hmw1008 Posted February 5, 2015 ID:936553 Share Posted February 5, 2015 Today I woke up to do some homework online, I get a message page from my internet service Time Warner Cable, and they have notified me that I have a botnet! At the moment, I'm currently scanning avast and malwarebytes program to get it rid of it, but I'm not sure if its going to work, because I'm so paranoid. I've been here once before couple of years ago, and got help with a malware issue that I had. And I was satisfied with it, so I would like it if you may help me once more! Link to post Share on other sites More sharing options...
deeprybka Posted February 5, 2015 ID:936644 Share Posted February 5, 2015 Hi & My name is Jürgen and I will be assisting you with your Malware related problems. Before we move on, please read the following points carefully. My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.P2P/Piracy Warning:If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.Step 1 Please run a FRST scan. This will help us diagnose your problem. Please download Farbar Recovery Scan Tool and save it to your Desktop. (If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply. Link to post Share on other sites More sharing options...
hmw1008 Posted February 5, 2015 Author ID:936737 Share Posted February 5, 2015 Hello deeprybka! Here is the FRST.txt! And posting Addition.txt on next reply/ Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015Ran by Home (administrator) on HOME-PC on 05-02-2015 16:14:42Running from C:\Users\Home\DesktopLoaded Profiles: Home (Available profiles: Home)Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Windows\System32\PnkBstrA.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnkShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comSearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No FileBHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No FileHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741FF DefaultSearchEngine: GoogleFF NetworkProxy: "http", "1.179.143.178"FF NetworkProxy: "http_port", 3128FF NetworkProxy: "type", 0FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.jsFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xmlFF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] Chrome: =======CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]U3 apxlhe8b; C:\Windows\system32\Drivers\apxlhe8b.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-05 16:14 - 2015-02-05 16:14 - 00019436 _____ () C:\Users\Home\Desktop\FRST.txt2015-02-05 15:28 - 2015-02-05 16:14 - 00000000 ____D () C:\FRST2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe2015-01-26 20:27 - 2015-01-26 20:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox2015-01-23 14:16 - 2015-01-23 14:16 - 00243616 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 35.0.exe2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-05 16:13 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox2015-02-05 16:13 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox2015-02-05 16:12 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype2015-02-05 16:11 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-05 16:10 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-05 16:10 - 2009-07-13 22:39 - 00075122 _____ () C:\Windows\setupact.log2015-02-05 16:09 - 2010-11-20 15:48 - 00039932 _____ () C:\Windows\PFRO.log2015-02-05 15:36 - 2014-02-01 18:12 - 02048650 _____ () C:\Windows\WindowsUpdate.log2015-02-05 14:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-05 08:25 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys2015-02-05 08:22 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-05 08:21 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.02015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc2015-02-03 20:10 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk2015-01-20 12:29 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys2015-01-06 14:25 - 2014-07-23 02:12 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-01-06 14:25 - 2014-07-23 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware ==================== Files in the root of some directories ======= 2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel Some content of TEMP:====================C:\Users\Home\AppData\Local\Temp\1580uninstall.exeC:\Users\Home\AppData\Local\Temp\bdfilters.dllC:\Users\Home\AppData\Local\Temp\BingBarSetup-Partner.exeC:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcudqlt.dllC:\Users\Home\AppData\Local\Temp\JDSetup130462413332658678.exeC:\Users\Home\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exeC:\Users\Home\AppData\Local\Temp\jre-8u31-windows-au.exeC:\Users\Home\AppData\Local\Temp\mpam-cfdb5341.exeC:\Users\Home\AppData\Local\Temp\optprosetup.exeC:\Users\Home\AppData\Local\Temp\ose00000.exeC:\Users\Home\AppData\Local\Temp\proxy_vole2771621787586578924.dllC:\Users\Home\AppData\Local\Temp\SkypeSetup.exeC:\Users\Home\AppData\Local\Temp\welcome_jpn.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 02:03 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
hmw1008 Posted February 5, 2015 Author ID:936739 Share Posted February 5, 2015 Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015Ran by Home at 2015-02-05 16:16:08Running from C:\Users\Home\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)Adobe Premiere Elements 9 Content (HKLM\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)Archeblade (HKLM\...\Steam App 207230) (Version: - CodeBrush Games)Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)Bandicam (HKLM\...\Bandicam) (Version: 2.0.1.651 - Bandisoft.com)Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.135 - Broadcom Corporation)Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.4.9.2 - Broadcom Corporation)Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.6.1 - Broadcom Corporation)Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) HiddenCisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) HiddenCisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) HiddenContent Manager Assistant for PlayStation® (HKLM\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)D3DX10 (Version: 15.4.2368.0902 - Microsoft) HiddenDAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)Dropbox (HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)DuckCapture Standard 2.7 (HKLM\...\DuckCapture_is1) (Version: 2.7 - DuckLink)Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) HiddenElements STI Installer (Version: 1.0 - Adobe Systems Incorporated) HiddenFLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)foobar2000 v1.3.1 (HKLM\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)Google Update Helper (Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.26.9 - Google Inc.) HiddenGoogle 日本語入力 (HKLM\...\{56CB4ACA-C79E-439D-B55E-68EA8D57C467}) (Version: 1.13.1641.0 - Google Inc.)Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )HF pAppLoc version 1.1 (HKLM\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1 - Inquisitor)Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)LINE (HKLM\...\LINE) (Version: 3.9.1.188 - LINE Corporation)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation)Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)MKVToolNix 6.7.0 [20140102-565] (HKLM\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMozilla Firefox 35.0.1 (x86 ja) (HKLM\...\Mozilla Firefox 35.0.1 (x86 ja)) (Version: 35.0.1 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)qBittorrent 3.1.8 (HKLM\...\qbittorrent) (Version: 3.1.8 - The qBittorrent project)Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) HiddenService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)SmartSound Quicktracks for Premiere Elements 9.0 (HKLM\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) HiddenSteam (HKLM\...\Steam) (Version: - Valve Corporation)Tixati (HKLM\...\tixati) (Version: - )Tom Clancy's Ghost Recon Phantoms - NA (HKLM\...\Steam App 243870) (Version: - Ubisoft Singapore)Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)XMedia Recode version 3.1.8.4 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.4 - XMedia Recode) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll No FileCustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:04 - 2009-06-10 15:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C23445C-A760-4634-B9A0-EB280AD6891C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)Task: {1DDEFBDC-A5B9-4569-9BCC-FA5CCA6B3935} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {2828B5AE-1AEC-4363-8B73-947A76D3069B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {308944FE-8032-47CB-B624-1730B1E13176} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)Task: {8210113A-F918-470A-B812-26177AA90A08} - System32\Tasks\AdobeAAMUpdater-1.0-Home-PC-Home => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)Task: {992951D0-0FCD-4EE9-BB1C-FC5A751B9490} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-08] (AVAST Software)Task: {E1F7CBDA-5AF3-43AA-9E16-B9A5DC291879} - System32\Tasks\{DE5C1EA8-35F0-4744-B56A-0B2FA27465AE} => Chrome.exe http://ui.skype.com/ui/0/6.13.0.104/en/abandoninstall?source=lightinstaller&page=tsBingTask: {F0100D7C-9C62-4D30-BBF6-5F58090D1E26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-05 07:30 - 2015-02-05 07:30 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020500\algo.dll2014-05-10 00:51 - 2014-05-10 00:51 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe2014-01-29 23:12 - 2014-01-29 23:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll2015-01-08 10:04 - 2015-01-08 10:04 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2014-11-12 23:54 - 2014-11-12 23:54 - 00113664 _____ () C:\Program Files\Naver\LINE\PlayerHelper.dll2015-02-03 02:08 - 2015-02-03 02:08 - 03123048 _____ () C:\Program Files\Naver\LINE\ampkit_windows.dll2014-08-21 06:48 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll2014-08-21 06:48 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files\DuckLink\DuckCapture\QtGui4.dll2014-08-21 06:48 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files\DuckLink\DuckCapture\QtCore4.dll2014-08-21 06:48 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files\DuckLink\DuckCapture\QtNetwork4.dll2014-08-21 06:48 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll2014-08-21 06:48 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files\DuckLink\DuckCapture\QtScript4.dll2014-08-21 06:48 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files\DuckLink\DuckCapture\QtScriptTools4.dll2014-08-21 06:48 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files\DuckLink\DuckCapture\QxtGui.dll2014-08-21 06:48 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files\DuckLink\DuckCapture\QxtCore.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qico4.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll2014-10-21 18:22 - 2014-10-21 18:22 - 00750080 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libGLESv2.dll2015-02-05 16:13 - 2015-02-05 16:13 - 00043008 _____ () c:\users\home\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcudqlt.dll2014-10-21 18:22 - 2014-10-21 18:22 - 00047616 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libEGL.dll2014-10-21 18:22 - 2014-10-21 18:22 - 00863744 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll2014-10-21 18:22 - 2014-10-21 18:22 - 00200704 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll2015-02-03 20:10 - 2015-01-26 21:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll2015-02-03 20:10 - 2015-01-26 21:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll2015-02-03 20:10 - 2015-01-26 21:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-4195104481-2079486966-316092486-500 - Administrator - Disabled)Guest (S-1-5-21-4195104481-2079486966-316092486-501 - Limited - Disabled)Home (S-1-5-21-4195104481-2079486966-316092486-1000 - Administrator - Enabled) => C:\Users\Home ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Lexmark X422Description: Lexmark X422Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: LexmarkService: usbscanProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )Description: ConnectifySvc error: 6Failed to SetServiceStatus Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861 System errors:=============Error: (02/05/2015 04:10:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AVG WatchDog service failed to start due to the following error: %%2 Error: (02/05/2015 04:10:00 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (02/05/2015 08:14:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AVG WatchDog service failed to start due to the following error: %%2 Error: (02/05/2015 08:11:21 AM) (Source: DCOM) (EventID: 10010) (User: )Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (02/05/2015 07:29:27 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Error: (02/05/2015 07:29:07 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Error: (02/05/2015 07:28:47 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Error: (02/05/2015 07:28:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. Error: (02/05/2015 06:46:49 AM) (Source: Disk) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR3. Error: (02/04/2015 11:23:05 PM) (Source: DCOM) (EventID: 10000) (User: )Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}8{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Microsoft Office Sessions:=========================Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )Description: ConnectifySvc error: 6Failed to SetServiceStatus Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861 ==================== Memory info =========================== Processor: Intel® Pentium® CPU B960 @ 2.20GHzPercentage of memory in use: 82%Total physical RAM: 3397.19 MBAvailable physical RAM: 597.93 MBTotal Pagefile: 6792.66 MBAvailable Pagefile: 3390.23 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1898.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.05 GB) (Free:11.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 4C90DB35)Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
deeprybka Posted February 5, 2015 ID:936744 Share Posted February 5, 2015 Hi, Step 1 Please download Combofix (by sUBs) and save it to your Desktop.Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.Start Combofix.exe and follow its instructions.Do not use the computer while the scan is running. This may cause the program to stall.When finished, a log file will be displayed (that can also be found at C:\Combofix.txt). Please copy and paste the contents of this file into your next post.Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer. (You can find more detailed instructions in this guide on using Combofix.) Step 2 Scan with Malwarebytes Anti-MalwarePlease open Malwarebytes Anti-Malware.Please update the database by clicking on the "Update Now" button.Following the update and click "Settings" [1] and go to "Detection and Protection" [2]Make sure "Scan for Rootkits" is checked.Click on Dashboard [3], then click on Scan Now [4] to start the scan. :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]A window with an option to view the detailed log will appear. Click on "View detailed log".After viewing the results, please click on the "Copy to Clipboard" button and then OK.Return to our forum. Paste your log into your next reply. Step 3 Start FRST with administator privileges.Make sure the following option is checked: Press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from. Please copy and paste these logs in your next reply. Link to post Share on other sites More sharing options...
hmw1008 Posted February 5, 2015 Author ID:936753 Share Posted February 5, 2015 Combofix log file: ComboFix 15-02-02.01 - Home 2015/02/05 17:09:17.1.2 - x86Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.3397.928 [GMT -6:00]Running from: c:\users\Home\Downloads\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\apppatch\AppLoc.exec:\windows\apppatch\unins000.datc:\windows\apppatch\unins000.exe..((((((((((((((((((((((((( Files Created from 2015-01-05 to 2015-02-05 )))))))))))))))))))))))))))))))..2015-02-05 23:21 . 2015-02-05 23:21 -------- d-----w- c:\users\Default\AppData\Local\temp2015-02-05 21:28 . 2015-02-05 22:17 -------- d-----w- C:\FRST2015-01-21 10:54 . 2015-02-01 10:07 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6AFD223-B751-433E-B4AE-90B8DEA79052}\offreg.dll2015-01-08 16:04 . 2015-01-08 16:04 291352 ----a-w- c:\windows\system32\aswBoot.exe2015-01-08 16:04 . 2015-01-08 16:04 43152 ----a-w- c:\windows\avastSS.scr...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2015-02-05 14:25 . 2014-06-04 01:05 114904 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2015-01-08 16:05 . 2014-09-30 07:29 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys2015-01-08 16:05 . 2014-09-30 07:29 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys2015-01-08 16:04 . 2014-09-30 07:29 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys2015-01-08 16:04 . 2014-09-30 07:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys2015-01-08 16:04 . 2014-09-30 07:29 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2015-01-08 16:04 . 2014-09-30 07:29 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2015-01-08 16:04 . 2014-09-30 07:29 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys2015-01-08 16:04 . 2014-09-30 07:29 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2014-11-21 12:14 . 2014-07-23 08:12 51928 ----a-w- c:\windows\system32\drivers\mwac.sys2014-11-21 12:14 . 2014-07-23 08:12 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2014-11-21 12:14 . 2014-07-23 08:12 23256 ----a-w- c:\windows\system32\drivers\mbam.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2015-01-08 16:04 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]"Line"="c:\program files\Naver\LINE\Line.exe" [2015-02-03 4031336]"DuckCapture"="c:\program files\DuckLink\DuckCapture\DuckCapture.exe" [2011-11-04 436736]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-11 30877280].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 145880]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 181208]"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 189912]"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]"Google Japanese Input Prelauncher"="c:\program files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" [2013-12-18 1435672]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"XeroxEndeavorBackgroundTask"="xrWCbgnd.dll" [2009-07-14 53760]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112].c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk - c:\program files\Sony\Content Manager Assistant\CMA.exe [2014-9-16 3696248].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0)"SoftwareSASGeneration"= 1 (0x1).[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411] Ime File REG_SZ GIMEJA.IME.R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-01-08 91496]R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2014-09-29 94520]R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2014-01-22 5267776]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-02 1343400]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-02-05 114904]S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-01-08 787800]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-01-08 423784]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-25 243128]S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-01-08 24184]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-01-08 70384]S2 GoogleIMEJaCacheService;Google Japanese Input Cache Service;c:\program files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [2013-12-18 754712]S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-09-29 179600]S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 59944]S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 18472]S3 bScsiMSx;bScsiMSx;c:\windows\system32\DRIVERS\bScsiMSx.sys [2010-12-10 32296]S3 bScsiSDx;bScsiSDx;c:\windows\system32\DRIVERS\bScsiSDx.sys [2010-12-12 55336]S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2010-11-01 348712]S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0103.sys [2014-06-25 26880]..[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2015-02-04 02:10 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 00:41].2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 00:41]..------- Supplementary Scan -------.uStart Page = www.google.commStart Page = www.google.comuSearchAssistant = hxxp://www.google.comIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200TCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\FF - prefs.js: network.proxy.http - 1.179.143.178FF - prefs.js: network.proxy.http_port - 3128FF - prefs.js: network.proxy.type - 0FF - user.js: extensions.nspdlsd.aflt - spd_ir_14_23_chFF - user.js: extensions.nspdlsd.instlRef - 142905_bFF - user.js: extensions.nspdlsd.cr - 866866320FF - user.js: extensions.nspdlsd.cd - 2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q.- - - - ORPHANS REMOVED - - - -.AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]"ImagePath"="c:\windows\system32\GameMon.des -service".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2015-02-05 17:24:15ComboFix-quarantined-files.txt 2015-02-05 23:24.Pre-Run: 11,791,745,024 bytes freePost-Run: 19,393,060,864 bytes free.- - End Of File - - CFDD71389B325DAAD2E3946FF3B9E949A36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
hmw1008 Posted February 6, 2015 Author ID:936762 Share Posted February 6, 2015 Malwarebytes file: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 2015/02/05Scan Time: 17:28:48Logfile: Administrator: Yes Version: 2.00.4.1028Malware Database: v2015.02.05.11Rootkit Database: v2015.02.03.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x86File System: NTFSUser: Home Scan Type: Threat ScanResult: CompletedObjects Scanned: 331827Time Elapsed: 31 min, 18 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledHeuristics: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) Link to post Share on other sites More sharing options...
hmw1008 Posted February 6, 2015 Author ID:936768 Share Posted February 6, 2015 FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015Ran by Home (administrator) on HOME-PC on 05-02-2015 18:03:08Running from C:\Users\Home\DesktopLoaded Profiles: Home (Available profiles: Home)Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)Internet Explorer Version 11 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Windows\System32\PnkBstrA.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnkShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\S-1-5-21-4195104481-2079486966-316092486-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchSearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q&cr=866866320&ir=BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No FileBHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No FileHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741FF DefaultSearchEngine: GoogleFF NetworkProxy: "http", "1.179.143.178"FF NetworkProxy: "http_port", 3128FF NetworkProxy: "type", 0FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.jsFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xmlFF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] Chrome: =======CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]U3 apxlhe8b; C:\Windows\system32\Drivers\apxlhe8b.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)U3 catchme; \??\C:\Users\Home\AppData\Local\Temp\catchme.sys [X]U3 mbr; \??\C:\ComboFix\mbr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-05 17:24 - 2015-02-05 17:24 - 00012787 _____ () C:\ComboFix.txt2015-02-05 17:05 - 2015-02-05 17:24 - 00000000 ____D () C:\Qoobox2015-02-05 17:05 - 2015-02-05 17:22 - 00000000 ____D () C:\Windows\erdnt2015-02-05 17:05 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe2015-02-05 17:05 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe2015-02-05 17:05 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe2015-02-05 17:01 - 2015-02-05 17:02 - 05611380 ____R (Swearware) C:\Users\Home\Downloads\ComboFix.exe2015-02-05 16:16 - 2015-02-05 16:17 - 00025901 _____ () C:\Users\Home\Desktop\Addition.txt2015-02-05 16:14 - 2015-02-05 18:03 - 00020312 _____ () C:\Users\Home\Desktop\FRST.txt2015-02-05 15:28 - 2015-02-05 18:03 - 00000000 ____D () C:\FRST2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe2015-01-26 20:27 - 2015-01-26 20:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox2015-01-23 14:16 - 2015-01-23 14:16 - 00243616 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 35.0.exe2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-05 18:00 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype2015-02-05 17:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-05 17:28 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public2015-02-05 17:21 - 2009-07-13 20:04 - 00000215 _____ () C:\Windows\system.ini2015-02-05 16:20 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-05 16:20 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-05 16:16 - 2014-02-01 18:12 - 02050667 _____ () C:\Windows\WindowsUpdate.log2015-02-05 16:13 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox2015-02-05 16:13 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox2015-02-05 16:11 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-05 16:10 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-05 16:10 - 2009-07-13 22:39 - 00075122 _____ () C:\Windows\setupact.log2015-02-05 16:09 - 2010-11-20 15:48 - 00039932 _____ () C:\Windows\PFRO.log2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati2015-02-05 14:36 - 2014-06-25 01:23 - 00000000 ____D () C:\Program Files\PacketiX VPN Client2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.02015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc2015-02-03 20:10 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk2015-01-20 12:29 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys2015-01-06 14:25 - 2014-07-23 02:12 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-01-06 14:25 - 2014-07-23 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware ==================== Files in the root of some directories ======= 2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 02:03 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
hmw1008 Posted February 6, 2015 Author ID:936770 Share Posted February 6, 2015 Additional.txt: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015Ran by Home at 2015-02-05 18:04:02Running from C:\Users\Home\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)Adobe Premiere Elements 9 Content (HKLM\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)Archeblade (HKLM\...\Steam App 207230) (Version: - CodeBrush Games)Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)Bandicam (HKLM\...\Bandicam) (Version: 2.0.1.651 - Bandisoft.com)Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.135 - Broadcom Corporation)Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.4.9.2 - Broadcom Corporation)Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.6.1 - Broadcom Corporation)Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) HiddenCisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) HiddenCisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) HiddenContent Manager Assistant for PlayStation® (HKLM\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)D3DX10 (Version: 15.4.2368.0902 - Microsoft) HiddenDAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)Dropbox (HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)DuckCapture Standard 2.7 (HKLM\...\DuckCapture_is1) (Version: 2.7 - DuckLink)Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) HiddenElements STI Installer (Version: 1.0 - Adobe Systems Incorporated) HiddenFLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)foobar2000 v1.3.1 (HKLM\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)Google Update Helper (Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.26.9 - Google Inc.) HiddenGoogle 日本語入力 (HKLM\...\{56CB4ACA-C79E-439D-B55E-68EA8D57C467}) (Version: 1.13.1641.0 - Google Inc.)Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)LINE (HKLM\...\LINE) (Version: 3.9.1.188 - LINE Corporation)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation)Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)MKVToolNix 6.7.0 [20140102-565] (HKLM\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMozilla Firefox 35.0.1 (x86 ja) (HKLM\...\Mozilla Firefox 35.0.1 (x86 ja)) (Version: 35.0.1 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)qBittorrent 3.1.8 (HKLM\...\qbittorrent) (Version: 3.1.8 - The qBittorrent project)Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) HiddenService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)SmartSound Quicktracks for Premiere Elements 9.0 (HKLM\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) HiddenSteam (HKLM\...\Steam) (Version: - Valve Corporation)Tixati (HKLM\...\tixati) (Version: - )Tom Clancy's Ghost Recon Phantoms - NA (HKLM\...\Steam App 243870) (Version: - Ubisoft Singapore)Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)XMedia Recode version 3.1.8.4 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.4 - XMedia Recode) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll No FileCustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 05-02-2015 17:05:41 ComboFix created restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:04 - 2015-02-05 17:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C23445C-A760-4634-B9A0-EB280AD6891C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)Task: {1DDEFBDC-A5B9-4569-9BCC-FA5CCA6B3935} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {2828B5AE-1AEC-4363-8B73-947A76D3069B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {308944FE-8032-47CB-B624-1730B1E13176} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)Task: {8210113A-F918-470A-B812-26177AA90A08} - System32\Tasks\AdobeAAMUpdater-1.0-Home-PC-Home => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)Task: {992951D0-0FCD-4EE9-BB1C-FC5A751B9490} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-08] (AVAST Software)Task: {E1F7CBDA-5AF3-43AA-9E16-B9A5DC291879} - System32\Tasks\{DE5C1EA8-35F0-4744-B56A-0B2FA27465AE} => Chrome.exe http://ui.skype.com/ui/0/6.13.0.104/en/abandoninstall?source=lightinstaller&page=tsBingTask: {F0100D7C-9C62-4D30-BBF6-5F58090D1E26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-05 07:30 - 2015-02-05 07:30 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020500\algo.dll2015-02-05 16:14 - 2015-02-05 16:14 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020501\algo.dll2014-05-10 00:51 - 2014-05-10 00:51 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe2014-01-29 23:12 - 2014-01-29 23:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll2015-01-08 10:04 - 2015-01-08 10:04 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2014-11-12 23:54 - 2014-11-12 23:54 - 00113664 _____ () C:\Program Files\Naver\LINE\PlayerHelper.dll2015-02-03 02:08 - 2015-02-03 02:08 - 03123048 _____ () C:\Program Files\Naver\LINE\ampkit_windows.dll2014-08-21 06:48 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll2014-08-21 06:48 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files\DuckLink\DuckCapture\QtGui4.dll2014-08-21 06:48 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files\DuckLink\DuckCapture\QtCore4.dll2014-08-21 06:48 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files\DuckLink\DuckCapture\QtNetwork4.dll2014-08-21 06:48 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll2014-08-21 06:48 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files\DuckLink\DuckCapture\QtScript4.dll2014-08-21 06:48 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files\DuckLink\DuckCapture\QtScriptTools4.dll2014-08-21 06:48 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files\DuckLink\DuckCapture\QxtGui.dll2014-08-21 06:48 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files\DuckLink\DuckCapture\QxtCore.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qico4.dll2014-08-21 06:48 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll2015-02-03 20:10 - 2015-01-26 21:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll2015-02-03 20:10 - 2015-01-26 21:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll2015-02-03 20:10 - 2015-01-26 21:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-4195104481-2079486966-316092486-500 - Administrator - Disabled)Guest (S-1-5-21-4195104481-2079486966-316092486-501 - Limited - Disabled)Home (S-1-5-21-4195104481-2079486966-316092486-1000 - Administrator - Enabled) => C:\Users\Home ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Lexmark X422Description: Lexmark X422Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: LexmarkService: usbscanProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )Description: ConnectifySvc error: 6Failed to SetServiceStatus Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861 System errors:=============Error: (02/05/2015 05:21:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (02/05/2015 05:15:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (02/05/2015 05:08:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (02/05/2015 04:10:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AVG WatchDog service failed to start due to the following error: %%2 Error: (02/05/2015 04:10:00 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (02/05/2015 08:14:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AVG WatchDog service failed to start due to the following error: %%2 Error: (02/05/2015 08:11:21 AM) (Source: DCOM) (EventID: 10010) (User: )Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (02/05/2015 07:29:27 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Error: (02/05/2015 07:29:07 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Error: (02/05/2015 07:28:47 AM) (Source: bScsiSDx) (EventID: 15) (User: )Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet. Microsoft Office Sessions:=========================Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )Description: ConnectifySvc error: 6Failed to SetServiceStatus Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2506889 Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2505875 Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861 ==================== Memory info =========================== Processor: Intel® Pentium® CPU B960 @ 2.20GHzPercentage of memory in use: 70%Total physical RAM: 3397.19 MBAvailable physical RAM: 995.21 MBTotal Pagefile: 6792.66 MBAvailable Pagefile: 3069.74 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1903.26 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.05 GB) (Free:18.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 4C90DB35)Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
deeprybka Posted February 6, 2015 ID:936951 Share Posted February 6, 2015 Hi,Step 1Press the + R on your keyboard at the same time. Type notepad and click OK.Copy the entire content of the codebox below and paste into the notepad document:CloseProcesses:HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=FF NetworkProxy: "http", "1.179.143.178"FF NetworkProxy: "http_port", 3128FF Plugin: @microsoft.com/GENUINE -> disabled No FileCreateRestorePoint:EmptyTemp:Click File, Save As and type fixlist.txt as the File Name.Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!Right-click on icon and select Run as Administrator to start the tool.(XP users click run after receipt of Windows Security Warning - Open File).Press the Fix button just once and wait.If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.When finished FRST will generate a log on the Desktop, called Fixlog.txt.Please post it to your reply.Step 2Reset Chrome BrowserChrome - Reset browser settingsStep 3Start FRST with administator privileges.Press the Scan button.When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.Please copy and paste the log in your next reply. Link to post Share on other sites More sharing options...
hmw1008 Posted February 6, 2015 Author ID:937068 Share Posted February 6, 2015 Fixlog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2015Ran by Home at 2015-02-06 13:26:54 Run:1Running from C:\Users\Home\DesktopLoaded Profiles: Home (Available profiles: Home)Boot Mode: Normal ============================================== Content of fixlist:*****************CloseProcesses:HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=FF NetworkProxy: "http", "1.179.143.178"FF NetworkProxy: "http_port", 3128FF Plugin: @microsoft.com/GENUINE -> disabled No FileCreateRestorePoint:EmptyTemp:***************** Processes closed successfully."HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully."HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully."HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully.HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully."HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. "HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully.HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. Firefox Proxy settings were reset.Firefox Proxy settings were reset."HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.Restore point was successfully created.EmptyTemp: => Removed 1.4 GB temporary data. The system needed a reboot. ==== End of Fixlog 13:29:54 ==== Link to post Share on other sites More sharing options...
deeprybka Posted February 6, 2015 ID:937069 Share Posted February 6, 2015 OK... Link to post Share on other sites More sharing options...
hmw1008 Posted February 6, 2015 Author ID:937072 Share Posted February 6, 2015 Fixlog.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015Ran by Home (administrator) on HOME-PC on 06-02-2015 13:40:04Running from C:\Users\Home\DesktopLoaded Profiles: Home (Available profiles: Home)Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Windows\System32\PnkBstrA.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnkShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\S-1-5-21-4195104481-2079486966-316092486-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchBHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No FileBHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No FileHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741FF DefaultSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.jsFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xmlFF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xmlFF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30] Chrome: =======CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]CHR Extension: (Sad Panda) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-02-28]CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]U3 anteyv94; C:\Windows\system32\Drivers\anteyv94.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)S3 catchme; \??\C:\Users\Home\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-05 17:24 - 2015-02-05 17:24 - 00012787 _____ () C:\ComboFix.txt2015-02-05 17:05 - 2015-02-05 17:24 - 00000000 ____D () C:\Qoobox2015-02-05 17:05 - 2015-02-05 17:22 - 00000000 ____D () C:\Windows\erdnt2015-02-05 17:05 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe2015-02-05 17:05 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe2015-02-05 17:05 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe2015-02-05 17:05 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe2015-02-05 17:01 - 2015-02-05 17:02 - 05611380 ____R (Swearware) C:\Users\Home\Downloads\ComboFix.exe2015-02-05 16:16 - 2015-02-05 18:04 - 00025611 _____ () C:\Users\Home\Desktop\Addition.txt2015-02-05 16:14 - 2015-02-06 13:40 - 00015418 _____ () C:\Users\Home\Desktop\FRST.txt2015-02-05 15:28 - 2015-02-06 13:40 - 00000000 ____D () C:\FRST2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-06 13:33 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox2015-02-06 13:33 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox2015-02-06 13:33 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype2015-02-06 13:32 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-06 13:32 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-06 13:31 - 2010-11-20 15:48 - 00040478 _____ () C:\Windows\PFRO.log2015-02-06 13:31 - 2009-07-13 22:39 - 00075290 _____ () C:\Windows\setupact.log2015-02-06 13:30 - 2014-02-01 18:12 - 02054765 _____ () C:\Windows\WindowsUpdate.log2015-02-06 13:25 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note2015-02-06 12:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-06 01:49 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-05 17:28 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public2015-02-05 17:21 - 2009-07-13 20:04 - 00000215 _____ () C:\Windows\system.ini2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati2015-02-05 14:36 - 2014-06-25 01:23 - 00000000 ____D () C:\Program Files\PacketiX VPN Client2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.02015-02-04 23:24 - 2014-09-21 17:56 - 00000000 ____D () C:\Users\Home\Downloads\asn2015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys ==================== Files in the root of some directories ======= 2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel Some content of TEMP:====================C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvzous.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 02:03 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
deeprybka Posted February 6, 2015 ID:937074 Share Posted February 6, 2015 Let's do a final check up: Step 1 Please downloadOnline Scanner and save it to your Desktop.Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.Start with administartor privileges.Select the option Yes, I accept the Terms of Use and click on Start.Choose the following settings:Click on Start. The virus signature database will begin to download. This may take some time.When completed the Online Scan will begin automatically. Note: This scan might take a long time! Please be patient.When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!Now click on FinishA log fileis created at Copy and paste the content of this log file in your next reply. Note: Do not forget to re-enable your antivirus application after running the above scan! Link to post Share on other sites More sharing options...
hmw1008 Posted February 7, 2015 Author ID:937260 Share Posted February 7, 2015 Oops, sorry deeprabka, missed up the first time by doing "Uninstall application on close" first before copying the log file!Well anyways here it is! ESET file: ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7623# api_version=3.0.2# EOSSerial=fe2f085591de4246af2b0228aaf03a77# engine=22347# end=finished# remove_checked=false# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2015-02-07 01:03:53# local_time=2015-02-06 07:03:53 (-0600, Central Standard Time)# country="Japan"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1='avast! Antivirus'# compatibility_mode=783 16777213 71 95 31057 10287338 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776573 100 94 0 174815824 0 0# scanned=157771# found=0# cleaned=0# scan_time=8912 Link to post Share on other sites More sharing options...
deeprybka Posted February 7, 2015 ID:937261 Share Posted February 7, 2015 Step 1 Please download TDSSiller and save it to your Desktop.Start tdsskiller.exe with administrator privileges.Accept the EULA and the KSN Statement.Click on Change parameters. (1)Make sure that all available options (except "Loaded modules") are checked and click OK. (2)Click on Start scan.If any threats are found don't delete them but choose the Skip option for all of them.Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt). Copy and paste its contents in your next reply. Link to post Share on other sites More sharing options...
hmw1008 Posted February 7, 2015 Author ID:937381 Share Posted February 7, 2015 I keep getting an error of "post_too_long," I guess I'll just post halve of the report on each reply Link to post Share on other sites More sharing options...
hmw1008 Posted February 7, 2015 Author ID:937382 Share Posted February 7, 2015 03:00:34.0216 0x02b8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:0403:00:38.0281 0x02b8 ============================================================03:00:38.0281 0x02b8 Current date / time: 2015/02/07 03:00:38.028103:00:38.0281 0x02b8 SystemInfo:03:00:38.0281 0x02b8 03:00:38.0281 0x02b8 OS Version: 6.1.7601 ServicePack: 1.003:00:38.0281 0x02b8 Product type: Workstation03:00:38.0281 0x02b8 ComputerName: HOME-PC03:00:38.0281 0x02b8 UserName: Home03:00:38.0281 0x02b8 Windows directory: C:\Windows03:00:38.0281 0x02b8 System windows directory: C:\Windows03:00:38.0281 0x02b8 Processor architecture: Intel x8603:00:38.0281 0x02b8 Number of processors: 203:00:38.0281 0x02b8 Page size: 0x100003:00:38.0281 0x02b8 Boot type: Normal boot03:00:38.0282 0x02b8 ============================================================03:00:40.0951 0x02b8 KLMD registered as C:\Windows\system32\drivers\80541108.sys03:00:41.0943 0x02b8 System UUID: {4CBBA671-734A-D9C9-1D54-BF79E8E922C9}03:00:43.0659 0x02b8 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005003:00:43.0681 0x02b8 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'03:00:44.0022 0x02b8 ============================================================03:00:44.0022 0x02b8 \Device\Harddisk0\DR0:03:00:44.0052 0x02b8 MBR partitions:03:00:44.0052 0x02b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A1880003:00:44.0052 0x02b8 \Device\Harddisk1\DR1:03:00:44.0062 0x02b8 MBR partitions:03:00:44.0062 0x02b8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A38503003:00:44.0062 0x02b8 ============================================================03:00:44.0105 0x02b8 C: <-> \Device\Harddisk0\DR0\Partition103:00:44.0145 0x02b8 E: <-> \Device\Harddisk1\DR1\Partition103:00:44.0145 0x02b8 ============================================================03:00:44.0145 0x02b8 Initialize success03:00:44.0145 0x02b8 ============================================================03:02:10.0028 0x051c ============================================================03:02:10.0028 0x051c Scan started03:02:10.0028 0x051c Mode: Manual; SigCheck; TDLFS; 03:02:10.0028 0x051c ============================================================03:02:10.0028 0x051c KSN ping started03:02:12.0924 0x051c KSN ping finished: true03:02:14.0164 0x051c ================ Scan system memory ========================03:02:14.0164 0x051c System memory - ok03:02:14.0164 0x051c ================ Scan services =============================03:02:14.0751 0x051c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys03:02:15.0204 0x051c 1394ohci - ok03:02:15.0244 0x051c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys03:02:15.0383 0x051c ACPI - ok03:02:15.0446 0x051c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys03:02:15.0673 0x051c AcpiPmi - ok03:02:15.0855 0x051c [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe03:02:16.0023 0x051c AdobeActiveFileMonitor9.0 - ok03:02:16.0156 0x051c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe03:02:16.0451 0x051c AdobeARMservice - ok03:02:16.0517 0x051c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys03:02:16.0632 0x051c adp94xx - ok03:02:16.0712 0x051c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys03:02:16.0772 0x051c adpahci - ok03:02:16.0813 0x051c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys03:02:16.0843 0x051c adpu320 - ok03:02:16.0873 0x051c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll03:02:17.0249 0x051c AeLookupSvc - ok03:02:17.0310 0x051c [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys03:02:17.0474 0x051c AFD - ok03:02:17.0520 0x051c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys03:02:17.0648 0x051c agp440 - ok03:02:17.0701 0x051c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys03:02:17.0759 0x051c aic78xx - ok03:02:17.0822 0x051c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe03:02:17.0967 0x051c ALG - ok03:02:18.0010 0x051c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys03:02:18.0050 0x051c aliide - ok03:02:18.0090 0x051c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys03:02:18.0170 0x051c amdagp - ok03:02:18.0195 0x051c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys03:02:18.0245 0x051c amdide - ok03:02:18.0285 0x051c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys03:02:18.0347 0x051c AmdK8 - ok03:02:18.0367 0x051c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys03:02:18.0508 0x051c AmdPPM - ok03:02:18.0563 0x051c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys03:02:18.0643 0x051c amdsata - ok03:02:18.0689 0x051c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys03:02:18.0798 0x051c amdsbs - ok03:02:18.0824 0x051c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys03:02:18.0854 0x051c amdxata - ok03:02:18.0899 0x051c [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys03:02:18.0979 0x051c AppID - ok03:02:19.0018 0x051c [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll03:02:19.0122 0x051c AppIDSvc - ok03:02:19.0142 0x051c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll03:02:19.0262 0x051c Appinfo - ok03:02:19.0340 0x051c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys03:02:19.0419 0x051c arc - ok03:02:19.0438 0x051c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys03:02:19.0498 0x051c arcsas - ok03:02:19.0698 0x051c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe03:02:19.0778 0x051c aspnet_state - ok03:02:19.0813 0x051c [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys03:02:19.0924 0x051c aswHwid - ok03:02:19.0944 0x051c [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys03:02:20.0007 0x051c aswMonFlt - ok03:02:20.0037 0x051c [ DE8D7912469E4BC5FAED78D9D1076888, 8545139B7A7D0B672A0225686BFB03EBEA6E7202D93B772CB2F74CA9E4D7F81D ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys03:02:20.0186 0x051c aswRdr - ok03:02:20.0218 0x051c [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys03:02:20.0299 0x051c aswRvrt - ok03:02:20.0467 0x051c [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys03:02:20.0580 0x051c aswSnx - ok03:02:20.0628 0x051c [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP C:\Windows\system32\drivers\aswSP.sys03:02:20.0731 0x051c aswSP - ok03:02:20.0771 0x051c [ 401E663D9CBAFB580FF37A1A44AC84D9, EFF1DA23A1F316B0FA03467F6C04B83EA39D8484A1A7EDF5FCFF20F1CF8DC2E2 ] aswStm C:\Windows\system32\drivers\aswStm.sys03:02:20.0871 0x051c aswStm - ok03:02:20.0910 0x051c [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys03:02:20.0997 0x051c aswVmm - ok03:02:21.0026 0x051c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys03:02:21.0165 0x051c AsyncMac - ok03:02:21.0198 0x051c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys03:02:21.0235 0x051c atapi - ok03:02:21.0284 0x051c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll03:02:21.0394 0x051c AudioEndpointBuilder - ok03:02:21.0422 0x051c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll03:02:21.0486 0x051c Audiosrv - ok03:02:21.0556 0x051c [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe03:02:21.0626 0x051c avast! Antivirus - ok03:02:21.0666 0x051c avgwd - ok03:02:21.0706 0x051c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll03:02:21.0817 0x051c AxInstSV - ok03:02:21.0867 0x051c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys03:02:21.0958 0x051c b06bdrv - ok03:02:22.0002 0x051c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys03:02:22.0095 0x051c b57nd60x - ok03:02:22.0135 0x051c [ 5CD0EB84E73132C10CDDC8BCF64E37C0, 2576E080AA0D4E2ADCC2F9BECDE3DCCDB452FEA60BC837F85169187353D03770 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys03:02:22.0195 0x051c b57xdbd - ok03:02:22.0225 0x051c [ 14A09B48562F63257265FB5E42B00AC7, 34E85B9E303D3AC7661150224D09F175EAA42BB7A2FD6D324501D2F0E7345985 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys03:02:22.0245 0x051c b57xdmp - ok03:02:22.0611 0x051c [ 8AA13A6CD43499A7ADE49B4B9089302F, FE1CE3A79271DE15F3BE88FDF93211FA49ABF726A818045969C77B738F027F85 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys03:02:22.0958 0x051c BCM43XX - ok03:02:23.0008 0x051c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll03:02:23.0108 0x051c BDESVC - ok03:02:23.0128 0x17b4 Object required for P2P: [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata03:02:23.0148 0x051c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys03:02:23.0225 0x051c Beep - ok03:02:23.0282 0x051c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll03:02:23.0540 0x051c BFE - ok03:02:23.0601 0x051c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll03:02:23.0728 0x051c BITS - ok03:02:23.0765 0x051c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys03:02:23.0828 0x051c blbdrive - ok03:02:23.0868 0x051c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys03:02:23.0942 0x051c bowser - ok03:02:23.0972 0x051c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys03:02:24.0092 0x051c BrFiltLo - ok03:02:24.0112 0x051c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys03:02:24.0162 0x051c BrFiltUp - ok03:02:24.0205 0x051c [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys03:02:24.0288 0x051c BridgeMP - ok03:02:24.0331 0x051c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll03:02:24.0515 0x051c Browser - ok03:02:24.0584 0x051c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys03:02:24.0710 0x051c Brserid - ok03:02:24.0723 0x051c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys03:02:24.0795 0x051c BrSerWdm - ok03:02:24.0817 0x051c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys03:02:24.0867 0x051c BrUsbMdm - ok03:02:24.0891 0x051c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys03:02:24.0971 0x051c BrUsbSer - ok03:02:25.0009 0x051c [ B1CFA780D968AC7ED07DCE1D3541BCD5, CE62D191FB4F8DC8342C5288BC16EA79044831B3FF45C3B32C7A54C5A3C90079 ] bScsiMSx C:\Windows\system32\DRIVERS\bScsiMSx.sys03:02:25.0039 0x051c bScsiMSx - ok03:02:25.0069 0x051c [ AD89ED05A8EA1E7A0EB0BF162AA95ED0, 9232CB20850FF1608E00F32461D97F23C07597A043E9654D2682273B6F10CF9F ] bScsiSDx C:\Windows\system32\DRIVERS\bScsiSDx.sys03:02:25.0149 0x051c bScsiSDx - ok03:02:25.0179 0x051c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys03:02:25.0239 0x051c BTHMODEM - ok03:02:25.0281 0x051c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll03:02:25.0370 0x051c bthserv - ok03:02:25.0499 0x051c catchme - ok03:02:25.0528 0x051c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys03:02:25.0622 0x051c cdfs - ok03:02:25.0672 0x051c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys03:02:25.0736 0x051c cdrom - ok03:02:25.0785 0x051c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll03:02:25.0846 0x051c CertPropSvc - ok03:02:25.0883 0x051c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys03:02:26.0017 0x051c circlass - ok03:02:26.0168 0x051c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys03:02:26.0238 0x051c CLFS - ok03:02:26.0318 0x051c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe03:02:26.0368 0x051c clr_optimization_v2.0.50727_32 - ok03:02:26.0429 0x051c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe03:02:26.0557 0x051c clr_optimization_v4.0.30319_32 - ok03:02:26.0579 0x051c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys03:02:26.0631 0x051c CmBatt - ok03:02:26.0671 0x051c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys03:02:26.0701 0x17b4 Object send P2P result: true03:02:26.0711 0x051c cmdide - ok03:02:26.0797 0x051c [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys03:02:26.0908 0x051c CNG - ok03:02:26.0946 0x051c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys03:02:26.0993 0x051c Compbatt - ok03:02:27.0030 0x051c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys03:02:27.0100 0x051c CompositeBus - ok03:02:27.0110 0x051c COMSysApp - ok03:02:27.0150 0x051c [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe03:02:27.0214 0x051c cphs - ok03:02:27.0244 0x051c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys03:02:27.0294 0x051c crcdisk - ok03:02:27.0351 0x051c [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll03:02:27.0497 0x051c CryptSvc - ok03:02:27.0567 0x051c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll03:02:27.0654 0x051c DcomLaunch - ok03:02:27.0684 0x051c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll03:02:27.0766 0x051c defragsvc - ok03:02:27.0800 0x051c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys03:02:27.0860 0x051c DfsC - ok03:02:27.0910 0x051c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll03:02:28.0001 0x051c Dhcp - ok03:02:28.0031 0x051c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys03:02:28.0107 0x051c discache - ok03:02:28.0135 0x051c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys03:02:28.0165 0x051c Disk - ok03:02:28.0205 0x051c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll03:02:28.0301 0x051c Dnscache - ok03:02:28.0351 0x051c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll03:02:28.0423 0x051c dot3svc - ok03:02:28.0463 0x051c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll03:02:28.0561 0x051c DPS - ok03:02:28.0615 0x051c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys03:02:28.0703 0x051c drmkaud - ok03:02:28.0771 0x051c [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys03:02:28.0813 0x051c dtsoftbus01 - ok03:02:28.0873 0x051c [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys03:02:28.0951 0x051c DXGKrnl - ok03:02:29.0008 0x051c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll03:02:29.0098 0x051c EapHost - ok03:02:29.0417 0x051c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys03:02:29.0684 0x051c ebdrv - ok03:02:29.0708 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS C:\Windows\System32\lsass.exe03:02:29.0784 0x051c EFS - ok03:02:29.0889 0x051c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe03:02:29.0992 0x051c ehRecvr - ok03:02:30.0030 0x051c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe03:02:30.0097 0x051c ehSched - ok03:02:30.0141 0x051c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys03:02:30.0232 0x051c elxstor - ok03:02:30.0242 0x051c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys03:02:30.0298 0x051c ErrDev - ok03:02:30.0336 0x051c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll03:02:30.0422 0x051c EventSystem - ok03:02:30.0452 0x051c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys03:02:30.0496 0x051c exfat - ok03:02:30.0546 0x051c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys03:02:30.0637 0x051c fastfat - ok03:02:30.0689 0x051c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe03:02:30.0825 0x051c Fax - ok03:02:30.0845 0x051c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys03:02:30.0900 0x051c fdc - ok03:02:30.0960 0x051c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll03:02:31.0048 0x051c fdPHost - ok03:02:31.0069 0x051c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll03:02:31.0138 0x051c FDResPub - ok03:02:31.0168 0x051c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys03:02:31.0222 0x051c FileInfo - ok03:02:31.0234 0x051c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys03:02:31.0274 0x051c Filetrace - ok03:02:31.0295 0x051c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys03:02:31.0355 0x051c flpydisk - ok03:02:31.0400 0x051c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys03:02:31.0450 0x051c FltMgr - ok03:02:31.0534 0x051c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll03:02:31.0675 0x051c FontCache - ok03:02:31.0786 0x051c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe03:02:31.0861 0x051c FontCache3.0.0.0 - ok03:02:31.0888 0x051c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys03:02:31.0926 0x051c FsDepends - ok03:02:31.0966 0x051c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys03:02:32.0003 0x051c Fs_Rec - ok03:02:32.0055 0x051c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys03:02:32.0107 0x051c fvevol - ok03:02:32.0147 0x051c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys03:02:32.0184 0x051c gagp30kx - ok03:02:32.0401 0x051c [ 5AE64F0DDD7EBD1532FC70ECDB963023, 28D5F5B1B3AFC335EFC1ABD1B8EBA3C9629C6552F81670A4B5DBDFB18110C5D7 ] GoogleIMEJaCacheService C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe03:02:32.0523 0x051c GoogleIMEJaCacheService - ok03:02:32.0600 0x051c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll03:02:32.0758 0x051c gpsvc - ok03:02:32.0814 0x051c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe03:02:32.0854 0x051c gupdate - ok03:02:32.0864 0x051c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe03:02:32.0889 0x051c gupdatem - ok03:02:32.0935 0x051c [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe03:02:33.0000 0x051c gusvc - ok03:02:33.0040 0x051c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys03:02:33.0170 0x051c hcw85cir - ok03:02:33.0234 0x051c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys03:02:33.0304 0x051c HdAudAddService - ok03:02:33.0391 0x051c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys03:02:33.0496 0x051c HDAudBus - ok03:02:33.0516 0x051c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys03:02:33.0581 0x051c HidBatt - ok03:02:33.0596 0x051c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys03:02:33.0666 0x051c HidBth - ok03:02:33.0707 0x051c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys03:02:33.0757 0x051c HidIr - ok03:02:33.0788 0x051c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll03:02:33.0895 0x051c hidserv - ok03:02:33.0924 0x051c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys03:02:33.0999 0x051c HidUsb - ok03:02:34.0020 0x051c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll03:02:34.0085 0x051c hkmsvc - ok03:02:34.0116 0x051c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll03:02:34.0196 0x051c HomeGroupListener - ok03:02:34.0246 0x051c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll03:02:34.0318 0x051c HomeGroupProvider - ok03:02:34.0362 0x051c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys03:02:34.0401 0x051c HpSAMD - ok03:02:34.0441 0x051c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys03:02:34.0518 0x051c HTTP - ok03:02:34.0538 0x051c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys03:02:34.0568 0x051c hwpolicy - ok03:02:34.0635 0x051c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys03:02:34.0702 0x051c i8042prt - ok03:02:34.0759 0x051c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys03:02:34.0834 0x051c iaStorV - ok03:02:34.0904 0x051c [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe03:02:35.0010 0x051c idsvc - ok03:02:35.0021 0x051c IEEtwCollectorService - ok03:02:35.0242 0x051c [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys03:02:35.0571 0x051c igfx - ok03:02:35.0607 0x051c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys03:02:35.0657 0x051c iirsp - ok03:02:35.0731 0x051c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll03:02:35.0884 0x051c IKEEXT - ok03:02:35.0903 0x051c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys03:02:35.0933 0x051c intelide - ok03:02:35.0992 0x051c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys03:02:36.0055 0x051c intelppm - ok03:02:36.0085 0x051c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll03:02:36.0145 0x051c IPBusEnum - ok03:02:36.0188 0x051c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys03:02:36.0251 0x051c IpFilterDriver - ok03:02:36.0338 0x051c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll03:02:36.0429 0x051c iphlpsvc - ok03:02:36.0449 0x051c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys03:02:36.0506 0x051c IPMIDRV - ok03:02:36.0536 0x051c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys03:02:36.0596 0x051c IPNAT - ok03:02:36.0616 0x051c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys03:02:36.0656 0x051c IRENUM - ok03:02:36.0698 0x051c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys03:02:36.0734 0x051c isapnp - ok03:02:36.0797 0x051c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys03:02:36.0847 0x051c iScsiPrt - ok03:02:36.0882 0x051c [ 8497AC41BA99ED488A312856B67832C4, E016F625B4F934B60F58DE4EACB274FABED174F0B2C4BC6887896E73374B7FD2 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys03:02:36.0942 0x051c k57nd60x - ok03:02:36.0981 0x051c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys03:02:37.0013 0x051c kbdclass - ok03:02:37.0053 0x051c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys03:02:37.0101 0x051c kbdhid - ok03:02:37.0126 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso C:\Windows\system32\lsass.exe03:02:37.0146 0x051c KeyIso - ok03:02:37.0196 0x051c [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys03:02:37.0246 0x051c KSecDD - ok03:02:37.0266 0x051c [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys03:02:37.0373 0x051c KSecPkg - ok03:02:37.0491 0x051c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll03:02:37.0579 0x051c KtmRm - ok03:02:37.0610 0x051c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll03:02:37.0689 0x051c LanmanServer - ok03:02:37.0721 0x051c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll03:02:37.0771 0x051c LanmanWorkstation - ok03:02:37.0817 0x051c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys03:02:37.0930 0x051c lltdio - ok03:02:37.0976 0x051c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll03:02:38.0067 0x051c lltdsvc - ok03:02:38.0111 0x051c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll03:02:38.0188 0x051c lmhosts - ok03:02:38.0228 0x051c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys03:02:38.0258 0x051c LSI_FC - ok03:02:38.0290 0x051c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys03:02:38.0320 0x051c LSI_SAS - ok03:02:38.0340 0x051c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys03:02:38.0384 0x051c LSI_SAS2 - ok03:02:38.0406 0x051c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys03:02:38.0446 0x051c LSI_SCSI - ok03:02:38.0466 0x051c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys03:02:38.0541 0x051c luafv - ok03:02:38.0611 0x051c [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys03:02:38.0793 0x051c MBAMSwissArmy - ok03:02:38.0823 0x051c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll03:02:38.0892 0x051c Mcx2Svc - ok03:02:38.0932 0x051c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys03:02:38.0952 0x051c megasas - ok03:02:39.0005 0x051c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys03:02:39.0040 0x051c MegaSR - ok03:02:39.0090 0x051c [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI C:\Windows\system32\DRIVERS\HECI.sys03:02:39.0196 0x051c MEI - ok03:02:39.0290 0x051c [ 600630D8A1703CFC9ED00E20C0CA6212, 4C6432DBB3B2AF687CE33C249E682EB841E3D27EADAE32748EDB3D0F1892663E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys03:02:39.0361 0x051c mfehidk - ok03:02:39.0405 0x051c [ 469F5BC46C4850FC653365005C58E076, DB9A1F2B5218217B211FC0BFE8E6C5288ECE9BE85BCA66D3EF0C863BB582AD66 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys03:02:39.0465 0x051c mferkdet - ok03:02:39.0496 0x051c [ 33FFACE454410F61B106F7BCE241B08C, B19E113869785FD5A743AF957EBE0C434047935F97DA444FD861F25A241D3D12 ] mfevtp C:\Windows\system32\mfevtps.exe03:02:39.0560 0x051c mfevtp - ok03:02:39.0596 0x051c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll03:02:39.0666 0x051c MMCSS - ok03:02:39.0690 0x051c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys03:02:39.0750 0x051c Modem - ok03:02:39.0770 0x051c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys03:02:39.0828 0x051c monitor - ok03:02:39.0868 0x051c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys03:02:39.0908 0x051c mouclass - ok03:02:39.0958 0x051c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys03:02:40.0009 0x051c mouhid - ok03:02:40.0049 0x051c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys03:02:40.0093 0x051c mountmgr - ok03:02:40.0166 0x051c [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe03:02:40.0256 0x051c MozillaMaintenance - ok03:02:40.0292 0x051c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys03:02:40.0345 0x051c mpio - ok03:02:40.0396 0x051c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys03:02:40.0446 0x051c mpsdrv - ok03:02:40.0525 0x051c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll03:02:40.0636 0x051c MpsSvc - ok03:02:40.0683 0x051c [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys03:02:40.0785 0x051c MRxDAV - ok03:02:40.0820 0x051c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys03:02:40.0860 0x051c mrxsmb - ok03:02:40.0884 0x051c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys03:02:40.0927 0x051c mrxsmb10 - ok03:02:40.0957 0x051c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys03:02:41.0006 0x051c mrxsmb20 - ok03:02:41.0036 0x051c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys03:02:41.0066 0x051c msahci - ok03:02:41.0095 0x051c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys03:02:41.0136 0x051c msdsm - ok03:02:41.0166 0x051c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe03:02:41.0240 0x051c MSDTC - ok03:02:41.0260 0x051c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys03:02:41.0327 0x051c Msfs - ok03:02:41.0357 0x051c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys03:02:41.0401 0x051c mshidkmdf - ok03:02:41.0421 0x051c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys03:02:41.0461 0x051c msisadrv - ok03:02:41.0491 0x051c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll03:02:41.0571 0x051c MSiSCSI - ok03:02:41.0571 0x051c msiserver - ok03:02:41.0608 0x051c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys03:02:41.0648 0x051c MSKSSRV - ok03:02:41.0692 0x051c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys03:02:41.0793 0x051c MSPCLOCK - ok03:02:41.0813 0x051c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys03:02:41.0873 0x051c MSPQM - ok03:02:41.0901 0x051c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys03:02:41.0936 0x051c MsRPC - ok03:02:41.0966 0x051c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys03:02:42.0004 0x051c mssmbios - ok03:02:42.0024 0x051c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys03:02:42.0084 0x051c MSTEE - ok03:02:42.0104 0x051c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys03:02:42.0154 0x051c MTConfig - ok03:02:42.0174 0x051c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys03:02:42.0212 0x051c Mup - ok03:02:42.0242 0x051c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll03:02:42.0336 0x051c napagent - ok03:02:42.0400 0x051c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys03:02:42.0435 0x051c NativeWifiP - ok03:02:42.0479 0x051c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys03:02:42.0540 0x051c NDIS - ok03:02:42.0601 0x051c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys03:02:42.0707 0x051c NdisCap - ok03:02:42.0720 0x051c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys03:02:42.0772 0x051c NdisTapi - ok03:02:42.0815 0x051c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys03:02:42.0875 0x051c Ndisuio - ok03:02:42.0895 0x051c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys03:02:42.0959 0x051c NdisWan - ok03:02:42.0984 0x051c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys03:02:43.0040 0x051c NDProxy - ok03:02:43.0084 0x051c [ 1FAA852C845912797275319CBCAA27D2, DE5B45D1FE8422E21A900BAA4D41B5EC58591AEF0755DDDF5707C6B0E05DE390 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_0103.sys03:02:43.0117 0x051c Neo_VPN - ok03:02:43.0152 0x051c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys03:02:43.0202 0x051c NetBIOS - ok03:02:43.0222 0x051c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys03:02:43.0301 0x051c NetBT - ok03:02:43.0322 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon C:\Windows\system32\lsass.exe03:02:43.0342 0x051c Netlogon - ok03:02:43.0389 0x051c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll03:02:43.0452 0x051c Netman - ok03:02:43.0507 0x051c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:02:43.0559 0x051c NetMsmqActivator - ok03:02:43.0569 0x051c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:02:43.0597 0x051c NetPipeActivator - ok03:02:43.0637 0x051c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll03:02:43.0714 0x051c netprofm - ok03:02:43.0734 0x051c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:02:43.0764 0x051c NetTcpActivator - ok03:02:43.0774 0x051c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:02:43.0808 0x051c NetTcpPortSharing - ok03:02:43.0851 0x051c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys03:02:43.0894 0x051c nfrd960 - ok03:02:43.0921 0x051c [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll03:02:43.0998 0x051c NlaSvc - ok03:02:44.0025 0x051c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys03:02:44.0076 0x051c Npfs - ok03:02:44.0100 0x051c npggsvc - ok03:02:44.0130 0x051c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll03:02:44.0185 0x051c nsi - ok03:02:44.0194 0x051c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys03:02:44.0266 0x051c nsiproxy - ok03:02:44.0409 0x051c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys03:02:44.0541 0x051c Ntfs - ok03:02:44.0593 0x051c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys03:02:44.0649 0x051c Null - ok03:02:44.0687 0x051c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys03:02:44.0712 0x051c nvraid - ok03:02:44.0752 0x051c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys03:02:44.0782 0x051c nvstor - ok03:02:44.0826 0x051c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys03:02:44.0856 0x051c nv_agp - ok03:02:44.0914 0x051c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys03:02:44.0993 0x051c ohci1394 - ok03:02:45.0057 0x051c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE03:02:45.0107 0x051c ose - ok03:02:45.0410 0x051c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE03:02:45.0728 0x051c osppsvc - ok03:02:45.0758 0x051c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll03:02:45.0898 0x051c p2pimsvc - ok03:02:45.0949 0x051c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll03:02:46.0014 0x051c p2psvc - ok03:02:46.0036 0x051c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys03:02:46.0083 0x051c Parport - ok03:02:46.0103 0x051c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys03:02:46.0143 0x051c partmgr - ok03:02:46.0163 0x051c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys03:02:46.0213 0x051c Parvdm - ok03:02:46.0243 0x051c [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll03:02:46.0348 0x051c PcaSvc - ok03:02:46.0381 0x051c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys03:02:46.0431 0x051c pci - ok03:02:46.0461 0x051c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys03:02:46.0495 0x051c pciide - ok03:02:46.0539 0x051c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys03:02:46.0596 0x051c pcmcia - ok03:02:46.0616 0x051c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys03:02:46.0656 0x051c pcw - ok03:02:46.0713 0x051c [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys03:02:46.0834 0x051c PEAUTH - ok03:02:47.0065 0x051c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll03:02:47.0256 0x051c pla - ok03:02:47.0310 0x051c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll03:02:47.0457 0x051c PlugPlay - ok03:02:47.0518 0x051c [ 3A2E85F7D90D15460C337CE80C2E3B29, EECAA20359FD2D75D6A564A3BAADACAA2CB69D061E455AA3F75055A3EAB54168 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe03:02:47.0568 0x051c PnkBstrA - ok03:02:47.0608 0x051c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll03:02:47.0680 0x051c PNRPAutoReg - ok03:02:47.0709 0x051c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll03:02:47.0752 0x051c PNRPsvc - ok03:02:47.0802 0x051c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll03:02:47.0862 0x051c PolicyAgent - ok03:02:47.0906 0x051c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll03:02:47.0956 0x051c Power - ok03:02:48.0006 0x051c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys03:02:48.0070 0x051c PptpMiniport - ok03:02:48.0090 0x051c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys03:02:48.0140 0x051c Processor - ok03:02:48.0206 0x051c [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll03:02:48.0295 0x051c ProfSvc - ok03:02:48.0315 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe03:02:48.0335 0x051c ProtectedStorage - ok03:02:48.0365 0x051c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys03:02:48.0436 0x051c Psched - ok03:02:48.0483 0x051c [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys03:02:48.0513 0x051c PxHelp20 - ok03:02:48.0608 0x051c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys03:02:48.0720 0x051c ql2300 - ok03:02:48.0781 0x051c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys03:02:48.0809 0x051c ql40xx - ok03:02:48.0923 0x051c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll03:02:49.0016 0x051c QWAVE - ok03:02:49.0036 0x051c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys03:02:49.0093 0x051c QWAVEdrv - ok03:02:49.0123 0x051c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys03:02:49.0183 0x051c RasAcd - ok03:02:49.0213 0x051c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys03:02:49.0273 0x051c RasAgileVpn - ok03:02:49.0310 0x051c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll03:02:49.0373 0x051c RasAuto - ok03:02:49.0401 0x051c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys03:02:49.0458 0x051c Rasl2tp - ok03:02:49.0496 0x051c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll03:02:49.0562 0x051c RasMan - ok03:02:49.0599 0x051c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys03:02:49.0652 0x051c RasPppoe - ok03:02:49.0693 0x051c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys03:02:49.0763 0x051c RasSstp - ok03:02:49.0796 0x051c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys03:02:49.0844 0x051c rdbss - ok03:02:49.0890 0x051c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys03:02:49.0916 0x051c rdpbus - ok03:02:49.0931 0x051c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys03:02:50.0032 0x051c RDPCDD - ok03:02:50.0072 0x051c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys03:02:50.0139 0x051c RDPENCDD - ok03:02:50.0159 0x051c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys03:02:50.0216 0x051c RDPREFMP - ok03:02:50.0256 0x051c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys03:02:50.0417 0x051c RdpVideoMiniport - ok03:02:50.0457 0x051c [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys03:02:50.0551 0x051c RDPWD - ok03:02:50.0608 0x051c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys03:02:50.0658 0x051c rdyboost - ok03:02:50.0692 0x051c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll03:02:50.0733 0x051c RemoteAccess - ok03:02:50.0753 0x051c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll03:02:50.0826 0x051c RemoteRegistry - ok03:02:50.0866 0x051c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll03:02:50.0933 0x051c RpcEptMapper - ok03:02:51.0003 0x051c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe03:02:51.0073 0x051c RpcLocator - ok03:02:51.0103 0x051c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll03:02:51.0193 0x051c RpcSs - ok03:02:51.0235 0x051c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys03:02:51.0317 0x051c rspndr - ok03:02:51.0329 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs C:\Windows\system32\lsass.exe03:02:51.0359 0x051c SamSs - ok03:02:51.0400 0x051c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys03:02:51.0414 0x051c sbp2port - ok03:02:51.0454 0x051c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll03:02:51.0533 0x051c SCardSvr - ok03:02:51.0543 0x051c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys03:02:51.0602 0x051c scfilter - ok03:02:51.0665 0x051c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll03:02:51.0751 0x051c Schedule - ok03:02:51.0771 0x051c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll03:02:51.0811 0x051c SCPolicySvc - ok03:02:51.0851 0x051c [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys03:02:51.0900 0x051c sdbus - ok03:02:51.0926 0x051c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll03:02:52.0013 0x051c SDRSVC - ok03:02:52.0033 0x051c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys03:02:52.0093 0x051c secdrv - ok03:02:52.0107 0x051c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll03:02:52.0177 0x051c seclogon - ok03:02:52.0197 0x051c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll03:02:52.0277 0x051c SENS - ok03:02:52.0311 0x051c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll03:02:52.0371 0x051c SensrSvc - ok03:02:52.0411 0x051c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys03:02:52.0451 0x051c Serenum - ok03:02:52.0481 0x051c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys03:02:52.0502 0x051c Serial - ok03:02:52.0552 0x051c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys03:02:52.0606 0x051c sermouse - ok03:02:52.0638 0x051c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll03:02:52.0709 0x051c SessionEnv - ok03:02:52.0729 0x051c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys03:02:52.0769 0x051c sffdisk - ok03:02:52.0806 0x051c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys03:02:52.0856 0x051c sffp_mmc - ok03:02:52.0866 0x051c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys03:02:53.0005 0x051c sffp_sd - ok03:02:53.0045 0x051c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys03:02:53.0116 0x051c sfloppy - ok03:02:53.0166 0x051c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll03:02:53.0266 0x051c SharedAccess - ok03:02:53.0348 0x051c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll03:02:53.0455 0x051c ShellHWDetection - ok03:02:53.0492 0x051c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys03:02:53.0522 0x051c sisagp - ok03:02:53.0562 0x051c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys03:02:53.0591 0x051c SiSRaid2 - ok03:02:53.0611 0x051c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys03:02:53.0651 0x051c SiSRaid4 - ok03:02:53.0759 0x051c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe03:02:53.0930 0x051c SkypeUpdate - ok03:02:53.0970 0x051c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys03:02:54.0034 0x051c Smb - ok03:02:54.0074 0x051c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe03:02:54.0114 0x051c SNMPTRAP - ok Link to post Share on other sites More sharing options...
hmw1008 Posted February 7, 2015 Author ID:937384 Share Posted February 7, 2015 03:02:54.0134 0x051c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys03:02:54.0174 0x051c spldr - ok03:02:54.0210 0x051c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe03:02:54.0262 0x051c Spooler - ok03:02:54.0423 0x051c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe03:02:54.0657 0x051c sppsvc - ok03:02:54.0694 0x051c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll03:02:54.0792 0x051c sppuinotify - ok03:02:54.0884 0x051c [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd C:\Windows\System32\Drivers\sptd.sys03:02:54.0956 0x051c sptd - ok03:02:54.0994 0x051c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys03:02:55.0079 0x051c srv - ok03:02:55.0100 0x051c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys03:02:55.0160 0x051c srv2 - ok03:02:55.0190 0x051c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys03:02:55.0220 0x051c srvnet - ok03:02:55.0250 0x051c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll03:02:55.0301 0x051c SSDPSRV - ok03:02:55.0331 0x051c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll03:02:55.0386 0x051c SstpSvc - ok03:02:55.0432 0x051c [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe03:02:55.0495 0x051c Steam Client Service - ok03:02:55.0521 0x051c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys03:02:55.0551 0x051c stexstor - ok03:02:55.0603 0x051c [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys03:02:55.0694 0x051c StillCam - ok03:02:55.0750 0x051c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll03:02:55.0820 0x051c StiSvc - ok03:02:55.0840 0x051c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys03:02:55.0870 0x051c swenum - ok03:02:55.0907 0x051c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll03:02:55.0977 0x051c swprv - ok03:02:56.0035 0x051c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll03:02:56.0149 0x051c SysMain - ok03:02:56.0179 0x051c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll03:02:56.0232 0x051c TabletInputService - ok03:02:56.0252 0x051c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll03:02:56.0320 0x051c TapiSrv - ok03:02:56.0341 0x051c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll03:02:56.0393 0x051c TBS - ok03:02:56.0484 0x051c [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip C:\Windows\system32\drivers\tcpip.sys03:02:56.0585 0x051c Tcpip - ok03:02:56.0648 0x051c [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys03:02:56.0719 0x051c TCPIP6 - ok03:02:56.0749 0x051c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys03:02:56.0791 0x051c tcpipreg - ok03:02:56.0813 0x051c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys03:02:56.0895 0x051c TDPIPE - ok03:02:56.0930 0x051c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys03:02:56.0981 0x051c TDTCP - ok03:02:57.0010 0x051c [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys03:02:57.0090 0x051c tdx - ok03:02:57.0140 0x051c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys03:02:57.0160 0x051c TermDD - ok03:02:57.0215 0x051c [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll03:02:57.0301 0x051c TermService - ok03:02:57.0321 0x051c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll03:02:57.0392 0x051c Themes - ok03:02:57.0411 0x051c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll03:02:57.0443 0x051c THREADORDER - ok03:02:57.0489 0x051c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll03:02:57.0547 0x051c TrkWks - ok03:02:57.0597 0x051c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe03:02:57.0664 0x051c TrustedInstaller - ok03:02:57.0692 0x051c [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys03:02:57.0750 0x051c tssecsrv - ok03:02:57.0795 0x051c [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys03:02:57.0838 0x051c TsUsbFlt - ok03:02:57.0868 0x051c [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys03:02:57.0923 0x051c TsUsbGD - ok03:02:57.0989 0x051c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys03:02:58.0050 0x051c tunnel - ok03:02:58.0060 0x051c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys03:02:58.0106 0x051c uagp35 - ok03:02:58.0137 0x051c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys03:02:58.0217 0x051c udfs - ok03:02:58.0247 0x051c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe03:02:58.0294 0x051c UI0Detect - ok03:02:58.0334 0x051c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys03:02:58.0364 0x051c uliagpkx - ok03:02:58.0419 0x051c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys03:02:58.0464 0x051c umbus - ok03:02:58.0502 0x051c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys03:02:58.0533 0x051c UmPass - ok03:02:58.0563 0x051c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll03:02:58.0646 0x051c upnphost - ok03:02:58.0687 0x051c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys03:02:58.0717 0x051c USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )03:03:01.0713 0x051c Detect skipped due to KSN trusted03:03:01.0713 0x051c USBAAPL - ok03:03:01.0796 0x051c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys03:03:01.0850 0x051c usbaudio - ok03:03:01.0887 0x051c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys03:03:01.0947 0x051c usbccgp - ok03:03:01.0967 0x051c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys03:03:02.0018 0x051c usbcir - ok03:03:02.0028 0x051c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys03:03:02.0058 0x051c usbehci - ok03:03:02.0116 0x051c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys03:03:02.0181 0x051c usbhub - ok03:03:02.0209 0x051c [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys03:03:02.0249 0x051c usbohci - ok03:03:02.0269 0x051c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys03:03:02.0293 0x051c usbprint - ok03:03:02.0343 0x051c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys03:03:02.0385 0x051c usbscan - ok03:03:02.0417 0x051c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS03:03:02.0484 0x051c USBSTOR - ok03:03:02.0521 0x051c [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys03:03:02.0571 0x051c usbuhci - ok03:03:02.0625 0x051c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys03:03:02.0675 0x051c usbvideo - ok03:03:02.0713 0x051c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll03:03:02.0773 0x051c UxSms - ok03:03:02.0794 0x051c [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc C:\Windows\system32\lsass.exe03:03:02.0810 0x051c VaultSvc - ok03:03:02.0830 0x051c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys03:03:02.0880 0x051c vdrvroot - ok03:03:02.0914 0x051c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe03:03:03.0002 0x051c vds - ok03:03:03.0041 0x051c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys03:03:03.0081 0x051c vga - ok03:03:03.0091 0x051c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys03:03:03.0141 0x051c VgaSave - ok03:03:03.0161 0x051c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys03:03:03.0193 0x051c vhdmp - ok03:03:03.0242 0x051c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys03:03:03.0287 0x051c viaagp - ok03:03:03.0316 0x051c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys03:03:03.0366 0x051c ViaC7 - ok03:03:03.0396 0x051c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys03:03:03.0436 0x051c viaide - ok03:03:03.0456 0x051c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys03:03:03.0483 0x051c volmgr - ok03:03:03.0495 0x051c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys03:03:03.0535 0x051c volmgrx - ok03:03:03.0566 0x051c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys03:03:03.0607 0x051c volsnap - ok03:03:03.0657 0x051c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys03:03:03.0698 0x051c vsmraid - ok03:03:03.0748 0x051c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe03:03:03.0892 0x051c VSS - ok03:03:03.0912 0x051c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys03:03:03.0952 0x051c vwifibus - ok03:03:03.0972 0x051c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys03:03:04.0010 0x051c vwififlt - ok03:03:04.0046 0x051c [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys03:03:04.0093 0x051c vwifimp - ok03:03:04.0113 0x051c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll03:03:04.0183 0x051c W32Time - ok03:03:04.0193 0x051c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys03:03:04.0243 0x051c WacomPen - ok03:03:04.0263 0x051c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys03:03:04.0328 0x051c WANARP - ok03:03:04.0328 0x051c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys03:03:04.0368 0x051c Wanarpv6 - ok03:03:04.0473 0x051c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe03:03:04.0556 0x0d80 Object required for P2P: [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc03:03:04.0694 0x051c WatAdminSvc - ok03:03:04.0910 0x051c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe03:03:05.0045 0x051c wbengine - ok03:03:05.0075 0x051c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll03:03:05.0129 0x051c WbioSrvc - ok03:03:05.0149 0x051c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll03:03:05.0200 0x051c wcncsvc - ok03:03:05.0220 0x051c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll03:03:05.0300 0x051c WcsPlugInService - ok03:03:05.0350 0x051c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys03:03:05.0393 0x051c Wd - ok03:03:05.0437 0x051c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys03:03:05.0506 0x051c Wdf01000 - ok03:03:05.0518 0x051c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll03:03:05.0592 0x051c WdiServiceHost - ok03:03:05.0592 0x051c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll03:03:05.0632 0x051c WdiSystemHost - ok03:03:05.0662 0x051c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll03:03:05.0732 0x051c WebClient - ok03:03:05.0762 0x051c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll03:03:05.0817 0x051c Wecsvc - ok03:03:05.0819 0x051c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll03:03:05.0885 0x051c wercplsupport - ok03:03:05.0913 0x051c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll03:03:05.0963 0x051c WerSvc - ok03:03:05.0985 0x051c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys03:03:06.0021 0x051c WfpLwf - ok03:03:06.0051 0x051c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys03:03:06.0101 0x051c WIMMount - ok03:03:06.0192 0x051c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll03:03:06.0284 0x051c WinDefend - ok03:03:06.0292 0x051c WinHttpAutoProxySvc - ok03:03:06.0352 0x051c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll03:03:06.0430 0x051c Winmgmt - ok03:03:06.0504 0x051c [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll03:03:06.0634 0x051c WinRM - ok03:03:06.0698 0x051c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys03:03:06.0738 0x051c WinUsb - ok03:03:06.0801 0x051c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll03:03:06.0899 0x051c Wlansvc - ok03:03:07.0014 0x051c [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE03:03:07.0127 0x051c wlidsvc - ok03:03:07.0157 0x051c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys03:03:07.0197 0x051c WmiAcpi - ok03:03:07.0227 0x051c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe03:03:07.0267 0x051c wmiApSrv - ok03:03:07.0559 0x051c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe03:03:07.0596 0x0d80 Object send P2P result: true03:03:07.0596 0x0d80 Object required for P2P: [ 79D10964DE86B292320E9DFE02282A23 ] monitor03:03:07.0700 0x051c WMPNetworkSvc - ok03:03:07.0720 0x051c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll03:03:07.0804 0x051c WPCSvc - ok03:03:07.0835 0x051c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll03:03:07.0905 0x051c WPDBusEnum - ok03:03:07.0945 0x051c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys03:03:08.0017 0x051c ws2ifsl - ok03:03:08.0044 0x051c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll03:03:08.0089 0x051c wscsvc - ok03:03:08.0099 0x051c WSearch - ok03:03:08.0200 0x051c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll03:03:08.0343 0x051c wuauserv - ok03:03:08.0373 0x051c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys03:03:08.0408 0x051c WudfPf - ok03:03:08.0438 0x051c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys03:03:08.0484 0x051c WUDFRd - ok03:03:08.0521 0x051c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll03:03:08.0583 0x051c wudfsvc - ok03:03:08.0619 0x051c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll03:03:08.0709 0x051c WwanSvc - ok03:03:08.0739 0x051c ================ Scan global ===============================03:03:08.0783 0x051c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll03:03:08.0833 0x051c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll03:03:08.0863 0x051c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll03:03:08.0902 0x051c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll03:03:08.0937 0x051c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe03:03:08.0947 0x051c [ Global ] - ok03:03:08.0947 0x051c ================ Scan MBR ==================================03:03:08.0957 0x051c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR003:03:09.0336 0x051c \Device\Harddisk0\DR0 - ok03:03:09.0346 0x051c ================ Scan VBR ==================================03:03:09.0356 0x051c [ B92CFCBFF0990C56135FA8180212A509 ] \Device\Harddisk0\DR0\Partition103:03:09.0356 0x051c \Device\Harddisk0\DR0\Partition1 - ok03:03:09.0366 0x051c ================ Scan generic autorun ======================03:03:09.0406 0x051c [ 4C2ECFF76CE32EC594545152D1DCEB35, 93C089183A47FEACA09D40A3A0142C3BDDBD3712A3C99C6D3E97EECAE38B1A62 ] C:\Windows\system32\igfxtray.exe03:03:09.0483 0x051c IgfxTray - ok03:03:09.0513 0x051c [ 1B422F7D2238612919EE9771D26B0208, A656217E36733D704C4AB8755B885085ADB01819C369B0BDF45441286215EF53 ] C:\Windows\system32\hkcmd.exe03:03:09.0563 0x051c HotKeysCmds - ok03:03:09.0597 0x051c [ 22884291BD017D70E047D50DAD3C4602, 2D3F34E07C7962606944B38F6D06810E066117FB14A2939DFA80A43966ADE0BB ] C:\Windows\system32\igfxpers.exe03:03:09.0647 0x051c Persistence - ok03:03:09.0692 0x051c [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe03:03:09.0732 0x051c NUSB3MON - ok03:03:09.0855 0x051c [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe03:03:09.0981 0x051c AdobeAAMUpdater-1.0 - ok03:03:10.0117 0x051c [ 6B90AE01904E5071226E2D2C4397FE52, F58DEC674B2D30AD67347708E4739E9ED2D4774B48CFD30E6009F7412EC597BC ] C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe03:03:10.0207 0x051c Google Japanese Input Prelauncher - ok03:03:10.0287 0x051c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe03:03:10.0331 0x051c BCSSync - ok03:03:10.0371 0x051c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe03:03:10.0422 0x051c SunJavaUpdateSched - ok03:03:10.0422 0x051c XeroxEndeavorBackgroundTask - ok03:03:10.0657 0x0d80 Object send P2P result: true03:03:10.0657 0x0d80 Object required for P2P: [ 55055F8AD8BE27A64C831322A780A228 ] msdsm03:03:10.0693 0x051c [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe03:03:11.0014 0x051c AvastUI.exe - ok03:03:11.0251 0x051c [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe03:03:11.0500 0x051c DAEMON Tools Lite - ok03:03:11.0950 0x051c [ 9544B88064F31774D7D317498A9ABBFA, B4815E6AD0998CD4B183A597B191AD36ACC045A943EE7EB8E9C208B50874ADB1 ] C:\Program Files\Naver\LINE\Line.exe03:03:12.0433 0x051c Line - ok03:03:12.0537 0x051c [ E429410581E60535B555DDA729424885, 6324FABE1977E54C9742A466DD39E539BCE2DCD0ECD29700B859B80D3033A20D ] C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe03:03:12.0604 0x051c DuckCapture - detected UnsignedFile.Multi.Generic ( 1 )03:03:15.0407 0x051c Detect skipped due to KSN trusted03:03:15.0407 0x051c DuckCapture - ok03:03:15.0447 0x051c Skype - ok03:03:15.0457 0x051c Waiting for KSN requests completion. In queue: 23503:03:16.0463 0x051c Waiting for KSN requests completion. In queue: 23503:03:17.0468 0x051c Waiting for KSN requests completion. In queue: 23503:03:18.0397 0x1650 Object required for P2P: [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub03:03:18.0477 0x051c Waiting for KSN requests completion. In queue: 23103:03:19.0483 0x051c Waiting for KSN requests completion. In queue: 23103:03:20.0483 0x051c Waiting for KSN requests completion. In queue: 23103:03:21.0484 0x051c Waiting for KSN requests completion. In queue: 23103:03:21.0484 0x1650 Object send P2P result: true03:03:21.0484 0x1650 Object required for P2P: [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid03:03:22.0484 0x051c Waiting for KSN requests completion. In queue: 21203:03:23.0485 0x051c Waiting for KSN requests completion. In queue: 21203:03:24.0485 0x051c Waiting for KSN requests completion. In queue: 21203:03:24.0532 0x1650 Object send P2P result: true03:03:24.0542 0x1650 Object required for P2P: [ AC804569BB2364FB6017370258A4091B ] wercplsupport03:03:25.0485 0x051c Waiting for KSN requests completion. In queue: 19203:03:26.0485 0x051c Waiting for KSN requests completion. In queue: 19203:03:27.0486 0x051c Waiting for KSN requests completion. In queue: 19203:03:28.0486 0x051c Waiting for KSN requests completion. In queue: 19203:03:29.0486 0x051c Waiting for KSN requests completion. In queue: 19203:03:30.0486 0x051c Waiting for KSN requests completion. In queue: 19203:03:30.0691 0x0d80 Object send P2P result: false03:03:30.0699 0x0d80 Object required for P2P: [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD03:03:31.0486 0x051c Waiting for KSN requests completion. In queue: 10803:03:32.0486 0x051c Waiting for KSN requests completion. In queue: 10803:03:33.0486 0x051c Waiting for KSN requests completion. In queue: 10803:03:33.0791 0x0d80 Object send P2P result: true03:03:33.0798 0x0d80 Object required for P2P: [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs03:03:34.0486 0x051c Waiting for KSN requests completion. In queue: 3903:03:35.0486 0x051c Waiting for KSN requests completion. In queue: 3903:03:36.0486 0x051c Waiting for KSN requests completion. In queue: 3903:03:36.0898 0x0d80 Object send P2P result: true03:03:37.0486 0x051c Waiting for KSN requests completion. In queue: 3303:03:38.0486 0x051c Waiting for KSN requests completion. In queue: 3303:03:39.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:40.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:41.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:42.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:43.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:44.0488 0x051c Waiting for KSN requests completion. In queue: 3303:03:44.0563 0x1650 Object send P2P result: false03:03:45.0525 0x051c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )03:03:45.0565 0x051c Win FW state via NFP2: enabled03:03:48.0438 0x051c ============================================================03:03:48.0438 0x051c Scan finished03:03:48.0438 0x051c ============================================================03:03:48.0448 0x0c30 Detected object count: 003:03:48.0448 0x0c30 Actual detected object count: 003:03:58.0013 0x0ebc ============================================================03:03:58.0013 0x0ebc Scan started03:03:58.0013 0x0ebc Mode: Manual; SigCheck; TDLFS; 03:03:58.0013 0x0ebc ============================================================03:03:58.0013 0x0ebc KSN ping started03:04:00.0816 0x0ebc KSN ping finished: true03:04:01.0381 0x0ebc ================ Scan system memory ========================03:04:01.0381 0x0ebc System memory - ok03:04:01.0382 0x0ebc ================ Scan services =============================03:04:01.0566 0x0ebc [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys03:04:01.0611 0x0ebc 1394ohci - ok03:04:01.0645 0x0ebc [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys03:04:01.0678 0x0ebc ACPI - ok03:04:01.0697 0x0ebc [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys03:04:01.0735 0x0ebc AcpiPmi - ok03:04:01.0862 0x0ebc [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe03:04:01.0894 0x0ebc AdobeActiveFileMonitor9.0 - ok03:04:02.0104 0x0ebc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe03:04:02.0135 0x0ebc AdobeARMservice - ok03:04:02.0220 0x0ebc [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys03:04:02.0264 0x0ebc adp94xx - ok03:04:02.0310 0x0ebc [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys03:04:02.0347 0x0ebc adpahci - ok03:04:02.0374 0x0ebc [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys03:04:02.0403 0x0ebc adpu320 - ok03:04:02.0453 0x0ebc [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll03:04:02.0495 0x0ebc AeLookupSvc - ok03:04:02.0531 0x0ebc [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys03:04:02.0586 0x0ebc AFD - ok03:04:02.0615 0x0ebc [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys03:04:02.0640 0x0ebc agp440 - ok03:04:02.0681 0x0ebc [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys03:04:02.0701 0x0ebc aic78xx - ok03:04:02.0731 0x0ebc [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe03:04:02.0761 0x0ebc ALG - ok03:04:02.0797 0x0ebc [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys03:04:02.0813 0x0ebc aliide - ok03:04:02.0843 0x0ebc [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys03:04:02.0872 0x0ebc amdagp - ok03:04:02.0879 0x0ebc [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys03:04:02.0899 0x0ebc amdide - ok03:04:02.0919 0x0ebc [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys03:04:02.0939 0x0ebc AmdK8 - ok03:04:02.0959 0x0ebc [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys03:04:02.0989 0x0ebc AmdPPM - ok03:04:03.0121 0x0ebc [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys03:04:03.0171 0x0ebc amdsata - ok03:04:03.0303 0x0ebc [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys03:04:03.0343 0x0ebc amdsbs - ok03:04:03.0363 0x0ebc [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys03:04:03.0383 0x0ebc amdxata - ok03:04:03.0383 0x0ebc Object required for P2P: [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata03:04:23.0409 0x0ebc Object send P2P result: false03:04:23.0480 0x0ebc [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys03:04:23.0529 0x0ebc AppID - ok03:04:23.0555 0x0ebc [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll03:04:23.0595 0x0ebc AppIDSvc - ok03:04:23.0625 0x0ebc [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll03:04:23.0645 0x0ebc Appinfo - ok03:04:23.0665 0x0ebc [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys03:04:23.0685 0x0ebc arc - ok03:04:23.0715 0x0ebc [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys03:04:23.0739 0x0ebc arcsas - ok03:04:23.0836 0x0ebc [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe03:04:23.0886 0x0ebc aspnet_state - ok03:04:23.0916 0x0ebc [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys03:04:23.0936 0x0ebc aswHwid - ok03:04:23.0956 0x0ebc [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys03:04:23.0976 0x0ebc aswMonFlt - ok03:04:23.0989 0x0ebc [ DE8D7912469E4BC5FAED78D9D1076888, 8545139B7A7D0B672A0225686BFB03EBEA6E7202D93B772CB2F74CA9E4D7F81D ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys03:04:24.0019 0x0ebc aswRdr - ok03:04:24.0029 0x0ebc [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys03:04:24.0059 0x0ebc aswRvrt - ok03:04:24.0101 0x0ebc [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys03:04:24.0161 0x0ebc aswSnx - ok03:04:24.0181 0x0ebc [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP C:\Windows\system32\drivers\aswSP.sys03:04:24.0231 0x0ebc aswSP - ok03:04:24.0261 0x0ebc [ 401E663D9CBAFB580FF37A1A44AC84D9, EFF1DA23A1F316B0FA03467F6C04B83EA39D8484A1A7EDF5FCFF20F1CF8DC2E2 ] aswStm C:\Windows\system32\drivers\aswStm.sys03:04:24.0281 0x0ebc aswStm - ok03:04:24.0291 0x0ebc [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys03:04:24.0333 0x0ebc aswVmm - ok03:04:24.0364 0x0ebc [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys03:04:24.0394 0x0ebc AsyncMac - ok03:04:24.0454 0x0ebc [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys03:04:24.0474 0x0ebc atapi - ok03:04:24.0574 0x0ebc [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll03:04:24.0634 0x0ebc AudioEndpointBuilder - ok03:04:24.0664 0x0ebc [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll03:04:24.0724 0x0ebc Audiosrv - ok03:04:24.0784 0x0ebc [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe03:04:24.0804 0x0ebc avast! Antivirus - ok03:04:24.0843 0x0ebc avgwd - ok03:04:24.0869 0x0ebc [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll03:04:24.0899 0x0ebc AxInstSV - ok03:04:24.0949 0x0ebc [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys03:04:24.0989 0x0ebc b06bdrv - ok03:04:25.0009 0x0ebc [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys03:04:25.0053 0x0ebc b57nd60x - ok03:04:25.0090 0x0ebc [ 5CD0EB84E73132C10CDDC8BCF64E37C0, 2576E080AA0D4E2ADCC2F9BECDE3DCCDB452FEA60BC837F85169187353D03770 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys03:04:25.0110 0x0ebc b57xdbd - ok03:04:25.0140 0x0ebc [ 14A09B48562F63257265FB5E42B00AC7, 34E85B9E303D3AC7661150224D09F175EAA42BB7A2FD6D324501D2F0E7345985 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys03:04:25.0160 0x0ebc b57xdmp - ok03:04:25.0370 0x0ebc [ 8AA13A6CD43499A7ADE49B4B9089302F, FE1CE3A79271DE15F3BE88FDF93211FA49ABF726A818045969C77B738F027F85 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys03:04:25.0540 0x0ebc BCM43XX - ok03:04:25.0620 0x0ebc [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll03:04:25.0670 0x0ebc BDESVC - ok03:04:25.0690 0x0ebc [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys03:04:25.0720 0x0ebc Beep - ok03:04:25.0772 0x0ebc [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll03:04:25.0829 0x0ebc BFE - ok03:04:25.0884 0x0ebc [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll03:04:25.0944 0x0ebc BITS - ok03:04:25.0954 0x0ebc [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys03:04:25.0984 0x0ebc blbdrive - ok03:04:26.0014 0x0ebc [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys03:04:26.0034 0x0ebc bowser - ok03:04:26.0075 0x0ebc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys03:04:26.0095 0x0ebc BrFiltLo - ok03:04:26.0105 0x0ebc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys03:04:26.0135 0x0ebc BrFiltUp - ok03:04:26.0155 0x0ebc [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys03:04:26.0195 0x0ebc BridgeMP - ok03:04:26.0225 0x0ebc [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll03:04:26.0255 0x0ebc Browser - ok03:04:26.0295 0x0ebc [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys03:04:26.0335 0x0ebc Brserid - ok03:04:26.0375 0x0ebc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys03:04:26.0405 0x0ebc BrSerWdm - ok03:04:26.0435 0x0ebc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys03:04:26.0455 0x0ebc BrUsbMdm - ok03:04:26.0495 0x0ebc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys03:04:26.0515 0x0ebc BrUsbSer - ok03:04:26.0565 0x0ebc [ B1CFA780D968AC7ED07DCE1D3541BCD5, CE62D191FB4F8DC8342C5288BC16EA79044831B3FF45C3B32C7A54C5A3C90079 ] bScsiMSx C:\Windows\system32\DRIVERS\bScsiMSx.sys03:04:26.0585 0x0ebc bScsiMSx - ok03:04:26.0605 0x0ebc [ AD89ED05A8EA1E7A0EB0BF162AA95ED0, 9232CB20850FF1608E00F32461D97F23C07597A043E9654D2682273B6F10CF9F ] bScsiSDx C:\Windows\system32\DRIVERS\bScsiSDx.sys03:04:26.0625 0x0ebc bScsiSDx - ok03:04:26.0645 0x0ebc [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys03:04:26.0665 0x0ebc BTHMODEM - ok03:04:26.0705 0x0ebc [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll03:04:26.0755 0x0ebc bthserv - ok03:04:26.0845 0x0ebc catchme - ok03:04:26.0875 0x0ebc [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys03:04:26.0925 0x0ebc cdfs - ok03:04:26.0955 0x0ebc [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys03:04:26.0985 0x0ebc cdrom - ok03:04:27.0015 0x0ebc [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll03:04:27.0045 0x0ebc CertPropSvc - ok03:04:27.0081 0x0ebc [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys03:04:27.0107 0x0ebc circlass - ok03:04:27.0142 0x0ebc [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys03:04:27.0170 0x0ebc CLFS - ok03:04:27.0220 0x0ebc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe03:04:27.0270 0x0ebc clr_optimization_v2.0.50727_32 - ok03:04:27.0310 0x0ebc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe03:04:27.0350 0x0ebc clr_optimization_v4.0.30319_32 - ok03:04:27.0360 0x0ebc [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys03:04:27.0390 0x0ebc CmBatt - ok03:04:27.0420 0x0ebc [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys03:04:27.0440 0x0ebc cmdide - ok03:04:27.0490 0x0ebc [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys03:04:27.0550 0x0ebc CNG - ok03:04:27.0570 0x0ebc [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys03:04:27.0590 0x0ebc Compbatt - ok03:04:27.0600 0x0ebc [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys03:04:27.0630 0x0ebc CompositeBus - ok03:04:27.0630 0x0ebc COMSysApp - ok03:04:27.0672 0x0ebc [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe03:04:27.0702 0x0ebc cphs - ok03:04:27.0732 0x0ebc [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys03:04:27.0752 0x0ebc crcdisk - ok03:04:27.0792 0x0ebc [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll03:04:27.0822 0x0ebc CryptSvc - ok03:04:27.0862 0x0ebc [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll03:04:27.0922 0x0ebc DcomLaunch - ok03:04:27.0972 0x0ebc [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll03:04:28.0062 0x0ebc defragsvc - ok03:04:28.0072 0x0ebc [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys03:04:28.0112 0x0ebc DfsC - ok03:04:28.0140 0x0ebc [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll03:04:28.0174 0x0ebc Dhcp - ok03:04:28.0204 0x0ebc [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys03:04:28.0244 0x0ebc discache - ok03:04:28.0264 0x0ebc [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys03:04:28.0284 0x0ebc Disk - ok03:04:28.0314 0x0ebc [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll03:04:28.0344 0x0ebc Dnscache - ok03:04:28.0424 0x0ebc [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll03:04:28.0484 0x0ebc dot3svc - ok03:04:28.0514 0x0ebc [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll03:04:28.0554 0x0ebc DPS - ok03:04:28.0594 0x0ebc [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys03:04:28.0634 0x0ebc drmkaud - ok03:04:28.0664 0x0ebc [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys03:04:28.0694 0x0ebc dtsoftbus01 - ok03:04:28.0774 0x0ebc [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys03:04:28.0834 0x0ebc DXGKrnl - ok03:04:28.0854 0x0ebc [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll03:04:28.0894 0x0ebc EapHost - ok03:04:29.0054 0x0ebc [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys03:04:29.0207 0x0ebc ebdrv - ok03:04:29.0247 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS C:\Windows\System32\lsass.exe03:04:29.0297 0x0ebc EFS - ok03:04:29.0387 0x0ebc [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe03:04:29.0457 0x0ebc ehRecvr - ok03:04:29.0467 0x0ebc [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe03:04:29.0497 0x0ebc ehSched - ok03:04:29.0537 0x0ebc [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys03:04:29.0577 0x0ebc elxstor - ok03:04:29.0597 0x0ebc [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys03:04:29.0617 0x0ebc ErrDev - ok03:04:29.0657 0x0ebc [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll03:04:29.0707 0x0ebc EventSystem - ok03:04:29.0737 0x0ebc [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys03:04:29.0777 0x0ebc exfat - ok03:04:29.0817 0x0ebc [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys03:04:29.0887 0x0ebc fastfat - ok03:04:29.0927 0x0ebc [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe03:04:29.0977 0x0ebc Fax - ok03:04:29.0997 0x0ebc [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys03:04:30.0017 0x0ebc fdc - ok03:04:30.0037 0x0ebc [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll03:04:30.0077 0x0ebc fdPHost - ok03:04:30.0097 0x0ebc [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll03:04:30.0138 0x0ebc FDResPub - ok03:04:30.0158 0x0ebc [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys03:04:30.0169 0x0ebc FileInfo - ok03:04:30.0179 0x0ebc [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys03:04:30.0219 0x0ebc Filetrace - ok03:04:30.0239 0x0ebc [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys03:04:30.0259 0x0ebc flpydisk - ok03:04:30.0289 0x0ebc [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys03:04:30.0309 0x0ebc FltMgr - ok03:04:30.0399 0x0ebc [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll03:04:30.0469 0x0ebc FontCache - ok03:04:30.0549 0x0ebc [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe03:04:30.0589 0x0ebc FontCache3.0.0.0 - ok03:04:30.0609 0x0ebc [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys03:04:30.0639 0x0ebc FsDepends - ok03:04:30.0669 0x0ebc [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys03:04:30.0689 0x0ebc Fs_Rec - ok03:04:30.0719 0x0ebc [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys03:04:30.0749 0x0ebc fvevol - ok03:04:30.0789 0x0ebc [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys03:04:30.0809 0x0ebc gagp30kx - ok03:04:30.0919 0x0ebc [ 5AE64F0DDD7EBD1532FC70ECDB963023, 28D5F5B1B3AFC335EFC1ABD1B8EBA3C9629C6552F81670A4B5DBDFB18110C5D7 ] GoogleIMEJaCacheService C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe03:04:30.0973 0x0ebc GoogleIMEJaCacheService - ok03:04:31.0019 0x0ebc [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll03:04:31.0089 0x0ebc gpsvc - ok03:04:31.0151 0x0ebc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe03:04:31.0169 0x0ebc gupdate - ok03:04:31.0179 0x0ebc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe03:04:31.0199 0x0ebc gupdatem - ok03:04:31.0229 0x0ebc [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe03:04:31.0259 0x0ebc gusvc - ok03:04:31.0289 0x0ebc [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys03:04:31.0309 0x0ebc hcw85cir - ok03:04:31.0349 0x0ebc [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys03:04:31.0389 0x0ebc HdAudAddService - ok03:04:31.0399 0x0ebc [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys03:04:31.0429 0x0ebc HDAudBus - ok03:04:31.0449 0x0ebc [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys03:04:31.0469 0x0ebc HidBatt - ok03:04:31.0509 0x0ebc [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys03:04:31.0539 0x0ebc HidBth - ok03:04:31.0559 0x0ebc [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys03:04:31.0589 0x0ebc HidIr - ok03:04:31.0629 0x0ebc [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll03:04:31.0668 0x0ebc hidserv - ok03:04:31.0688 0x0ebc [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys03:04:31.0718 0x0ebc HidUsb - ok03:04:31.0741 0x0ebc [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll03:04:31.0774 0x0ebc hkmsvc - ok03:04:31.0811 0x0ebc [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll03:04:31.0846 0x0ebc HomeGroupListener - ok03:04:31.0876 0x0ebc [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll03:04:31.0906 0x0ebc HomeGroupProvider - ok03:04:31.0946 0x0ebc [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys03:04:31.0966 0x0ebc HpSAMD - ok03:04:32.0002 0x0ebc [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys03:04:32.0062 0x0ebc HTTP - ok03:04:32.0082 0x0ebc [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys03:04:32.0092 0x0ebc hwpolicy - ok03:04:32.0112 0x0ebc [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys03:04:32.0150 0x0ebc i8042prt - ok03:04:32.0204 0x0ebc [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys03:04:32.0234 0x0ebc iaStorV - ok03:04:32.0304 0x0ebc [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe03:04:32.0364 0x0ebc idsvc - ok03:04:32.0364 0x0ebc IEEtwCollectorService - ok03:04:32.0726 0x0ebc [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys03:04:32.0914 0x0ebc igfx - ok03:04:32.0954 0x0ebc [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys03:04:32.0974 0x0ebc iirsp - ok03:04:33.0024 0x0ebc [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll03:04:33.0084 0x0ebc IKEEXT - ok03:04:33.0094 0x0ebc [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys03:04:33.0114 0x0ebc intelide - ok03:04:33.0155 0x0ebc [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys03:04:33.0183 0x0ebc intelppm - ok03:04:33.0198 0x0ebc [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll03:04:33.0241 0x0ebc IPBusEnum - ok03:04:33.0261 0x0ebc [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys03:04:33.0301 0x0ebc IpFilterDriver - ok03:04:33.0341 0x0ebc [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll03:04:33.0402 0x0ebc iphlpsvc - ok03:04:33.0417 0x0ebc [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys03:04:33.0434 0x0ebc IPMIDRV - ok03:04:33.0464 0x0ebc [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys03:04:33.0504 0x0ebc IPNAT - ok03:04:33.0524 0x0ebc [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys03:04:33.0554 0x0ebc IRENUM - ok03:04:33.0564 0x0ebc [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys03:04:33.0584 0x0ebc isapnp - ok03:04:33.0624 0x0ebc [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys03:04:33.0654 0x0ebc iScsiPrt - ok03:04:33.0694 0x0ebc [ 8497AC41BA99ED488A312856B67832C4, E016F625B4F934B60F58DE4EACB274FABED174F0B2C4BC6887896E73374B7FD2 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys03:04:33.0724 0x0ebc k57nd60x - ok03:04:33.0744 0x0ebc [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys03:04:33.0764 0x0ebc kbdclass - ok03:04:33.0794 0x0ebc [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys03:04:33.0814 0x0ebc kbdhid - ok03:04:33.0824 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso C:\Windows\system32\lsass.exe03:04:33.0854 0x0ebc KeyIso - ok03:04:33.0884 0x0ebc [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys03:04:33.0904 0x0ebc KSecDD - ok03:04:33.0914 0x0ebc [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys03:04:33.0944 0x0ebc KSecPkg - ok03:04:33.0984 0x0ebc [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll03:04:34.0041 0x0ebc KtmRm - ok03:04:34.0081 0x0ebc [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll03:04:34.0131 0x0ebc LanmanServer - ok03:04:34.0166 0x0ebc [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll03:04:34.0203 0x0ebc LanmanWorkstation - ok03:04:34.0243 0x0ebc [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys03:04:34.0273 0x0ebc lltdio - ok03:04:34.0313 0x0ebc [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll03:04:34.0363 0x0ebc lltdsvc - ok03:04:34.0383 0x0ebc [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll03:04:34.0423 0x0ebc lmhosts - ok03:04:34.0473 0x0ebc [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys03:04:34.0503 0x0ebc LSI_FC - ok03:04:34.0523 0x0ebc [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys03:04:34.0553 0x0ebc LSI_SAS - ok03:04:34.0587 0x0ebc [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys03:04:34.0609 0x0ebc LSI_SAS2 - ok03:04:34.0642 0x0ebc [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys03:04:34.0658 0x0ebc LSI_SCSI - ok03:04:34.0680 0x0ebc [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys03:04:34.0720 0x0ebc luafv - ok03:04:34.0750 0x0ebc [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys03:04:34.0780 0x0ebc MBAMSwissArmy - ok03:04:34.0820 0x0ebc [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll03:04:34.0850 0x0ebc Mcx2Svc - ok03:04:34.0850 0x0ebc Object required for P2P: [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc03:04:54.0873 0x0ebc Object send P2P result: false03:04:54.0945 0x0ebc [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys03:04:54.0995 0x0ebc megasas - ok03:04:55.0025 0x0ebc [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys03:04:55.0056 0x0ebc MegaSR - ok03:04:55.0099 0x0ebc [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI C:\Windows\system32\DRIVERS\HECI.sys03:04:55.0123 0x0ebc MEI - ok03:04:55.0178 0x0ebc [ 600630D8A1703CFC9ED00E20C0CA6212, 4C6432DBB3B2AF687CE33C249E682EB841E3D27EADAE32748EDB3D0F1892663E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys03:04:55.0228 0x0ebc mfehidk - ok03:04:55.0274 0x0ebc [ 469F5BC46C4850FC653365005C58E076, DB9A1F2B5218217B211FC0BFE8E6C5288ECE9BE85BCA66D3EF0C863BB582AD66 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys03:04:55.0298 0x0ebc mferkdet - ok03:04:55.0317 0x0ebc [ 33FFACE454410F61B106F7BCE241B08C, B19E113869785FD5A743AF957EBE0C434047935F97DA444FD861F25A241D3D12 ] mfevtp C:\Windows\system32\mfevtps.exe03:04:55.0347 0x0ebc mfevtp - ok03:04:55.0377 0x0ebc [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll03:04:55.0437 0x0ebc MMCSS - ok03:04:55.0457 0x0ebc [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys03:04:55.0497 0x0ebc Modem - ok03:04:55.0527 0x0ebc [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys03:04:55.0547 0x0ebc monitor - ok03:04:55.0547 0x0ebc Object required for P2P: [ 79D10964DE86B292320E9DFE02282A23 ] monitor03:05:15.0578 0x0ebc Object send P2P result: false Link to post Share on other sites More sharing options...
hmw1008 Posted February 7, 2015 Author ID:937385 Share Posted February 7, 2015 03:05:15.0638 0x0ebc [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys03:05:15.0688 0x0ebc mouclass - ok03:05:15.0708 0x0ebc [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys03:05:15.0748 0x0ebc mouhid - ok03:05:15.0758 0x0ebc [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys03:05:15.0778 0x0ebc mountmgr - ok03:05:15.0808 0x0ebc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe03:05:15.0838 0x0ebc MozillaMaintenance - ok03:05:15.0858 0x0ebc [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys03:05:15.0888 0x0ebc mpio - ok03:05:15.0908 0x0ebc [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys03:05:15.0948 0x0ebc mpsdrv - ok03:05:16.0018 0x0ebc [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll03:05:16.0088 0x0ebc MpsSvc - ok03:05:16.0118 0x0ebc [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys03:05:16.0148 0x0ebc MRxDAV - ok03:05:16.0178 0x0ebc [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys03:05:16.0208 0x0ebc mrxsmb - ok03:05:16.0218 0x0ebc [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys03:05:16.0258 0x0ebc mrxsmb10 - ok03:05:16.0268 0x0ebc [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys03:05:16.0288 0x0ebc mrxsmb20 - ok03:05:16.0328 0x0ebc [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys03:05:16.0348 0x0ebc msahci - ok03:05:16.0388 0x0ebc [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys03:05:16.0408 0x0ebc msdsm - ok03:05:16.0408 0x0ebc Object required for P2P: [ 55055F8AD8BE27A64C831322A780A228 ] msdsm03:05:19.0478 0x0ebc Object send P2P result: true03:05:19.0598 0x0ebc [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe03:05:19.0648 0x0ebc MSDTC - ok03:05:19.0698 0x0ebc [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys03:05:19.0728 0x0ebc Msfs - ok03:05:19.0748 0x0ebc [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys03:05:19.0788 0x0ebc mshidkmdf - ok03:05:19.0798 0x0ebc [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys03:05:19.0818 0x0ebc msisadrv - ok03:05:19.0858 0x0ebc [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll03:05:19.0938 0x0ebc MSiSCSI - ok03:05:19.0948 0x0ebc msiserver - ok03:05:19.0968 0x0ebc [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys03:05:20.0008 0x0ebc MSKSSRV - ok03:05:20.0018 0x0ebc [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys03:05:20.0068 0x0ebc MSPCLOCK - ok03:05:20.0078 0x0ebc [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys03:05:20.0108 0x0ebc MSPQM - ok03:05:20.0138 0x0ebc [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys03:05:20.0158 0x0ebc MsRPC - ok03:05:20.0178 0x0ebc [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys03:05:20.0198 0x0ebc mssmbios - ok03:05:20.0208 0x0ebc [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys03:05:20.0248 0x0ebc MSTEE - ok03:05:20.0268 0x0ebc [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys03:05:20.0288 0x0ebc MTConfig - ok03:05:20.0298 0x0ebc [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys03:05:20.0318 0x0ebc Mup - ok03:05:20.0358 0x0ebc [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll03:05:20.0418 0x0ebc napagent - ok03:05:20.0438 0x0ebc [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys03:05:20.0478 0x0ebc NativeWifiP - ok03:05:20.0518 0x0ebc [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys03:05:20.0568 0x0ebc NDIS - ok03:05:20.0598 0x0ebc [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys03:05:20.0658 0x0ebc NdisCap - ok03:05:20.0688 0x0ebc [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys03:05:20.0728 0x0ebc NdisTapi - ok03:05:20.0738 0x0ebc [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys03:05:20.0778 0x0ebc Ndisuio - ok03:05:20.0798 0x0ebc [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys03:05:20.0838 0x0ebc NdisWan - ok03:05:20.0858 0x0ebc [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys03:05:20.0888 0x0ebc NDProxy - ok03:05:20.0918 0x0ebc [ 1FAA852C845912797275319CBCAA27D2, DE5B45D1FE8422E21A900BAA4D41B5EC58591AEF0755DDDF5707C6B0E05DE390 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_0103.sys03:05:20.0948 0x0ebc Neo_VPN - ok03:05:20.0968 0x0ebc [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys03:05:21.0008 0x0ebc NetBIOS - ok03:05:21.0028 0x0ebc [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys03:05:21.0068 0x0ebc NetBT - ok03:05:21.0078 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon C:\Windows\system32\lsass.exe03:05:21.0098 0x0ebc Netlogon - ok03:05:21.0138 0x0ebc [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll03:05:21.0188 0x0ebc Netman - ok03:05:21.0218 0x0ebc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:05:21.0248 0x0ebc NetMsmqActivator - ok03:05:21.0258 0x0ebc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:05:21.0278 0x0ebc NetPipeActivator - ok03:05:21.0298 0x0ebc [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll03:05:21.0366 0x0ebc netprofm - ok03:05:21.0374 0x0ebc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:05:21.0400 0x0ebc NetTcpActivator - ok03:05:21.0400 0x0ebc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe03:05:21.0430 0x0ebc NetTcpPortSharing - ok03:05:21.0450 0x0ebc [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys03:05:21.0470 0x0ebc nfrd960 - ok03:05:21.0510 0x0ebc [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll03:05:21.0550 0x0ebc NlaSvc - ok03:05:21.0560 0x0ebc [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys03:05:21.0600 0x0ebc Npfs - ok03:05:21.0600 0x0ebc npggsvc - ok03:05:21.0630 0x0ebc [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll03:05:21.0670 0x0ebc nsi - ok03:05:21.0690 0x0ebc [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys03:05:21.0720 0x0ebc nsiproxy - ok03:05:21.0820 0x0ebc [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys03:05:21.0900 0x0ebc Ntfs - ok03:05:21.0930 0x0ebc [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys03:05:21.0970 0x0ebc Null - ok03:05:21.0990 0x0ebc [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys03:05:22.0010 0x0ebc nvraid - ok03:05:22.0062 0x0ebc [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys03:05:22.0082 0x0ebc nvstor - ok03:05:22.0112 0x0ebc [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys03:05:22.0132 0x0ebc nv_agp - ok03:05:22.0162 0x0ebc [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys03:05:22.0192 0x0ebc ohci1394 - ok03:05:22.0252 0x0ebc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE03:05:22.0307 0x0ebc ose - ok03:05:22.0514 0x0ebc [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE03:05:22.0694 0x0ebc osppsvc - ok03:05:22.0764 0x0ebc [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll03:05:22.0824 0x0ebc p2pimsvc - ok03:05:22.0844 0x0ebc [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll03:05:22.0874 0x0ebc p2psvc - ok03:05:22.0914 0x0ebc [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys03:05:22.0934 0x0ebc Parport - ok03:05:22.0954 0x0ebc [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys03:05:22.0974 0x0ebc partmgr - ok03:05:22.0994 0x0ebc [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys03:05:23.0014 0x0ebc Parvdm - ok03:05:23.0054 0x0ebc [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll03:05:23.0084 0x0ebc PcaSvc - ok03:05:23.0104 0x0ebc [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys03:05:23.0134 0x0ebc pci - ok03:05:23.0164 0x0ebc [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys03:05:23.0184 0x0ebc pciide - ok03:05:23.0234 0x0ebc [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys03:05:23.0274 0x0ebc pcmcia - ok03:05:23.0284 0x0ebc [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys03:05:23.0304 0x0ebc pcw - ok03:05:23.0344 0x0ebc [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys03:05:23.0404 0x0ebc PEAUTH - ok03:05:23.0504 0x0ebc [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll03:05:23.0614 0x0ebc pla - ok03:05:23.0654 0x0ebc [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll03:05:23.0694 0x0ebc PlugPlay - ok03:05:23.0724 0x0ebc [ 3A2E85F7D90D15460C337CE80C2E3B29, EECAA20359FD2D75D6A564A3BAADACAA2CB69D061E455AA3F75055A3EAB54168 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe03:05:23.0744 0x0ebc PnkBstrA - ok03:05:23.0774 0x0ebc [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll03:05:23.0804 0x0ebc PNRPAutoReg - ok03:05:23.0824 0x0ebc [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll03:05:23.0864 0x0ebc PNRPsvc - ok03:05:23.0904 0x0ebc [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll03:05:23.0964 0x0ebc PolicyAgent - ok03:05:23.0994 0x0ebc [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll03:05:24.0039 0x0ebc Power - ok03:05:24.0069 0x0ebc [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys03:05:24.0109 0x0ebc PptpMiniport - ok03:05:24.0119 0x0ebc [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys03:05:24.0149 0x0ebc Processor - ok03:05:24.0201 0x0ebc [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll03:05:24.0231 0x0ebc ProfSvc - ok03:05:24.0241 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe03:05:24.0271 0x0ebc ProtectedStorage - ok03:05:24.0281 0x0ebc [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys03:05:24.0331 0x0ebc Psched - ok03:05:24.0371 0x0ebc [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys03:05:24.0401 0x0ebc PxHelp20 - ok03:05:24.0471 0x0ebc [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys03:05:24.0541 0x0ebc ql2300 - ok03:05:24.0561 0x0ebc [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys03:05:24.0581 0x0ebc ql40xx - ok03:05:24.0621 0x0ebc [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll03:05:24.0661 0x0ebc QWAVE - ok03:05:24.0671 0x0ebc [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys03:05:24.0691 0x0ebc QWAVEdrv - ok03:05:24.0721 0x0ebc [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys03:05:24.0751 0x0ebc RasAcd - ok03:05:24.0771 0x0ebc [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys03:05:24.0801 0x0ebc RasAgileVpn - ok03:05:24.0841 0x0ebc [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll03:05:24.0881 0x0ebc RasAuto - ok03:05:24.0881 0x0ebc [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys03:05:24.0921 0x0ebc Rasl2tp - ok03:05:24.0941 0x0ebc [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll03:05:24.0991 0x0ebc RasMan - ok03:05:25.0011 0x0ebc [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys03:05:25.0051 0x0ebc RasPppoe - ok03:05:25.0091 0x0ebc [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys03:05:25.0121 0x0ebc RasSstp - ok03:05:25.0141 0x0ebc [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys03:05:25.0191 0x0ebc rdbss - ok03:05:25.0201 0x0ebc [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys03:05:25.0231 0x0ebc rdpbus - ok03:05:25.0241 0x0ebc [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys03:05:25.0281 0x0ebc RDPCDD - ok03:05:25.0291 0x0ebc [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys03:05:25.0321 0x0ebc RDPENCDD - ok03:05:25.0341 0x0ebc [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys03:05:25.0371 0x0ebc RDPREFMP - ok03:05:25.0401 0x0ebc [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys03:05:25.0421 0x0ebc RdpVideoMiniport - ok03:05:25.0451 0x0ebc [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys03:05:25.0481 0x0ebc RDPWD - ok03:05:25.0481 0x0ebc Object required for P2P: [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD03:05:28.0726 0x0ebc Object send P2P result: true03:05:28.0806 0x0ebc [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys03:05:28.0856 0x0ebc rdyboost - ok03:05:28.0886 0x0ebc [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll03:05:28.0936 0x0ebc RemoteAccess - ok03:05:28.0966 0x0ebc [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll03:05:29.0006 0x0ebc RemoteRegistry - ok03:05:29.0026 0x0ebc [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll03:05:29.0066 0x0ebc RpcEptMapper - ok03:05:29.0096 0x0ebc [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe03:05:29.0146 0x0ebc RpcLocator - ok03:05:29.0166 0x0ebc [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll03:05:29.0226 0x0ebc RpcSs - ok03:05:29.0256 0x0ebc [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys03:05:29.0296 0x0ebc rspndr - ok03:05:29.0306 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs C:\Windows\system32\lsass.exe03:05:29.0336 0x0ebc SamSs - ok03:05:29.0356 0x0ebc [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys03:05:29.0386 0x0ebc sbp2port - ok03:05:29.0416 0x0ebc [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll03:05:29.0456 0x0ebc SCardSvr - ok03:05:29.0466 0x0ebc [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys03:05:29.0506 0x0ebc scfilter - ok03:05:29.0546 0x0ebc [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll03:05:29.0626 0x0ebc Schedule - ok03:05:29.0636 0x0ebc [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll03:05:29.0676 0x0ebc SCPolicySvc - ok03:05:29.0706 0x0ebc [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys03:05:29.0736 0x0ebc sdbus - ok03:05:29.0766 0x0ebc [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll03:05:29.0796 0x0ebc SDRSVC - ok03:05:29.0836 0x0ebc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys03:05:29.0866 0x0ebc secdrv - ok03:05:29.0886 0x0ebc [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll03:05:29.0926 0x0ebc seclogon - ok03:05:29.0936 0x0ebc [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll03:05:29.0976 0x0ebc SENS - ok03:05:30.0006 0x0ebc [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll03:05:30.0036 0x0ebc SensrSvc - ok03:05:30.0056 0x0ebc [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys03:05:30.0076 0x0ebc Serenum - ok03:05:30.0096 0x0ebc [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys03:05:30.0126 0x0ebc Serial - ok03:05:30.0146 0x0ebc [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys03:05:30.0166 0x0ebc sermouse - ok03:05:30.0206 0x0ebc [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll03:05:30.0246 0x0ebc SessionEnv - ok03:05:30.0276 0x0ebc [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys03:05:30.0296 0x0ebc sffdisk - ok03:05:30.0336 0x0ebc [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys03:05:30.0366 0x0ebc sffp_mmc - ok03:05:30.0376 0x0ebc [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys03:05:30.0406 0x0ebc sffp_sd - ok03:05:30.0416 0x0ebc [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys03:05:30.0446 0x0ebc sfloppy - ok03:05:30.0496 0x0ebc [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll03:05:30.0566 0x0ebc SharedAccess - ok03:05:30.0616 0x0ebc [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll03:05:30.0676 0x0ebc ShellHWDetection - ok03:05:30.0696 0x0ebc [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys03:05:30.0716 0x0ebc sisagp - ok03:05:30.0756 0x0ebc [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys03:05:30.0786 0x0ebc SiSRaid2 - ok03:05:30.0806 0x0ebc [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys03:05:30.0826 0x0ebc SiSRaid4 - ok03:05:30.0896 0x0ebc [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe03:05:30.0956 0x0ebc SkypeUpdate - ok03:05:30.0976 0x0ebc [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys03:05:31.0016 0x0ebc Smb - ok03:05:31.0046 0x0ebc [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe03:05:31.0076 0x0ebc SNMPTRAP - ok03:05:31.0086 0x0ebc [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys03:05:31.0106 0x0ebc spldr - ok03:05:31.0156 0x0ebc [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe03:05:31.0216 0x0ebc Spooler - ok03:05:31.0386 0x0ebc [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe03:05:31.0556 0x0ebc sppsvc - ok03:05:31.0576 0x0ebc [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll03:05:31.0616 0x0ebc sppuinotify - ok03:05:31.0666 0x0ebc [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd C:\Windows\System32\Drivers\sptd.sys03:05:31.0706 0x0ebc sptd - ok03:05:31.0746 0x0ebc [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys03:05:31.0776 0x0ebc srv - ok03:05:31.0796 0x0ebc [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys03:05:31.0836 0x0ebc srv2 - ok03:05:31.0856 0x0ebc [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys03:05:31.0876 0x0ebc srvnet - ok03:05:31.0906 0x0ebc [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll03:05:31.0956 0x0ebc SSDPSRV - ok03:05:31.0966 0x0ebc [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll03:05:32.0016 0x0ebc SstpSvc - ok03:05:32.0066 0x0ebc [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe03:05:32.0106 0x0ebc Steam Client Service - ok03:05:32.0126 0x0ebc [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys03:05:32.0146 0x0ebc stexstor - ok03:05:32.0176 0x0ebc [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys03:05:32.0196 0x0ebc StillCam - ok03:05:32.0246 0x0ebc [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll03:05:32.0296 0x0ebc StiSvc - ok03:05:32.0336 0x0ebc [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys03:05:32.0346 0x0ebc swenum - ok03:05:32.0386 0x0ebc [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll03:05:32.0446 0x0ebc swprv - ok03:05:32.0496 0x0ebc [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll03:05:32.0583 0x0ebc SysMain - ok03:05:32.0618 0x0ebc [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll03:05:32.0648 0x0ebc TabletInputService - ok03:05:32.0669 0x0ebc [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll03:05:32.0710 0x0ebc TapiSrv - ok03:05:32.0730 0x0ebc [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll03:05:32.0780 0x0ebc TBS - ok03:05:32.0870 0x0ebc [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip C:\Windows\system32\drivers\tcpip.sys03:05:32.0950 0x0ebc Tcpip - ok03:05:32.0990 0x0ebc [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys03:05:33.0062 0x0ebc TCPIP6 - ok03:05:33.0092 0x0ebc [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys03:05:33.0112 0x0ebc tcpipreg - ok03:05:33.0142 0x0ebc [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys03:05:33.0162 0x0ebc TDPIPE - ok03:05:33.0212 0x0ebc [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys03:05:33.0252 0x0ebc TDTCP - ok03:05:33.0292 0x0ebc [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys03:05:33.0332 0x0ebc tdx - ok03:05:33.0332 0x0ebc [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys03:05:33.0352 0x0ebc TermDD - ok03:05:33.0412 0x0ebc [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll03:05:33.0502 0x0ebc TermService - ok03:05:33.0522 0x0ebc [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll03:05:33.0552 0x0ebc Themes - ok03:05:33.0562 0x0ebc [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll03:05:33.0602 0x0ebc THREADORDER - ok03:05:33.0622 0x0ebc [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll03:05:33.0672 0x0ebc TrkWks - ok03:05:33.0712 0x0ebc [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe03:05:33.0752 0x0ebc TrustedInstaller - ok03:05:33.0782 0x0ebc [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys03:05:33.0812 0x0ebc tssecsrv - ok03:05:33.0832 0x0ebc [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys03:05:33.0862 0x0ebc TsUsbFlt - ok03:05:33.0882 0x0ebc [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys03:05:33.0912 0x0ebc TsUsbGD - ok03:05:33.0942 0x0ebc [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys03:05:33.0982 0x0ebc tunnel - ok03:05:34.0002 0x0ebc [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys03:05:34.0022 0x0ebc uagp35 - ok03:05:34.0052 0x0ebc [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys03:05:34.0102 0x0ebc udfs - ok03:05:34.0102 0x0ebc Object required for P2P: [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs03:05:37.0184 0x0ebc Object send P2P result: true03:05:37.0254 0x0ebc [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe03:05:37.0284 0x0ebc UI0Detect - ok03:05:37.0314 0x0ebc [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys03:05:37.0334 0x0ebc uliagpkx - ok03:05:37.0354 0x0ebc [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys03:05:37.0384 0x0ebc umbus - ok03:05:37.0394 0x0ebc [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys03:05:37.0414 0x0ebc UmPass - ok03:05:37.0444 0x0ebc [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll03:05:37.0494 0x0ebc upnphost - ok03:05:37.0514 0x0ebc [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys03:05:37.0534 0x0ebc USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )03:05:37.0534 0x0ebc Detect skipped due to KSN trusted03:05:37.0534 0x0ebc USBAAPL - ok03:05:37.0564 0x0ebc [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys03:05:37.0594 0x0ebc usbaudio - ok03:05:37.0624 0x0ebc [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys03:05:37.0654 0x0ebc usbccgp - ok03:05:37.0674 0x0ebc [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys03:05:37.0704 0x0ebc usbcir - ok03:05:37.0731 0x0ebc [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys03:05:37.0755 0x0ebc usbehci - ok03:05:37.0782 0x0ebc [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys03:05:37.0807 0x0ebc usbhub - ok03:05:37.0807 0x0ebc Object required for P2P: [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub03:05:40.0897 0x0ebc Object send P2P result: true03:05:40.0957 0x0ebc [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys03:05:41.0007 0x0ebc usbohci - ok03:05:41.0027 0x0ebc [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys03:05:41.0047 0x0ebc usbprint - ok03:05:41.0077 0x0ebc [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys03:05:41.0107 0x0ebc usbscan - ok03:05:41.0137 0x0ebc [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS03:05:41.0157 0x0ebc USBSTOR - ok03:05:41.0187 0x0ebc [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys03:05:41.0207 0x0ebc usbuhci - ok03:05:41.0247 0x0ebc [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys03:05:41.0277 0x0ebc usbvideo - ok03:05:41.0297 0x0ebc [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll03:05:41.0337 0x0ebc UxSms - ok03:05:41.0347 0x0ebc [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc C:\Windows\system32\lsass.exe03:05:41.0367 0x0ebc VaultSvc - ok03:05:41.0387 0x0ebc [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys03:05:41.0407 0x0ebc vdrvroot - ok03:05:41.0437 0x0ebc [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe03:05:41.0497 0x0ebc vds - ok03:05:41.0527 0x0ebc [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys03:05:41.0557 0x0ebc vga - ok03:05:41.0567 0x0ebc [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys03:05:41.0607 0x0ebc VgaSave - ok03:05:41.0637 0x0ebc [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys03:05:41.0667 0x0ebc vhdmp - ok03:05:41.0687 0x0ebc [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys03:05:41.0707 0x0ebc viaagp - ok03:05:41.0727 0x0ebc [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys03:05:41.0747 0x0ebc ViaC7 - ok03:05:41.0787 0x0ebc [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys03:05:41.0827 0x0ebc viaide - ok03:05:41.0857 0x0ebc [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys03:05:41.0887 0x0ebc volmgr - ok03:05:41.0907 0x0ebc [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys03:05:41.0937 0x0ebc volmgrx - ok03:05:41.0957 0x0ebc [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys03:05:41.0987 0x0ebc volsnap - ok03:05:42.0017 0x0ebc [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys03:05:42.0047 0x0ebc vsmraid - ok03:05:42.0047 0x0ebc Object required for P2P: [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid03:05:45.0107 0x0ebc Object send P2P result: true03:05:45.0197 0x0ebc [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe03:05:45.0297 0x0ebc VSS - ok03:05:45.0317 0x0ebc [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys03:05:45.0337 0x0ebc vwifibus - ok03:05:45.0357 0x0ebc [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys03:05:45.0377 0x0ebc vwififlt - ok03:05:45.0417 0x0ebc [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys03:05:45.0437 0x0ebc vwifimp - ok03:05:45.0467 0x0ebc [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll03:05:45.0527 0x0ebc W32Time - ok03:05:45.0537 0x0ebc [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys03:05:45.0567 0x0ebc WacomPen - ok03:05:45.0577 0x0ebc [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys03:05:45.0617 0x0ebc WANARP - ok03:05:45.0627 0x0ebc [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys03:05:45.0657 0x0ebc Wanarpv6 - ok03:05:45.0747 0x0ebc [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe03:05:45.0827 0x0ebc WatAdminSvc - ok03:05:45.0887 0x0ebc [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe03:05:45.0977 0x0ebc wbengine - ok03:05:45.0997 0x0ebc [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll03:05:46.0037 0x0ebc WbioSrvc - ok03:05:46.0047 0x0ebc [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll03:05:46.0097 0x0ebc wcncsvc - ok03:05:46.0117 0x0ebc [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll03:05:46.0147 0x0ebc WcsPlugInService - ok03:05:46.0177 0x0ebc [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys03:05:46.0197 0x0ebc Wd - ok03:05:46.0247 0x0ebc [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys03:05:46.0287 0x0ebc Wdf01000 - ok03:05:46.0307 0x0ebc [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll03:05:46.0337 0x0ebc WdiServiceHost - ok03:05:46.0347 0x0ebc [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll03:05:46.0377 0x0ebc WdiSystemHost - ok03:05:46.0407 0x0ebc [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll03:05:46.0447 0x0ebc WebClient - ok03:05:46.0487 0x0ebc [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll03:05:46.0527 0x0ebc Wecsvc - ok03:05:46.0547 0x0ebc [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll03:05:46.0587 0x0ebc wercplsupport - ok03:05:46.0587 0x0ebc Object required for P2P: [ AC804569BB2364FB6017370258A4091B ] wercplsupport03:05:49.0747 0x0ebc Object send P2P result: true03:05:49.0817 0x0ebc [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll03:05:49.0877 0x0ebc WerSvc - ok03:05:49.0887 0x0ebc [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys03:05:49.0927 0x0ebc WfpLwf - ok03:05:49.0967 0x0ebc [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys03:05:49.0987 0x0ebc WIMMount - ok03:05:50.0077 0x0ebc [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll03:05:50.0137 0x0ebc WinDefend - ok03:05:50.0147 0x0ebc WinHttpAutoProxySvc - ok03:05:50.0217 0x0ebc [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll03:05:50.0277 0x0ebc Winmgmt - ok03:05:50.0407 0x0ebc [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll03:05:50.0517 0x0ebc WinRM - ok03:05:50.0547 0x0ebc [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys03:05:50.0577 0x0ebc WinUsb - ok03:05:50.0657 0x0ebc [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll03:05:50.0737 0x0ebc Wlansvc - ok03:05:50.0857 0x0ebc [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE03:05:50.0957 0x0ebc wlidsvc - ok03:05:50.0987 0x0ebc [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys03:05:51.0007 0x0ebc WmiAcpi - ok03:05:51.0037 0x0ebc [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe03:05:51.0067 0x0ebc wmiApSrv - ok03:05:51.0167 0x0ebc [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe03:05:51.0259 0x0ebc WMPNetworkSvc - ok03:05:51.0279 0x0ebc [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll03:05:51.0309 0x0ebc WPCSvc - ok03:05:51.0329 0x0ebc [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll03:05:51.0359 0x0ebc WPDBusEnum - ok03:05:51.0389 0x0ebc [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys03:05:51.0419 0x0ebc ws2ifsl - ok03:05:51.0459 0x0ebc [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll03:05:51.0489 0x0ebc wscsvc - ok03:05:51.0499 0x0ebc WSearch - ok03:05:51.0619 0x0ebc [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll03:05:51.0743 0x0ebc wuauserv - ok03:05:51.0784 0x0ebc [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys03:05:51.0821 0x0ebc WudfPf - ok03:05:51.0851 0x0ebc [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys03:05:51.0881 0x0ebc WUDFRd - ok03:05:51.0901 0x0ebc [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll03:05:51.0931 0x0ebc wudfsvc - ok03:05:51.0971 0x0ebc [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll03:05:52.0001 0x0ebc WwanSvc - ok03:05:52.0021 0x0ebc ================ Scan global ===============================03:05:52.0051 0x0ebc [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll03:05:52.0091 0x0ebc [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll03:05:52.0121 0x0ebc [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll03:05:52.0151 0x0ebc [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll03:05:52.0191 0x0ebc [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe03:05:52.0201 0x0ebc [ Global ] - ok03:05:52.0201 0x0ebc ================ Scan MBR ==================================03:05:52.0211 0x0ebc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR003:05:52.0671 0x0ebc \Device\Harddisk0\DR0 - ok03:05:52.0681 0x0ebc ================ Scan VBR ==================================03:05:52.0691 0x0ebc [ B92CFCBFF0990C56135FA8180212A509 ] \Device\Harddisk0\DR0\Partition103:05:52.0691 0x0ebc \Device\Harddisk0\DR0\Partition1 - ok03:05:52.0711 0x0ebc ================ Scan generic autorun ======================03:05:52.0751 0x0ebc [ 4C2ECFF76CE32EC594545152D1DCEB35, 93C089183A47FEACA09D40A3A0142C3BDDBD3712A3C99C6D3E97EECAE38B1A62 ] C:\Windows\system32\igfxtray.exe03:05:52.0781 0x0ebc IgfxTray - ok03:05:52.0861 0x0ebc [ 1B422F7D2238612919EE9771D26B0208, A656217E36733D704C4AB8755B885085ADB01819C369B0BDF45441286215EF53 ] C:\Windows\system32\hkcmd.exe03:05:52.0901 0x0ebc HotKeysCmds - ok03:05:52.0931 0x0ebc [ 22884291BD017D70E047D50DAD3C4602, 2D3F34E07C7962606944B38F6D06810E066117FB14A2939DFA80A43966ADE0BB ] C:\Windows\system32\igfxpers.exe03:05:52.0961 0x0ebc Persistence - ok03:05:53.0001 0x0ebc [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe03:05:53.0021 0x0ebc NUSB3MON - ok03:05:53.0151 0x0ebc [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe03:05:53.0181 0x0ebc AdobeAAMUpdater-1.0 - ok03:05:53.0351 0x0ebc [ 6B90AE01904E5071226E2D2C4397FE52, F58DEC674B2D30AD67347708E4739E9ED2D4774B48CFD30E6009F7412EC597BC ] C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe03:05:53.0421 0x0ebc Google Japanese Input Prelauncher - ok03:05:53.0491 0x0ebc [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe03:05:53.0551 0x0ebc BCSSync - ok03:05:53.0581 0x0ebc [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe03:05:53.0621 0x0ebc SunJavaUpdateSched - ok03:05:53.0621 0x0ebc XeroxEndeavorBackgroundTask - ok03:05:53.0891 0x0ebc [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe03:05:54.0121 0x0ebc AvastUI.exe - ok03:05:54.0370 0x0ebc [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe03:05:54.0550 0x0ebc DAEMON Tools Lite - ok03:05:55.0010 0x0ebc [ 9544B88064F31774D7D317498A9ABBFA, B4815E6AD0998CD4B183A597B191AD36ACC045A943EE7EB8E9C208B50874ADB1 ] C:\Program Files\Naver\LINE\Line.exe03:05:55.0190 0x0ebc Line - ok03:05:55.0300 0x0ebc [ E429410581E60535B555DDA729424885, 6324FABE1977E54C9742A466DD39E539BCE2DCD0ECD29700B859B80D3033A20D ] C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe03:05:55.0370 0x0ebc DuckCapture - detected UnsignedFile.Multi.Generic ( 1 )03:05:55.0370 0x0ebc Detect skipped due to KSN trusted03:05:55.0370 0x0ebc DuckCapture - ok03:05:55.0390 0x0ebc Skype - ok03:05:55.0400 0x0ebc AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )03:05:55.0410 0x0ebc Win FW state via NFP2: enabled03:05:58.0242 0x0ebc ============================================================03:05:58.0242 0x0ebc Scan finished03:05:58.0242 0x0ebc ============================================================03:05:58.0242 0x1074 Detected object count: 003:05:58.0242 0x1074 Actual detected object count: 0 Link to post Share on other sites
Recommended Posts