:08 - 2014-07-08 21:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-10-01 11:08 - 2014-07-08 21:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-10-01 11:08 - 2014-07-08 21:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-10-01 11:08 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-10-01 08:17 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-09-24 08:11 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-09-22 10:58 - 2014-10-01 14:03 - 00503347 _____ () C:\Windows\WindowsUpdate.log

2014-09-12 03:12 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-09-12 03:12 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-12 03:12 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-09-12 03:12 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-12 03:12 - 2014-08-18 17:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-09-12 03:12 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-09-12 03:12 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-09-12 03:12 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-09-12 03:12 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-09-12 03:12 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-12 03:12 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-12 03:12 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-09-12 03:12 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-12 03:12 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-12 03:12 - 2014-08-18 17:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-09-12 03:12 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-09-12 03:12 - 2014-08-18 17:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-12 03:12 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-12 03:12 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-12 03:12 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-09-12 03:12 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-12 03:12 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-12 03:12 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-12 03:12 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-12 03:12 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-12 03:12 - 2014-08-18 17:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-09-12 03:12 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-09-12 03:12 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-12 03:12 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-09-12 03:12 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-09-12 03:11 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-09-11 08:20 - 2014-07-06 21:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-09-11 08:20 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-09-11 08:19 - 2014-09-04 21:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-09-11 08:19 - 2014-09-04 21:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-09-11 08:19 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-09-11 08:19 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-09-03 10:07 - 2014-09-03 10:07 - 00010176 _____ () C:\Users\Tim\Downloads\_1_0BC49F800BC48078005CA97685257D41

2014-09-02 09:20 - 2014-09-02 09:20 - 00000000 ____D () C:\Users\Tim\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 14:11 - 2012-03-29 14:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-01 14:05 - 2009-07-14 00:34 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-01 14:05 - 2009-07-14 00:34 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-01 13:58 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-01 11:57 - 2014-07-09 10:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-01 11:56 - 2014-07-09 10:05 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-10-01 11:35 - 2014-03-10 12:14 - 00022016 _____ () C:\Users\Tim\Desktop\Nanny.xls

2014-10-01 11:34 - 2009-07-14 00:33 - 00377000 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-10-01 11:33 - 2013-03-24 19:46 - 00002687 _____ () C:\Users\Public\Desktop\ANICO Life Portraits ES.lnk

2014-10-01 11:33 - 2011-12-01 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Portraits ES

2014-10-01 11:33 - 2011-12-01 17:51 - 00000000 ____D () C:\LPES

2014-10-01 10:13 - 2011-12-01 16:15 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-10-01 10:13 - 2011-12-01 16:15 - 00000000 ____D () C:\Program Files\CCleaner

2014-09-24 11:11 - 2012-03-29 14:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-09-24 11:11 - 2011-12-01 16:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-09-22 02:41 - 2011-12-01 15:24 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-09-18 15:20 - 2011-12-01 17:48 - 00000000 ____D () C:\WinFlex6

2014-09-18 13:44 - 2013-01-26 16:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-09-12 08:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache

2014-09-12 03:37 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-09-12 03:11 - 2013-08-15 03:10 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-12 03:08 - 2011-12-01 15:30 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-09-12 03:07 - 2012-05-01 03:01 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-09-12 03:07 - 2011-12-01 15:48 - 00001945 _____ () C:\Windows\epplauncher.mif

2014-09-12 03:07 - 2011-12-01 15:48 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-09-12 03:06 - 2014-05-03 17:01 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-09-12 03:02 - 2010-11-20 17:01 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-03 10:34 - 2014-08-28 12:38 - 00017920 _____ () C:\Users\Tim\Desktop\Regina Academy Census.xls

2014-09-02 11:47 - 2012-06-12 17:07 - 00000000 ____D () C:\Users\Tim\AppData\Local\Deployment

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-26 17:07

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-10-2014

Ran by Tim at 2014-10-01 14:45:51

Running from C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2212OU44

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}

AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden

BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)

BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden

Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}) (Version: 12.25.02 - Broadcom Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)

Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.12068.0 - Cisco Consumer Products LLC)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Corporate Records Forms (HKLM\...\Corporate Records Forms) (Version: - )

CSS Bloomberg Queue Reader (HKLM\...\{6467A27F-1C62-4DCB-8CEC-391366622253}) (Version: 7.0.1534.0 - Comprehensive Software Systems, LLC)

CSS Business Services Client 2.0 (HKLM\...\{ACF63D75-7B07-4428-BA56-A83C317FAE83}) (Version: 2.2.69.0 - Comprehensive Software Systems, LLC)

CSS Cashiering Service Client 2.2.46.0 (HKLM\...\{393EE639-CD4B-41D2-9C6B-579B8F86E3DD}) (Version: 2.2.46.0 - Comprehensive Software Systems, LLC)

CSS Cost Basis Client 7.0.1703 (HKLM\...\{FE07AAA5-660F-4133-9864-2F8EBEFB164E}) (Version: 7.0.1703 - CSS)

CSS Cost Basis Reporting Services 7.0.1666 (HKLM\...\{A31A46D8-ED5E-4347-8D89-466DA56B2C2D}) (Version: 7.0.1666 - CSS)

CSS Framework 1.0.36.6 (HKLM\...\{2AFBF07F-704C-437C-A29F-D88E60F740B7}) (Version: 1.36.6 - CSS)

CSS Framework 2.0.30 (HKLM\...\{2B088A3C-7A0B-4FC3-A9A5-4A0BD5C2F021}) (Version: 2.0.30 - CSS)

CSS Framework 3.0 (HKLM\...\{07F6C864-C098-4883-A3DE-A962D4591E80}) (Version: 3.0.49.0 - Comprehensive Software Systems, LLC)

CSS LOPR Client (HKLM\...\{0B589839-CD8B-4384-8175-99C27C82CBA1}) (Version: 1.0.0 - CSS)

CSS Mutual Funds Client 7.0.1790 (HKLM\...\{972E2C37-C045-4D3F-9D93-DA7D67BF28B6}) (Version: 7.0.1790 - CSS)

CSS Obligation Warehouse Client 7.0.1662 (HKLM\...\{B486720E-CC16-4A6C-A60B-93B06433E6C9}) (Version: 7.0.1662 - CSS)

CSS Omgeo Access (HKLM\...\{814E73BE-585F-4B90-A284-E3D618C55DDF}) (Version: 7.0.33 - CSS)

CSS Omgeo Alert STP - Client (HKLM\...\{B381DA0B-2182-423C-B7F7-9414C553ED79}) (Version: 1.0.0 - CSS)

CSS Operations Framework 2.0.1 (HKLM\...\{208E608F-AC7D-4E01-8D2B-A34897420A54}) (Version: 2.0.1 - CSS)

CSS Review and Release Client 7.0.1348 (HKLM\...\{82A767D7-3E90-4ECA-9591-DD3122912DA6}) (Version: 7.0.1348 - CSS)

CSS Segregation Management (HKLM\...\{7D135D8F-B544-4EBE-BF2A-FDD64F6455D3}) (Version: 6.0.234 - CSS)

CSS Stock Record Viewer 7.0.1404 (HKLM\...\{7E727C8D-5C1D-445F-8A3D-5F48A4E68A02}) (Version: 7.0.1404 - CSS)

Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)

Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.3.039 - Dell Inc.)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )

GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)

Incorporation Forms (HKLM\...\Incorporation Forms) (Version: - )

Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden

Life Portraits® ES Desktop - AMN (HKLM\...\{D71EC6FC-9719-47DE-844C-D06ADDC64704}) (Version: 2.95.110 - StoneRiver, Inc)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

Mutual of Omaha - Health (HKLM\...\Mutual of Omaha - Health_is1) (Version: - Ebix Exchange, INC)

Mutual of Omaha (HKLM\...\Mutual of Omaha_is1) (Version: - Ebix Exchange, INC)

QuickBooks (Version: 21.0.4014.904 - Intuit Inc.) Hidden

QuickBooks Pro 2011 (HKLM\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5871 - Realtek Semiconductor Corp.)

Southwest Securities Inc. - Q (HKLM\...\{BAACF1A5-EEB0-4441-BBE3-1A49D29B1521}) (Version: 6.70.0000 - Southwest Securities Inc.)

UPEK TouchChip Fingerprint Reader (Version: 1.1.0 - Dell Inc.) Hidden

Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (HKLM\...\9D57DE505B6D8C710EF3B74BE638DBB936EED8A3) (Version: 01/07/2008 1.0.1.5 - Dell Inc.)

WinFlex 6 (HKLM\...\WinFlex 6_is1) (Version: 6.103.0.21 - Ebix Exchange, INC)

Workspace Desktop (HKCU\...\workspacedesktop) (Version: - Starfield Technologies)

Xerox WorkCentre 3220 (HKLM\...\Xerox WorkCentre 3220) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{1B3210AF-E236-46D4-83EF-6421F2FF543C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Tim\AppData\Local\Workspace\gdeditwrapperax15.dll (Starfield Technologies)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{1E78DD72-771E-42BF-8B4B-363CEB18E07B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{22664BE2-0806-4BA4-8643-DE40C9149176}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{2A9EBDB5-0600-4E8C-B910-4001BEB2DD8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{349D777D-F7A2-4AAE-967F-A54F05A7FF3B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBFinder.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38F58721-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\COMObjectFactory.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38F58742-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38F58743-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{38F58744-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{3E1A2BBD-5707-4646-B268-518B997DC94D}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{5249684A-D7A2-4DBE-94F4-B90923A7BC64}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{70478C56-E77F-4134-B3E3-3B18EE036D71}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{A58C4EAB-2DB8-445E-9CAE-2AE197A5C708}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Tim\AppData\Local\Workspace\wbetoolsax.dll (Starfield Technology, LLC)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{BCD594EA-15C3-4FD8-B92B-114BB9694537}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCtrIPMDS2.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{CE18240D-F3F8-43AE-9EA0-A0DC85A95375}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{D9BC6FC1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{E6E4DF8B-17CE-43ED-B2C7-2CE10457552D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{E7D2D0F6-B754-438D-B5C9-BF848D311A0F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

CustomCLSID: HKU\S-1-5-21-2371214144-1427845669-1413801427-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

==================== Restore Points =========================

29-08-2014 07:00:21 Windows Update

02-09-2014 12:33:33 Windows Update

05-09-2014 12:54:57 Windows Update

08-09-2014 20:47:27 Windows Update

12-09-2014 07:00:26 Windows Update

15-09-2014 12:50:29 Windows Update

18-09-2014 18:17:40 Windows Update

22-09-2014 13:02:14 Windows Update

25-09-2014 07:00:28 Windows Update

29-09-2014 13:50:27 Windows Update

01-10-2014 15:08:22 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2013-01-26 16:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {75E8126F-E157-4E58-8591-798F28DB0F4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)

Task: {9A85F499-DC49-47B1-9053-358C49DBFC33} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-11-05 11:02 - 2012-11-05 11:02 - 00024064 _____ () C:\Windows\System32\sxs2ml3.dll

2011-12-01 16:51 - 2009-04-02 10:58 - 00094208 _____ () C:\Windows\System32\XeroxFaxPort.dll

2010-03-29 13:03 - 2010-03-29 13:03 - 00274432 _____ () C:\Windows\system32\SaMinDrv.dll

2011-12-01 16:51 - 2010-01-26 02:53 - 00253952 _____ () C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe

2011-12-01 16:51 - 2008-10-28 02:02 - 00184320 _____ () C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\IMFilter.dll

2011-12-01 16:51 - 2008-10-28 02:03 - 01384520 _____ () C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\ssole.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup

MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2371214144-1427845669-1413801427-500 - Administrator - Disabled)

Guest (S-1-5-21-2371214144-1427845669-1413801427-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2371214144-1427845669-1413801427-1002 - Limited - Enabled)

Tim (S-1-5-21-2371214144-1427845669-1413801427-1000 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: The index cannot be initialized.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: The application cannot be initialized.

Context: Windows Application

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:

The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description: The Windows Search Service cannot open the Jet property store.

Details:

0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (10/01/2014 01:58:17 PM) (Source: ESENT) (EventID: 455) (User: )

Description: Windows (3320) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000B.log.

System errors:

=============

Error: (10/01/2014 01:58:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/01/2014 01:58:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (10/01/2014 11:21:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/01/2014 11:21:34 AM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (09/29/2014 01:35:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (09/23/2014 02:06:52 PM) (Source: Disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/23/2014 00:18:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (09/23/2014 00:18:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (09/22/2014 10:58:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/22/2014 10:58:08 AM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: The Windows Search service terminated with service-specific error %%-1073473535.

Microsoft Office Sessions:

=========================

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Context: Windows Application

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/01/2014 01:58:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

Element not found. (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Search.JetPropStore

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

4700

Error: (10/01/2014 01:58:17 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description:

Details:

0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (10/01/2014 01:58:17 PM) (Source: ESENT) (EventID: 455) (User: )

Description: Windows3320Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000B.log-1811

CodeIntegrity Errors:

===================================

Date: 2012-11-14 20:51:39.788

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-14 20:43:41.525

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-14 20:39:19.300

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU E7600 @ 3.06GHz

Percentage of memory in use: 48%

Total physical RAM: 3291.65 MB

Available physical RAM: 1682.23 MB

Total Pagefile: 6581.59 MB

Available Pagefile: 4705.84 MB

Total Virtual: 2047.88 MB

Available Virtual: 1918.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:256.84 GB) NTFS

Drive e: (USB20FD) (Removable) (Total:0.96 GB) (Free:0.93 GB) FAT

Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.46 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 1 (Size: 984 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=7.6 GB) - (Type=0C)

==================== End Of Log ============================

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )

    [*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.

Link to post
Share on other sites

GMER 2.1.19357 - http://www.gmer.net

Rootkit scan 2014-10-07 11:09:57

Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD322GJ rev.1AR10001 298.09GB

Running: zb9rz5dh.exe; Driver: C:\Users\Tim\AppData\Local\Temp\pxldipow.sys

---- Devices - GMER 2.1 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys

---- EOF - GMER 2.1 ----

11:11:41.0209 0x2b2c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

11:11:44.0178 0x2b2c ============================================================

11:11:44.0178 0x2b2c Current date / time: 2014/10/07 11:11:44.0178

11:11:44.0178 0x2b2c SystemInfo:

11:11:44.0178 0x2b2c

11:11:44.0178 0x2b2c OS Version: 6.1.7601 ServicePack: 1.0

11:11:44.0178 0x2b2c Product type: Workstation

11:11:44.0178 0x2b2c ComputerName: TSR

11:11:44.0178 0x2b2c UserName: Tim

11:11:44.0178 0x2b2c Windows directory: C:\Windows

11:11:44.0178 0x2b2c System windows directory: C:\Windows

11:11:44.0178 0x2b2c Processor architecture: Intel x86

11:11:44.0178 0x2b2c Number of processors: 2

11:11:44.0178 0x2b2c Page size: 0x1000

11:11:44.0178 0x2b2c Boot type: Normal boot

11:11:44.0178 0x2b2c ============================================================

11:11:46.0274 0x2b2c KLMD registered as C:\Windows\system32\drivers\24209796.sys

11:11:46.0539 0x2b2c System UUID: {94A84F58-FFF1-144F-0E2D-6D68A3B31EEF}

11:11:47.0152 0x2b2c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

11:11:47.0168 0x2b2c Drive \Device\Harddisk1\DR1 - Size: 0x3D800000 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

11:11:47.0183 0x2b2c Drive \Device\Harddisk2\DR2 - Size: 0x1E6C60000 ( 7.61 Gb ), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

11:11:47.0183 0x2b2c ============================================================

11:11:47.0183 0x2b2c \Device\Harddisk0\DR0:

11:11:47.0183 0x2b2c MBR partitions:

11:11:47.0183 0x2b2c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

11:11:47.0183 0x2b2c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800

11:11:47.0183 0x2b2c \Device\Harddisk1\DR1:

11:11:47.0183 0x2b2c MBR partitions:

11:11:47.0183 0x2b2c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EBFE0

11:11:47.0183 0x2b2c \Device\Harddisk2\DR2:

11:11:47.0183 0x2b2c MBR partitions:

11:11:47.0183 0x2b2c \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x38, BlocksNum 0xF362C8

11:11:47.0183 0x2b2c ============================================================

11:11:47.0199 0x2b2c C: <-> \Device\Harddisk0\DR0\Partition2

11:11:47.0215 0x2b2c ============================================================

11:11:47.0215 0x2b2c Initialize success

11:11:47.0215 0x2b2c ============================================================

11:12:15.0398 0x2a78 ============================================================

11:12:15.0398 0x2a78 Scan started

11:12:15.0398 0x2a78 Mode: Manual;

11:12:15.0398 0x2a78 ============================================================

11:12:15.0398 0x2a78 KSN ping started

11:12:18.0243 0x2a78 KSN ping finished: true

11:12:19.0152 0x2a78 ================ Scan system memory ========================

11:12:19.0152 0x2a78 System memory - ok

11:12:19.0152 0x2a78 ================ Scan services =============================

11:12:19.0262 0x2a78 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

11:12:19.0277 0x2a78 1394ohci - ok

11:12:19.0324 0x2a78 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys

11:12:19.0324 0x2a78 ACPI - ok

11:12:19.0340 0x2a78 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

11:12:19.0340 0x2a78 AcpiPmi - ok

11:12:19.0433 0x2a78 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

11:12:19.0433 0x2a78 AdobeARMservice - ok

11:12:19.0511 0x2a78 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

11:12:19.0511 0x2a78 AdobeFlashPlayerUpdateSvc - ok

11:12:19.0574 0x2a78 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

11:12:19.0589 0x2a78 adp94xx - ok

11:12:19.0605 0x2a78 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys

11:12:19.0605 0x2a78 adpahci - ok

11:12:19.0636 0x2a78 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys

11:12:19.0652 0x2a78 adpu320 - ok

11:12:19.0667 0x2a78 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

11:12:19.0667 0x2a78 AeLookupSvc - ok

11:12:19.0730 0x2a78 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys

11:12:19.0745 0x2a78 AFD - ok

11:12:19.0761 0x2a78 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys

11:12:19.0761 0x2a78 agp440 - ok

11:12:19.0808 0x2a78 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys

11:12:19.0808 0x2a78 aic78xx - ok

11:12:19.0823 0x2a78 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe

11:12:19.0839 0x2a78 ALG - ok

11:12:19.0870 0x2a78 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys

11:12:19.0870 0x2a78 aliide - ok

11:12:19.0901 0x2a78 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys

11:12:19.0901 0x2a78 amdagp - ok

11:12:19.0917 0x2a78 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys

11:12:19.0917 0x2a78 amdide - ok

11:12:19.0948 0x2a78 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

11:12:19.0948 0x2a78 AmdK8 - ok

11:12:19.0964 0x2a78 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

11:12:19.0964 0x2a78 AmdPPM - ok

11:12:19.0995 0x2a78 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys

11:12:19.0995 0x2a78 amdsata - ok

11:12:20.0026 0x2a78 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

11:12:20.0026 0x2a78 amdsbs - ok

11:12:20.0042 0x2a78 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys

11:12:20.0057 0x2a78 amdxata - ok

11:12:20.0073 0x2a78 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys

11:12:20.0073 0x2a78 AppID - ok

11:12:20.0088 0x2a78 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll

11:12:20.0088 0x2a78 AppIDSvc - ok

11:12:20.0151 0x2a78 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll

11:12:20.0151 0x2a78 Appinfo - ok

11:12:20.0182 0x2a78 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys

11:12:20.0182 0x2a78 arc - ok

11:12:20.0198 0x2a78 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys

11:12:20.0213 0x2a78 arcsas - ok

11:12:20.0307 0x2a78 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

11:12:20.0307 0x2a78 aspnet_state - ok

11:12:20.0338 0x2a78 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

11:12:20.0338 0x2a78 AsyncMac - ok

11:12:20.0354 0x2a78 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys

11:12:20.0354 0x2a78 atapi - ok

11:12:20.0416 0x2a78 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

11:12:20.0432 0x2a78 AudioEndpointBuilder - ok

11:12:20.0447 0x2a78 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll

11:12:20.0463 0x2a78 Audiosrv - ok

11:12:20.0478 0x2a78 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll

11:12:20.0478 0x2a78 AxInstSV - ok

11:12:20.0510 0x2a78 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys

11:12:20.0525 0x2a78 b06bdrv - ok

11:12:20.0556 0x2a78 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys

11:12:20.0572 0x2a78 b57nd60x - ok

11:12:20.0593 0x2a78 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll

11:12:20.0593 0x2a78 BDESVC - ok

11:12:20.0608 0x2a78 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys

11:12:20.0608 0x2a78 Beep - ok

11:12:20.0639 0x2a78 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll

11:12:20.0639 0x2a78 BFE - ok

11:12:20.0671 0x2a78 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll

11:12:20.0686 0x2a78 BITS - ok

11:12:20.0795 0x2a78 [ 6E984D17526995C8FA9B65FFCE324A63, AFAB5004C333F90AC13769701D253F65EAE23D5B277DAD9C6EA8AF658374B48D ] BlackBerry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

11:12:20.0827 0x2a78 BlackBerry Device Manager - ok

11:12:20.0827 0x2a78 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

11:12:20.0827 0x2a78 blbdrive - ok

11:12:20.0873 0x2a78 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

11:12:20.0873 0x2a78 bowser - ok

11:12:20.0889 0x2a78 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

11:12:20.0889 0x2a78 BrFiltLo - ok

11:12:20.0905 0x2a78 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

11:12:20.0905 0x2a78 BrFiltUp - ok

11:12:20.0936 0x2a78 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

11:12:20.0936 0x2a78 BridgeMP - ok

11:12:20.0983 0x2a78 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll

11:12:20.0983 0x2a78 Browser - ok

11:12:21.0014 0x2a78 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys

11:12:21.0029 0x2a78 Brserid - ok

11:12:21.0045 0x2a78 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

11:12:21.0045 0x2a78 BrSerWdm - ok

11:12:21.0061 0x2a78 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

11:12:21.0061 0x2a78 BrUsbMdm - ok

11:12:21.0076 0x2a78 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

11:12:21.0092 0x2a78 BrUsbSer - ok

11:12:21.0107 0x2a78 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

11:12:21.0107 0x2a78 BTHMODEM - ok

11:12:21.0139 0x2a78 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll

11:12:21.0139 0x2a78 bthserv - ok

11:12:21.0170 0x2a78 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

11:12:21.0170 0x2a78 cdfs - ok

11:12:21.0217 0x2a78 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

11:12:21.0232 0x2a78 cdrom - ok

11:12:21.0263 0x2a78 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll

11:12:21.0263 0x2a78 CertPropSvc - ok

11:12:21.0279 0x2a78 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys

11:12:21.0279 0x2a78 circlass - ok

11:12:21.0295 0x2a78 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys

11:12:21.0310 0x2a78 CLFS - ok

11:12:21.0357 0x2a78 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:12:21.0357 0x2a78 clr_optimization_v2.0.50727_32 - ok

11:12:21.0419 0x2a78 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:12:21.0419 0x2a78 clr_optimization_v4.0.30319_32 - ok

11:12:21.0435 0x2a78 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

11:12:21.0435 0x2a78 CmBatt - ok

11:12:21.0482 0x2a78 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys

11:12:21.0482 0x2a78 cmdide - ok

11:12:21.0544 0x2a78 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys

11:12:21.0544 0x2a78 CNG - ok

11:12:21.0560 0x2a78 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys

11:12:21.0560 0x2a78 Compbatt - ok

11:12:21.0575 0x2a78 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

11:12:21.0575 0x2a78 CompositeBus - ok

11:12:21.0591 0x2a78 COMSysApp - ok

11:12:21.0607 0x2a78 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

11:12:21.0607 0x2a78 crcdisk - ok

11:12:21.0669 0x2a78 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll

11:12:21.0669 0x2a78 CryptSvc - ok

11:12:21.0716 0x2a78 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll

11:12:21.0731 0x2a78 DcomLaunch - ok

11:12:21.0763 0x2a78 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll

11:12:21.0763 0x2a78 defragsvc - ok

11:12:21.0794 0x2a78 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

11:12:21.0794 0x2a78 DfsC - ok

11:12:21.0825 0x2a78 [ 770471DE2550820FEEB7E5D24BF2E273, 8936056EBDED36F0ABA5889031CBB0F06428CE52A68FF215221819DF85C6D52E ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys

11:12:21.0825 0x2a78 DgiVecp - ok

11:12:21.0841 0x2a78 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll

11:12:21.0856 0x2a78 Dhcp - ok

11:12:21.0872 0x2a78 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys

11:12:21.0872 0x2a78 discache - ok

11:12:21.0887 0x2a78 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys

11:12:21.0903 0x2a78 Disk - ok

11:12:21.0934 0x2a78 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll

11:12:21.0934 0x2a78 Dnscache - ok

11:12:21.0965 0x2a78 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll

11:12:21.0981 0x2a78 dot3svc - ok

11:12:22.0012 0x2a78 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll

11:12:22.0012 0x2a78 DPS - ok

11:12:22.0075 0x2a78 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

11:12:22.0075 0x2a78 drmkaud - ok

11:12:22.0153 0x2a78 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

11:12:22.0168 0x2a78 DXGKrnl - ok

11:12:22.0184 0x2a78 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll

11:12:22.0184 0x2a78 EapHost - ok

11:12:22.0293 0x2a78 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys

11:12:22.0355 0x2a78 ebdrv - ok

11:12:22.0402 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe

11:12:22.0402 0x2a78 EFS - ok

11:12:22.0465 0x2a78 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe

11:12:22.0480 0x2a78 ehRecvr - ok

11:12:22.0496 0x2a78 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe

11:12:22.0496 0x2a78 ehSched - ok

11:12:22.0527 0x2a78 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys

11:12:22.0543 0x2a78 elxstor - ok

11:12:22.0558 0x2a78 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys

11:12:22.0558 0x2a78 ErrDev - ok

11:12:22.0610 0x2a78 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll

11:12:22.0610 0x2a78 EventSystem - ok

11:12:22.0626 0x2a78 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys

11:12:22.0641 0x2a78 exfat - ok

11:12:22.0657 0x2a78 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys

11:12:22.0657 0x2a78 fastfat - ok

11:12:22.0688 0x2a78 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe

11:12:22.0688 0x2a78 Fax - ok

11:12:22.0704 0x2a78 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys

11:12:22.0704 0x2a78 fdc - ok

11:12:22.0719 0x2a78 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll

11:12:22.0719 0x2a78 fdPHost - ok

11:12:22.0735 0x2a78 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll

11:12:22.0735 0x2a78 FDResPub - ok

11:12:22.0891 0x2a78 [ 49E2E2C62D1A8FDEA2DDFF1778190FE3, 6D6FDABA9EE723EB63433AA0265A1931137FB0971D78B478BA33FD26A502940A ] File Backup C:\Program Files\Workspace\offSyncService.exe

11:12:22.0906 0x2a78 File Backup - ok

11:12:22.0938 0x2a78 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

11:12:22.0938 0x2a78 FileInfo - ok

11:12:22.0953 0x2a78 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

11:12:22.0953 0x2a78 Filetrace - ok

11:12:22.0953 0x2a78 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

11:12:22.0953 0x2a78 flpydisk - ok

11:12:22.0984 0x2a78 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

11:12:22.0984 0x2a78 FltMgr - ok

11:12:23.0031 0x2a78 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll

11:12:23.0047 0x2a78 FontCache - ok

11:12:23.0109 0x2a78 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

11:12:23.0109 0x2a78 FontCache3.0.0.0 - ok

11:12:23.0125 0x2a78 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

11:12:23.0125 0x2a78 FsDepends - ok

11:12:23.0140 0x2a78 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

11:12:23.0140 0x2a78 Fs_Rec - ok

11:12:23.0187 0x2a78 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

11:12:23.0187 0x2a78 fvevol - ok

11:12:23.0218 0x2a78 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

11:12:23.0218 0x2a78 gagp30kx - ok

11:12:23.0250 0x2a78 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll

11:12:23.0265 0x2a78 gpsvc - ok

11:12:23.0296 0x2a78 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

11:12:23.0296 0x2a78 hcw85cir - ok

11:12:23.0328 0x2a78 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

11:12:23.0328 0x2a78 HdAudAddService - ok

11:12:23.0359 0x2a78 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

11:12:23.0359 0x2a78 HDAudBus - ok

11:12:23.0374 0x2a78 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

11:12:23.0374 0x2a78 HidBatt - ok

11:12:23.0390 0x2a78 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys

11:12:23.0390 0x2a78 HidBth - ok

11:12:23.0406 0x2a78 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys

11:12:23.0406 0x2a78 HidIr - ok

11:12:23.0421 0x2a78 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll

11:12:23.0437 0x2a78 hidserv - ok

11:12:23.0484 0x2a78 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

11:12:23.0484 0x2a78 HidUsb - ok

11:12:23.0515 0x2a78 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll

11:12:23.0530 0x2a78 hkmsvc - ok

11:12:23.0546 0x2a78 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll

11:12:23.0546 0x2a78 HomeGroupListener - ok

11:12:23.0577 0x2a78 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

11:12:23.0577 0x2a78 HomeGroupProvider - ok

11:12:23.0593 0x2a78 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

11:12:23.0593 0x2a78 HpSAMD - ok

11:12:23.0624 0x2a78 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys

11:12:23.0640 0x2a78 HTTP - ok

11:12:23.0655 0x2a78 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

11:12:23.0655 0x2a78 hwpolicy - ok

11:12:23.0671 0x2a78 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

11:12:23.0671 0x2a78 i8042prt - ok

11:12:23.0718 0x2a78 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

11:12:23.0718 0x2a78 iaStorV - ok

11:12:23.0796 0x2a78 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:12:23.0827 0x2a78 idsvc - ok

11:12:23.0842 0x2a78 IEEtwCollectorService - ok

11:12:24.0108 0x2a78 [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys

11:12:24.0279 0x2a78 igfx - ok

11:12:24.0326 0x2a78 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys

11:12:24.0326 0x2a78 iirsp - ok

11:12:24.0404 0x2a78 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll

11:12:24.0420 0x2a78 IKEEXT - ok

11:12:24.0544 0x2a78 [ 53613A3F3EF4E33A640CB3B1CD9BA38B, CB2BB81C5FEFAB4190B4390824D76AB04319B8D61475318B3930E94A5D148F5E ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys

11:12:24.0591 0x2a78 IntcAzAudAddService - ok

11:12:24.0643 0x2a78 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys

11:12:24.0643 0x2a78 intelide - ok

11:12:24.0659 0x2a78 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

11:12:24.0674 0x2a78 intelppm - ok

11:12:24.0705 0x2a78 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

11:12:24.0705 0x2a78 IPBusEnum - ok

11:12:24.0721 0x2a78 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:12:24.0721 0x2a78 IpFilterDriver - ok

11:12:24.0799 0x2a78 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll

11:12:24.0815 0x2a78 IpHlpSvc - ok

11:12:24.0830 0x2a78 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

11:12:24.0830 0x2a78 IPMIDRV - ok

11:12:24.0846 0x2a78 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

11:12:24.0846 0x2a78 IPNAT - ok

11:12:24.0877 0x2a78 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys

11:12:24.0877 0x2a78 IRENUM - ok

11:12:24.0877 0x2a78 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys

11:12:24.0877 0x2a78 isapnp - ok

11:12:24.0908 0x2a78 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

11:12:24.0908 0x2a78 iScsiPrt - ok

11:12:24.0955 0x2a78 [ 62632763D9B2B7F92D2968D40406E7AA, EC11B3CF6E0DF6515B3879E98F894A43855EE21115C4F305D9857ACAA538F6E5 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys

11:12:24.0955 0x2a78 k57nd60x - ok

11:12:24.0986 0x2a78 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

11:12:24.0986 0x2a78 kbdclass - ok

11:12:24.0986 0x2a78 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

11:12:25.0002 0x2a78 kbdhid - ok

11:12:25.0002 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe

11:12:25.0002 0x2a78 KeyIso - ok

11:12:25.0049 0x2a78 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

11:12:25.0049 0x2a78 KSecDD - ok

11:12:25.0080 0x2a78 [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

11:12:25.0080 0x2a78 KSecPkg - ok

11:12:25.0127 0x2a78 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll

11:12:25.0127 0x2a78 KtmRm - ok

11:12:25.0158 0x2a78 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll

11:12:25.0173 0x2a78 LanmanServer - ok

11:12:25.0220 0x2a78 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

11:12:25.0220 0x2a78 LanmanWorkstation - ok

11:12:25.0251 0x2a78 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

11:12:25.0251 0x2a78 lltdio - ok

11:12:25.0283 0x2a78 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll

11:12:25.0298 0x2a78 lltdsvc - ok

11:12:25.0314 0x2a78 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll

11:12:25.0314 0x2a78 lmhosts - ok

11:12:25.0345 0x2a78 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

11:12:25.0345 0x2a78 LSI_FC - ok

11:12:25.0361 0x2a78 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

11:12:25.0361 0x2a78 LSI_SAS - ok

11:12:25.0376 0x2a78 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

11:12:25.0376 0x2a78 LSI_SAS2 - ok

11:12:25.0392 0x2a78 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

11:12:25.0392 0x2a78 LSI_SCSI - ok

11:12:25.0407 0x2a78 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys

11:12:25.0407 0x2a78 luafv - ok

11:12:25.0423 0x2a78 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

11:12:25.0439 0x2a78 Mcx2Svc - ok

11:12:25.0439 0x2a78 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys

11:12:25.0439 0x2a78 megasas - ok

11:12:25.0470 0x2a78 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

11:12:25.0470 0x2a78 MegaSR - ok

11:12:25.0485 0x2a78 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll

11:12:25.0485 0x2a78 MMCSS - ok

11:12:25.0501 0x2a78 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys

11:12:25.0501 0x2a78 Modem - ok

11:12:25.0517 0x2a78 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

11:12:25.0517 0x2a78 monitor - ok

11:12:25.0532 0x2a78 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

11:12:25.0532 0x2a78 mouclass - ok

11:12:25.0548 0x2a78 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

11:12:25.0548 0x2a78 mouhid - ok

11:12:25.0563 0x2a78 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

11:12:25.0563 0x2a78 mountmgr - ok

11:12:25.0641 0x2a78 [ 6460D4A5C981567E74A7AC1349DE10F5, 9C16035B9A9BE3D7077851621E9BDED223B4C6A156562076957B49B9FCAB3A05 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

11:12:25.0641 0x2a78 MpFilter - ok

11:12:25.0657 0x2a78 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys

11:12:25.0673 0x2a78 mpio - ok

11:12:25.0797 0x2a78 [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl341c4cee c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4299267E-6D94-4203-B94B-98F32FF07B76}\MpKsl341c4cee.sys

11:12:25.0797 0x2a78 MpKsl341c4cee - ok

11:12:25.0813 0x2a78 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

11:12:25.0813 0x2a78 mpsdrv - ok

11:12:25.0875 0x2a78 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll

11:12:25.0891 0x2a78 MpsSvc - ok

11:12:25.0907 0x2a78 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

11:12:25.0922 0x2a78 MRxDAV - ok

11:12:25.0953 0x2a78 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

11:12:25.0953 0x2a78 mrxsmb - ok

11:12:25.0969 0x2a78 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:12:25.0985 0x2a78 mrxsmb10 - ok

11:12:25.0985 0x2a78 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:12:25.0985 0x2a78 mrxsmb20 - ok

11:12:26.0047 0x2a78 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys

11:12:26.0047 0x2a78 msahci - ok

11:12:26.0078 0x2a78 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys

11:12:26.0078 0x2a78 msdsm - ok

11:12:26.0094 0x2a78 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe

11:12:26.0094 0x2a78 MSDTC - ok

11:12:26.0109 0x2a78 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys

11:12:26.0109 0x2a78 Msfs - ok

11:12:26.0125 0x2a78 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

11:12:26.0125 0x2a78 mshidkmdf - ok

11:12:26.0141 0x2a78 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

11:12:26.0141 0x2a78 msisadrv - ok

11:12:26.0156 0x2a78 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll

11:12:26.0156 0x2a78 MSiSCSI - ok

11:12:26.0172 0x2a78 msiserver - ok

11:12:26.0187 0x2a78 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

11:12:26.0187 0x2a78 MSKSSRV - ok

11:12:26.0281 0x2a78 [ A4B109D057E15A438CE74E5B71187417, C91568C1AE2863218988D4D7A2B64041AB2C1EE2E9DF3720407FCE513ADA056F ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

11:12:26.0281 0x2a78 MsMpSvc - ok

11:12:26.0297 0x2a78 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

11:12:26.0297 0x2a78 MSPCLOCK - ok

11:12:26.0328 0x2a78 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

11:12:26.0328 0x2a78 MSPQM - ok

11:12:26.0343 0x2a78 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

11:12:26.0343 0x2a78 MsRPC - ok

11:12:26.0359 0x2a78 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

11:12:26.0359 0x2a78 mssmbios - ok

11:12:26.0390 0x2a78 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

11:12:26.0406 0x2a78 MSTEE - ok

11:12:26.0421 0x2a78 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

11:12:26.0421 0x2a78 MTConfig - ok

11:12:26.0437 0x2a78 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys

11:12:26.0437 0x2a78 Mup - ok

11:12:26.0468 0x2a78 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll

11:12:26.0484 0x2a78 napagent - ok

11:12:26.0499 0x2a78 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

11:12:26.0499 0x2a78 NativeWifiP - ok

11:12:26.0593 0x2a78 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys

11:12:26.0619 0x2a78 NDIS - ok

11:12:26.0626 0x2a78 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

11:12:26.0626 0x2a78 NdisCap - ok

11:12:26.0642 0x2a78 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

11:12:26.0657 0x2a78 NdisTapi - ok

11:12:26.0673 0x2a78 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

11:12:26.0673 0x2a78 Ndisuio - ok

11:12:26.0688 0x2a78 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

11:12:26.0688 0x2a78 NdisWan - ok

11:12:26.0704 0x2a78 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

11:12:26.0704 0x2a78 NDProxy - ok

11:12:26.0720 0x2a78 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

11:12:26.0720 0x2a78 NetBIOS - ok

11:12:26.0735 0x2a78 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

11:12:26.0735 0x2a78 NetBT - ok

11:12:26.0751 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe

11:12:26.0751 0x2a78 Netlogon - ok

11:12:26.0782 0x2a78 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll

11:12:26.0782 0x2a78 Netman - ok

11:12:26.0829 0x2a78 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:12:26.0829 0x2a78 NetMsmqActivator - ok

11:12:26.0844 0x2a78 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:12:26.0844 0x2a78 NetPipeActivator - ok

11:12:26.0876 0x2a78 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll

11:12:26.0891 0x2a78 netprofm - ok

11:12:26.0891 0x2a78 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:12:26.0891 0x2a78 NetTcpActivator - ok

11:12:26.0907 0x2a78 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:12:26.0907 0x2a78 NetTcpPortSharing - ok

11:12:26.0938 0x2a78 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

11:12:26.0938 0x2a78 nfrd960 - ok

11:12:27.0000 0x2a78 [ 6A83B8AF342E61DEE353BAA81F67B7DA, F883A69DC57A203CEF4A264ADA3669EFA11149FE479A32FF38A37C86D24D7DE7 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

11:12:27.0000 0x2a78 NisDrv - ok

11:12:27.0078 0x2a78 [ 877C975D6FED8B12C445312D1286771E, 2FD5F2FE0414D00B8E4EF389E1AD11356C14F700A906770B0AB88B464D963948 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

11:12:27.0078 0x2a78 NisSrv - ok

11:12:27.0141 0x2a78 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll

11:12:27.0156 0x2a78 NlaSvc - ok

11:12:27.0172 0x2a78 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys

11:12:27.0172 0x2a78 Npfs - ok

11:12:27.0188 0x2a78 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll

11:12:27.0188 0x2a78 nsi - ok

11:12:27.0203 0x2a78 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

11:12:27.0203 0x2a78 nsiproxy - ok

11:12:27.0297 0x2a78 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

11:12:27.0312 0x2a78 Ntfs - ok

11:12:27.0328 0x2a78 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys

11:12:27.0328 0x2a78 Null - ok

11:12:27.0344 0x2a78 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys

11:12:27.0344 0x2a78 nvraid - ok

11:12:27.0375 0x2a78 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys

11:12:27.0390 0x2a78 nvstor - ok

11:12:27.0390 0x2a78 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

11:12:27.0406 0x2a78 nv_agp - ok

11:12:27.0406 0x2a78 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

11:12:27.0406 0x2a78 ohci1394 - ok

11:12:27.0453 0x2a78 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:12:27.0453 0x2a78 ose - ok

11:12:27.0484 0x2a78 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

11:12:27.0484 0x2a78 p2pimsvc - ok

11:12:27.0515 0x2a78 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll

11:12:27.0515 0x2a78 p2psvc - ok

11:12:27.0546 0x2a78 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys

11:12:27.0546 0x2a78 Parport - ok

11:12:27.0562 0x2a78 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys

11:12:27.0578 0x2a78 partmgr - ok

11:12:27.0593 0x2a78 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys

11:12:27.0593 0x2a78 Parvdm - ok

11:12:27.0609 0x2a78 [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys

11:12:27.0609 0x2a78 PBADRV - ok

11:12:27.0624 0x2a78 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll

11:12:27.0624 0x2a78 PcaSvc - ok

11:12:27.0640 0x2a78 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys

11:12:27.0656 0x2a78 pci - ok

11:12:27.0687 0x2a78 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys

11:12:27.0702 0x2a78 pciide - ok

11:12:27.0718 0x2a78 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

11:12:27.0718 0x2a78 pcmcia - ok

11:12:27.0734 0x2a78 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys

11:12:27.0734 0x2a78 pcw - ok

11:12:27.0780 0x2a78 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

11:12:27.0796 0x2a78 PEAUTH - ok

11:12:27.0843 0x2a78 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll

11:12:27.0874 0x2a78 pla - ok

11:12:27.0921 0x2a78 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll

11:12:27.0921 0x2a78 PlugPlay - ok

11:12:27.0936 0x2a78 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

11:12:27.0936 0x2a78 PNRPAutoReg - ok

11:12:27.0968 0x2a78 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

11:12:27.0968 0x2a78 PNRPsvc - ok

11:12:27.0999 0x2a78 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

11:12:28.0014 0x2a78 PolicyAgent - ok

11:12:28.0030 0x2a78 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll

11:12:28.0030 0x2a78 Power - ok

11:12:28.0061 0x2a78 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

11:12:28.0061 0x2a78 PptpMiniport - ok

11:12:28.0077 0x2a78 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys

11:12:28.0077 0x2a78 Processor - ok

11:12:28.0124 0x2a78 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll

11:12:28.0139 0x2a78 ProfSvc - ok

11:12:28.0139 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe

11:12:28.0155 0x2a78 ProtectedStorage - ok

11:12:28.0170 0x2a78 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

11:12:28.0170 0x2a78 Psched - ok

11:12:28.0233 0x2a78 [ 119B221670D50C82BF203B673778F2D3, FC096329405669B06239FED869CDD585566A19F54F5484987EF4FE1C51921080 ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

11:12:28.0233 0x2a78 QBCFMonitorService - ok

11:12:28.0264 0x2a78 [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

11:12:28.0264 0x2a78 QBFCService - ok

11:12:28.0358 0x2a78 [ 79F4AE25569B91AC5ACC77BF24F93C6D, 6BF658C1945D360F7E6D840F5023605C8FE7746DB17503E90A79626A83B2A206 ] QBVSS C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

11:12:28.0373 0x2a78 QBVSS - ok

11:12:28.0420 0x2a78 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys

11:12:28.0451 0x2a78 ql2300 - ok

11:12:28.0467 0x2a78 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

11:12:28.0482 0x2a78 ql40xx - ok

11:12:28.0498 0x2a78 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll

11:12:28.0514 0x2a78 QWAVE - ok

11:12:28.0514 0x2a78 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

11:12:28.0529 0x2a78 QWAVEdrv - ok

11:12:28.0529 0x2a78 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

11:12:28.0529 0x2a78 RasAcd - ok

11:12:28.0560 0x2a78 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

11:12:28.0560 0x2a78 RasAgileVpn - ok

11:12:28.0576 0x2a78 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll

11:12:28.0576 0x2a78 RasAuto - ok

11:12:28.0592 0x2a78 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

11:12:28.0592 0x2a78 Rasl2tp - ok

11:12:28.0612 0x2a78 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll

11:12:28.0612 0x2a78 RasMan - ok

11:12:28.0628 0x2a78 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

11:12:28.0628 0x2a78 RasPppoe - ok

11:12:28.0643 0x2a78 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

11:12:28.0643 0x2a78 RasSstp - ok

11:12:28.0659 0x2a78 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

11:12:28.0659 0x2a78 rdbss - ok

11:12:28.0675 0x2a78 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

11:12:28.0675 0x2a78 rdpbus - ok

11:12:28.0675 0x2a78 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

11:12:28.0675 0x2a78 RDPCDD - ok

11:12:28.0706 0x2a78 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

11:12:28.0706 0x2a78 RDPENCDD - ok

11:12:28.0721 0x2a78 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

11:12:28.0721 0x2a78 RDPREFMP - ok

11:12:28.0753 0x2a78 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

11:12:28.0768 0x2a78 RDPWD - ok

11:12:28.0784 0x2a78 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

11:12:28.0784 0x2a78 rdyboost - ok

11:12:28.0815 0x2a78 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll

11:12:28.0815 0x2a78 RemoteAccess - ok

11:12:28.0815 0x2a78 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll

11:12:28.0831 0x2a78 RemoteRegistry - ok

11:12:28.0877 0x2a78 [ B6338D50D48F5F95A31CD6E09867F56A, 1E0EB468580F980D673DE2989BBE0F58930504E7A9AC757DC44012088066D778 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys

11:12:28.0877 0x2a78 RimUsb - ok

11:12:28.0940 0x2a78 [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys

11:12:28.0940 0x2a78 RimVSerPort - ok

11:12:28.0971 0x2a78 [ 564297827D213F52C7A3A2FF749568CA, B09A78D3B3F0BF47818BBEEDEF73BD6ACB9C5E367592BB90C85FD262BE521876 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys

11:12:28.0971 0x2a78 ROOTMODEM - ok

11:12:29.0002 0x2a78 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

11:12:29.0002 0x2a78 RpcEptMapper - ok

11:12:29.0018 0x2a78 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe

11:12:29.0018 0x2a78 RpcLocator - ok

11:12:29.0065 0x2a78 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll

11:12:29.0065 0x2a78 RpcSs - ok

11:12:29.0096 0x2a78 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

11:12:29.0096 0x2a78 rspndr - ok

11:12:29.0111 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe

11:12:29.0111 0x2a78 SamSs - ok

11:12:29.0127 0x2a78 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

11:12:29.0127 0x2a78 sbp2port - ok

11:12:29.0143 0x2a78 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll

11:12:29.0158 0x2a78 SCardSvr - ok

11:12:29.0174 0x2a78 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

11:12:29.0174 0x2a78 scfilter - ok

11:12:29.0205 0x2a78 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll

11:12:29.0221 0x2a78 Schedule - ok

11:12:29.0236 0x2a78 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll

11:12:29.0236 0x2a78 SCPolicySvc - ok

11:12:29.0267 0x2a78 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll

11:12:29.0267 0x2a78 SDRSVC - ok

11:12:29.0283 0x2a78 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys

11:12:29.0283 0x2a78 secdrv - ok

11:12:29.0283 0x2a78 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll

11:12:29.0283 0x2a78 seclogon - ok

11:12:29.0299 0x2a78 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll

11:12:29.0299 0x2a78 SENS - ok

11:12:29.0314 0x2a78 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll

11:12:29.0330 0x2a78 SensrSvc - ok

11:12:29.0330 0x2a78 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

11:12:29.0330 0x2a78 Serenum - ok

11:12:29.0345 0x2a78 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys

11:12:29.0345 0x2a78 Serial - ok

11:12:29.0361 0x2a78 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys

11:12:29.0361 0x2a78 sermouse - ok

11:12:29.0377 0x2a78 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll

11:12:29.0392 0x2a78 SessionEnv - ok

11:12:29.0408 0x2a78 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

11:12:29.0408 0x2a78 sffdisk - ok

11:12:29.0423 0x2a78 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

11:12:29.0423 0x2a78 sffp_mmc - ok

11:12:29.0439 0x2a78 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

11:12:29.0439 0x2a78 sffp_sd - ok

11:12:29.0439 0x2a78 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

11:12:29.0439 0x2a78 sfloppy - ok

11:12:29.0470 0x2a78 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll

11:12:29.0486 0x2a78 SharedAccess - ok

11:12:29.0501 0x2a78 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

11:12:29.0501 0x2a78 ShellHWDetection - ok

11:12:29.0517 0x2a78 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys

11:12:29.0517 0x2a78 sisagp - ok

11:12:29.0548 0x2a78 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

11:12:29.0548 0x2a78 SiSRaid2 - ok

11:12:29.0579 0x2a78 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

11:12:29.0579 0x2a78 SiSRaid4 - ok

11:12:29.0611 0x2a78 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys

11:12:29.0611 0x2a78 Smb - ok

11:12:29.0657 0x2a78 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

11:12:29.0657 0x2a78 SNMPTRAP - ok

11:12:29.0689 0x2a78 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys

11:12:29.0689 0x2a78 spldr - ok

11:12:29.0751 0x2a78 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe

11:12:29.0767 0x2a78 Spooler - ok

11:12:29.0876 0x2a78 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe

11:12:29.0938 0x2a78 sppsvc - ok

11:12:29.0969 0x2a78 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll

11:12:29.0969 0x2a78 sppuinotify - ok

11:12:30.0001 0x2a78 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys

11:12:30.0001 0x2a78 srv - ok

11:12:30.0032 0x2a78 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

11:12:30.0047 0x2a78 srv2 - ok

11:12:30.0047 0x2a78 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

11:12:30.0047 0x2a78 srvnet - ok

11:12:30.0079 0x2a78 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

11:12:30.0079 0x2a78 SSDPSRV - ok

11:12:30.0110 0x2a78 [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys

11:12:30.0110 0x2a78 SSPORT - ok

11:12:30.0125 0x2a78 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll

11:12:30.0125 0x2a78 SstpSvc - ok

11:12:30.0141 0x2a78 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys

11:12:30.0141 0x2a78 stexstor - ok

11:12:30.0172 0x2a78 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll

11:12:30.0188 0x2a78 StiSvc - ok

11:12:30.0188 0x2a78 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

11:12:30.0203 0x2a78 swenum - ok

11:12:30.0219 0x2a78 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll

11:12:30.0219 0x2a78 swprv - ok

11:12:30.0266 0x2a78 [ 19EC41605DADA627F15369E7581C157B, B984E0A84D328D688D308203CF2AE131C9D8EF72435A44F1BCC8AC50B134EFDA ] Sws.Agent.Service C:\Program Files\SWS\SWSAgent\Sws.Agent.Service.exe

11:12:30.0266 0x2a78 Sws.Agent.Service - ok

11:12:30.0313 0x2a78 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll

11:12:30.0328 0x2a78 SysMain - ok

11:12:30.0359 0x2a78 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll

11:12:30.0359 0x2a78 TabletInputService - ok

11:12:30.0391 0x2a78 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll

11:12:30.0391 0x2a78 TapiSrv - ok

11:12:30.0422 0x2a78 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll

11:12:30.0437 0x2a78 TBS - ok

11:12:30.0531 0x2a78 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

11:12:30.0562 0x2a78 Tcpip - ok

11:12:30.0598 0x2a78 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

11:12:30.0614 0x2a78 TCPIP6 - ok

11:12:30.0676 0x2a78 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

11:12:30.0676 0x2a78 tcpipreg - ok

11:12:30.0708 0x2a78 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

11:12:30.0708 0x2a78 TDPIPE - ok

11:12:30.0723 0x2a78 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

11:12:30.0723 0x2a78 TDTCP - ok

11:12:30.0739 0x2a78 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

11:12:30.0739 0x2a78 tdx - ok

11:12:30.0754 0x2a78 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

11:12:30.0754 0x2a78 TermDD - ok

11:12:30.0786 0x2a78 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll

11:12:30.0801 0x2a78 TermService - ok

11:12:30.0817 0x2a78 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll

11:12:30.0817 0x2a78 Themes - ok

11:12:30.0832 0x2a78 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll

11:12:30.0832 0x2a78 THREADORDER - ok

11:12:30.0848 0x2a78 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll

11:12:30.0848 0x2a78 TrkWks - ok

11:12:30.0895 0x2a78 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

11:12:30.0895 0x2a78 TrustedInstaller - ok

11:12:30.0942 0x2a78 [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

11:12:30.0942 0x2a78 tssecsrv - ok

11:12:30.0988 0x2a78 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

11:12:31.0004 0x2a78 TsUsbFlt - ok

11:12:31.0035 0x2a78 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

11:12:31.0051 0x2a78 TsUsbGD - ok

11:12:31.0082 0x2a78 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

11:12:31.0082 0x2a78 tunnel - ok

11:12:31.0098 0x2a78 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

11:12:31.0098 0x2a78 uagp35 - ok

11:12:31.0129 0x2a78 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

11:12:31.0129 0x2a78 udfs - ok

11:12:31.0144 0x2a78 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe

11:12:31.0160 0x2a78 UI0Detect - ok

11:12:31.0176 0x2a78 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

11:12:31.0176 0x2a78 uliagpkx - ok

11:12:31.0191 0x2a78 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

11:12:31.0191 0x2a78 umbus - ok

11:12:31.0207 0x2a78 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

11:12:31.0222 0x2a78 UmPass - ok

11:12:31.0222 0x2a78 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll

11:12:31.0238 0x2a78 upnphost - ok

11:12:31.0254 0x2a78 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

11:12:31.0269 0x2a78 usbccgp - ok

11:12:31.0300 0x2a78 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys

11:12:31.0300 0x2a78 usbcir - ok

11:12:31.0316 0x2a78 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

11:12:31.0316 0x2a78 usbehci - ok

11:12:31.0363 0x2a78 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

11:12:31.0378 0x2a78 usbhub - ok

11:12:31.0394 0x2a78 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys

11:12:31.0394 0x2a78 usbohci - ok

11:12:31.0441 0x2a78 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

11:12:31.0441 0x2a78 usbprint - ok

11:12:31.0456 0x2a78 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

11:12:31.0456 0x2a78 usbscan - ok

11:12:31.0472 0x2a78 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:12:31.0472 0x2a78 USBSTOR - ok

11:12:31.0472 0x2a78 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

11:12:31.0488 0x2a78 usbuhci - ok

11:12:31.0488 0x2a78 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll

11:12:31.0488 0x2a78 UxSms - ok

11:12:31.0503 0x2a78 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe

11:12:31.0503 0x2a78 VaultSvc - ok

11:12:31.0519 0x2a78 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

11:12:31.0519 0x2a78 vdrvroot - ok

11:12:31.0534 0x2a78 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe

11:12:31.0550 0x2a78 vds - ok

11:12:31.0566 0x2a78 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

11:12:31.0566 0x2a78 vga - ok

11:12:31.0566 0x2a78 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys

11:12:31.0566 0x2a78 VgaSave - ok

11:12:31.0581 0x2a78 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

11:12:31.0597 0x2a78 vhdmp - ok

11:12:31.0597 0x2a78 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys

11:12:31.0597 0x2a78 viaagp - ok

11:12:31.0612 0x2a78 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

11:12:31.0612 0x2a78 ViaC7 - ok

11:12:31.0659 0x2a78 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys

11:12:31.0675 0x2a78 viaide - ok

11:12:31.0690 0x2a78 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys

11:12:31.0690 0x2a78 volmgr - ok

11:12:31.0706 0x2a78 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

11:12:31.0706 0x2a78 volmgrx - ok

11:12:31.0722 0x2a78 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys

11:12:31.0737 0x2a78 volsnap - ok

11:12:31.0753 0x2a78 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

11:12:31.0753 0x2a78 vsmraid - ok

11:12:31.0815 0x2a78 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe

11:12:31.0831 0x2a78 VSS - ok

11:12:31.0862 0x2a78 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

11:12:31.0862 0x2a78 vwifibus - ok

11:12:31.0878 0x2a78 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll

11:12:31.0878 0x2a78 W32Time - ok

11:12:31.0893 0x2a78 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

11:12:31.0893 0x2a78 WacomPen - ok

11:12:31.0924 0x2a78 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

11:12:31.0924 0x2a78 WANARP - ok

11:12:31.0924 0x2a78 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

11:12:31.0924 0x2a78 Wanarpv6 - ok

11:12:31.0987 0x2a78 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

11:12:32.0018 0x2a78 WatAdminSvc - ok

11:12:32.0065 0x2a78 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe

11:12:32.0096 0x2a78 wbengine - ok

11:12:32.0112 0x2a78 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

11:12:32.0112 0x2a78 WbioSrvc - ok

11:12:32.0127 0x2a78 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll

11:12:32.0143 0x2a78 wcncsvc - ok

11:12:32.0158 0x2a78 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

11:12:32.0158 0x2a78 WcsPlugInService - ok

11:12:32.0174 0x2a78 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys

11:12:32.0174 0x2a78 Wd - ok

11:12:32.0236 0x2a78 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

11:12:32.0252 0x2a78 Wdf01000 - ok

11:12:32.0268 0x2a78 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll

11:12:32.0268 0x2a78 WdiServiceHost - ok

11:12:32.0268 0x2a78 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll

11:12:32.0283 0x2a78 WdiSystemHost - ok

11:12:32.0330 0x2a78 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll

11:12:32.0346 0x2a78 WebClient - ok

11:12:32.0377 0x2a78 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll

11:12:32.0392 0x2a78 Wecsvc - ok

11:12:32.0408 0x2a78 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll

11:12:32.0408 0x2a78 wercplsupport - ok

11:12:32.0424 0x2a78 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll

11:12:32.0424 0x2a78 WerSvc - ok

11:12:32.0455 0x2a78 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

11:12:32.0455 0x2a78 WfpLwf - ok

11:12:32.0470 0x2a78 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys

11:12:32.0470 0x2a78 WIMMount - ok

11:12:32.0564 0x2a78 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

11:12:32.0580 0x2a78 WinDefend - ok

11:12:32.0616 0x2a78 WinHttpAutoProxySvc - ok

11:12:32.0647 0x2a78 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

11:12:32.0663 0x2a78 Winmgmt - ok

11:12:32.0725 0x2a78 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll

11:12:32.0756 0x2a78 WinRM - ok

11:12:32.0803 0x2a78 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll

11:12:32.0819 0x2a78 Wlansvc - ok

11:12:32.0834 0x2a78 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

11:12:32.0834 0x2a78 WmiAcpi - ok

11:12:32.0850 0x2a78 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

11:12:32.0865 0x2a78 wmiApSrv - ok

11:12:32.0928 0x2a78 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

11:12:32.0943 0x2a78 WMPNetworkSvc - ok

11:12:32.0959 0x2a78 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll

11:12:32.0959 0x2a78 WPCSvc - ok

11:12:32.0975 0x2a78 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

11:12:32.0975 0x2a78 WPDBusEnum - ok

11:12:32.0990 0x2a78 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

11:12:32.0990 0x2a78 ws2ifsl - ok

11:12:33.0006 0x2a78 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll

11:12:33.0006 0x2a78 wscsvc - ok

11:12:33.0021 0x2a78 WSearch - ok

11:12:33.0146 0x2a78 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll

11:12:33.0193 0x2a78 wuauserv - ok

11:12:33.0240 0x2a78 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

11:12:33.0240 0x2a78 WudfPf - ok

11:12:33.0271 0x2a78 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

11:12:33.0271 0x2a78 WUDFRd - ok

11:12:33.0333 0x2a78 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll

11:12:33.0333 0x2a78 wudfsvc - ok

11:12:33.0380 0x2a78 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll

11:12:33.0380 0x2a78 WwanSvc - ok

11:12:33.0396 0x2a78 ================ Scan global ===============================

11:12:33.0427 0x2a78 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll

11:12:33.0474 0x2a78 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

11:12:33.0489 0x2a78 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

11:12:33.0536 0x2a78 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll

11:12:33.0552 0x2a78 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe

11:12:33.0567 0x2a78 [ Global ] - ok

11:12:33.0567 0x2a78 ================ Scan MBR ==================================

11:12:33.0583 0x2a78 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

11:12:33.0723 0x2a78 \Device\Harddisk0\DR0 - ok

11:12:33.0739 0x2a78 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR1

11:12:33.0755 0x2a78 \Device\Harddisk1\DR1 - ok

11:12:33.0755 0x2a78 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2

11:12:33.0755 0x2a78 \Device\Harddisk2\DR2 - ok

11:12:33.0755 0x2a78 ================ Scan VBR ==================================

11:12:33.0755 0x2a78 [ D92B70120FD1371D3B898FCAFA8923CE ] \Device\Harddisk0\DR0\Partition1

11:12:33.0755 0x2a78 \Device\Harddisk0\DR0\Partition1 - ok

11:12:33.0770 0x2a78 [ 6BFA3E5452DAF2D35032A23DCF51EE54 ] \Device\Harddisk0\DR0\Partition2

11:12:33.0770 0x2a78 \Device\Harddisk0\DR0\Partition2 - ok

11:12:33.0770 0x2a78 [ C97CA8B9DFB240556DF088811A3D04D8 ] \Device\Harddisk1\DR1\Partition1

11:12:33.0770 0x2a78 \Device\Harddisk1\DR1\Partition1 - ok

11:12:33.0786 0x2a78 [ 4DA93CF128547665A1350119BACCDCFC ] \Device\Harddisk2\DR2\Partition1

11:12:33.0786 0x2a78 \Device\Harddisk2\DR2\Partition1 - ok

11:12:33.0786 0x2a78 ================ Scan generic autorun ======================

11:12:33.0801 0x2a78 [ 87D78CF6365BDDACBE9D34B60FE0E23B, 4561DE7171FD9035FEDF7EEA059859732996A5E72364D0D9F230563A1A6AE3D4 ] C:\Windows\system32\hkcmd.exe

11:12:33.0801 0x2a78 HotKeysCmds - ok

11:12:33.0817 0x2a78 [ 89D3DE5E2C77DCD99C56F0E46310AEA0, 02E1B2353E5D5F65D7968698AFE079A4DF11C230F6213C07D128F47147BACA29 ] C:\Windows\system32\igfxpers.exe

11:12:33.0817 0x2a78 Persistence - ok

11:12:33.0864 0x2a78 [ 3B5F7B5048D33ACF27BFD4F34E216231, 7D879B80A3A3288BD3989BB2686A1A87991EF988FBEBA5E1DAAD23B6CB9509BD ] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe

11:12:33.0879 0x2a78 Stanley-H_XRX_S2P - ok

11:12:33.0957 0x2a78 [ E279E55C0D5F5DA2E1FD268EBD12F268, 06C40AF999881699DD9B73440D2ED48F404864C3FB8FF7B36560759892CAAA12 ] c:\Program Files\Microsoft Security Client\msseces.exe

11:12:33.0973 0x2a78 MSC - ok

11:12:34.0067 0x2a78 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

11:12:34.0082 0x2a78 Adobe ARM - ok

11:12:34.0176 0x2a78 [ 07DACF8EE0581D188931E02CB7D50E1A, 4789520F8F5596CCC830D2C6B7C9592F156B298F9CA76EC9E0254D3499455367 ] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

11:12:34.0191 0x2a78 RIMBBLaunchAgent.exe - ok

11:12:34.0332 0x2a78 [ 818DA091BF0F17AFDFA19CF39226FF0F, 3967E0C3E111EB8E0E0F7D275F9E8F2C36536474842ECEF2153C9128749CB20A ] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe

11:12:34.0394 0x2a78 Intuit SyncManager - ok

11:12:34.0457 0x2a78 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

11:12:34.0457 0x2a78 SunJavaUpdateSched - ok

11:12:34.0550 0x2a78 [ 8BBDBEBCF62898D56AB584A373A461E7, 627F24C96576C51255794DCD4DFAA39C0F0334F5E1EF69EC552DE357C2C16228 ] C:\Users\Tim\AppData\Local\Workspace\WorkspaceUpdate.exe

11:12:36.0791 0x2a78 Starfield Updater - ok

11:12:36.0947 0x2a78 [ F308D7378BF60B91DA495FCAA1C216E7, 7D67B6D1CE11685F87B3CF9689AF0B089D3340A72C7A0B9633C826AEE49B405E ] C:\Program Files\CCleaner\CCleaner.exe

11:12:37.0025 0x2a78 CCleaner Monitoring - ok

11:12:37.0025 0x2a78 Waiting for KSN requests completion. In queue: 12

11:12:38.0039 0x2a78 Waiting for KSN requests completion. In queue: 12

11:12:39.0043 0x2a78 Waiting for KSN requests completion. In queue: 12

11:12:40.0088 0x2a78 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )

11:12:40.0181 0x2a78 Win FW state via NFP2: enabled

11:12:42.0719 0x2a78 ============================================================

11:12:42.0719 0x2a78 Scan finished

11:12:42.0719 0x2a78 ============================================================

11:12:42.0719 0x1980 Detected object count: 0

11:12:42.0719 0x1980 Actual detected object count: 0

Link to post
Share on other sites

No sign of Alureon here...

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

    [*]Click Start[*]Wait for the scan to finish[*]When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."[*] Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.[*]Close the ESET online scan, and let me know how things are now.

Link to post
Share on other sites

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

  • 1 month later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.