Jump to content

TWC detected botnet, please help!


Recommended Posts

Today I woke up to do some homework online, I get a message page from my internet service Time Warner Cable, and they have notified me that I have a botnet! At the moment, I'm currently scanning avast and malwarebytes program to get it rid of it, but I'm not sure if its going to work, because I'm so paranoid. I've been here once before couple of years ago, and got help with a malware issue that I had. And I was satisfied with it, so I would like it if you may help me once more! 

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems. medieval.gif

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:
  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites
Hello deeprybka! Here is the FRST.txt! And posting Addition.txt on next reply/

 

 

 

 

 


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015

Ran by Home (administrator) on HOME-PC on 05-02-2015 16:14:42

Running from C:\Users\Home\Desktop

Loaded Profiles: Home (Available profiles: Home)

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe

(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)

HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)

HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk

ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)

Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com




SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741

FF DefaultSearchEngine: Google

FF NetworkProxy: "http", "1.179.143.178"

FF NetworkProxy: "http_port", 3128

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.js

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xml

FF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}

CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]

CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]

CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]

CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]

CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]

CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]

CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]

CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]

CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)

R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)

S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()

R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)

R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)

R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)

R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)

R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)

R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)

S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]

U3 apxlhe8b; C:\Windows\system32\Drivers\apxlhe8b.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-05 16:14 - 2015-02-05 16:14 - 00019436 _____ () C:\Users\Home\Desktop\FRST.txt

2015-02-05 15:28 - 2015-02-05 16:14 - 00000000 ____D () C:\FRST

2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe

2015-01-26 20:27 - 2015-01-26 20:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2015-01-23 14:16 - 2015-01-23 14:16 - 00243616 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 35.0.exe

2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories

2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-05 16:13 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox

2015-02-05 16:13 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox

2015-02-05 16:12 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype

2015-02-05 16:11 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-05 16:10 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-05 16:10 - 2009-07-13 22:39 - 00075122 _____ () C:\Windows\setupact.log

2015-02-05 16:09 - 2010-11-20 15:48 - 00039932 _____ () C:\Windows\PFRO.log

2015-02-05 15:36 - 2014-02-01 18:12 - 02048650 _____ () C:\Windows\WindowsUpdate.log

2015-02-05 14:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati

2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS

2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-05 08:25 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2015-02-05 08:22 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-05 08:21 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.0

2015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk

2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE

2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc

2015-02-03 20:10 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt

2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media

2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-01-20 12:29 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note

2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype

2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype

2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2015-01-06 14:25 - 2014-07-23 02:12 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-01-06 14:25 - 2014-07-23 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

 

==================== Files in the root of some directories =======

 

2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg

2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys

2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml

2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG

2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel

 

Some content of TEMP:

====================

C:\Users\Home\AppData\Local\Temp\1580uninstall.exe

C:\Users\Home\AppData\Local\Temp\bdfilters.dll

C:\Users\Home\AppData\Local\Temp\BingBarSetup-Partner.exe

C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcudqlt.dll

C:\Users\Home\AppData\Local\Temp\JDSetup130462413332658678.exe

C:\Users\Home\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Home\AppData\Local\Temp\jre-8u31-windows-au.exe

C:\Users\Home\AppData\Local\Temp\mpam-cfdb5341.exe

C:\Users\Home\AppData\Local\Temp\optprosetup.exe

C:\Users\Home\AppData\Local\Temp\ose00000.exe

C:\Users\Home\AppData\Local\Temp\proxy_vole2771621787586578924.dll

C:\Users\Home\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Home\AppData\Local\Temp\welcome_jpn.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-02-03 02:03

 

==================== End Of Log ============================

 

Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015

Ran by Home at 2015-02-05 16:16:08

Running from C:\Users\Home\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)

Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)

Adobe Premiere Elements 9 Content (HKLM\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Archeblade (HKLM\...\Steam App 207230) (Version:  - CodeBrush Games)

Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)

Bandicam (HKLM\...\Bandicam) (Version: 2.0.1.651 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.135 - Broadcom Corporation)

Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.4.9.2 - Broadcom Corporation)

Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.6.1 - Broadcom Corporation)

Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Content Manager Assistant for PlayStation® (HKLM\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)

Dropbox (HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

DuckCapture Standard 2.7 (HKLM\...\DuckCapture_is1) (Version: 2.7 - DuckLink)

Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) Hidden

Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden

FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)

foobar2000 v1.3.1 (HKLM\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

Google 日本語入力 (HKLM\...\{56CB4ACA-C79E-439D-B55E-68EA8D57C467}) (Version: 1.13.1641.0 - Google Inc.)

Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )

HF pAppLoc version 1.1 (HKLM\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1 - Inquisitor)

Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

LINE (HKLM\...\LINE) (Version: 3.9.1.188 - LINE Corporation)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)

Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )

Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)

MKVToolNix 6.7.0 [20140102-565] (HKLM\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)

Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 35.0.1 (x86 ja) (HKLM\...\Mozilla Firefox 35.0.1 (x86 ja)) (Version: 35.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)

piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

qBittorrent 3.1.8 (HKLM\...\qbittorrent) (Version: 3.1.8 - The qBittorrent project)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

SmartSound Quicktracks for Premiere Elements 9.0 (HKLM\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)

SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) Hidden

Steam (HKLM\...\Steam) (Version:  - Valve Corporation)

Tixati (HKLM\...\tixati) (Version:  - )

Tom Clancy's Ghost Recon Phantoms - NA (HKLM\...\Steam App 243870) (Version:  - Ubisoft Singapore)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XMedia Recode version 3.1.8.4 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.4 - XMedia Recode)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll No File

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 20:04 - 2009-06-10 15:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0C23445C-A760-4634-B9A0-EB280AD6891C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)

Task: {1DDEFBDC-A5B9-4569-9BCC-FA5CCA6B3935} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {2828B5AE-1AEC-4363-8B73-947A76D3069B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {308944FE-8032-47CB-B624-1730B1E13176} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {8210113A-F918-470A-B812-26177AA90A08} - System32\Tasks\AdobeAAMUpdater-1.0-Home-PC-Home => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)

Task: {992951D0-0FCD-4EE9-BB1C-FC5A751B9490} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-08] (AVAST Software)

Task: {E1F7CBDA-5AF3-43AA-9E16-B9A5DC291879} - System32\Tasks\{DE5C1EA8-35F0-4744-B56A-0B2FA27465AE} => Chrome.exe http://ui.skype.com/ui/0/6.13.0.104/en/abandoninstall?source=lightinstaller&page=tsBing

Task: {F0100D7C-9C62-4D30-BBF6-5F58090D1E26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2015-02-05 07:30 - 2015-02-05 07:30 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020500\algo.dll

2014-05-10 00:51 - 2014-05-10 00:51 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2014-01-29 23:12 - 2014-01-29 23:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll

2015-01-08 10:04 - 2015-01-08 10:04 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-11-12 23:54 - 2014-11-12 23:54 - 00113664 _____ () C:\Program Files\Naver\LINE\PlayerHelper.dll

2015-02-03 02:08 - 2015-02-03 02:08 - 03123048 _____ () C:\Program Files\Naver\LINE\ampkit_windows.dll

2014-08-21 06:48 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll

2014-08-21 06:48 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files\DuckLink\DuckCapture\QtGui4.dll

2014-08-21 06:48 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files\DuckLink\DuckCapture\QtCore4.dll

2014-08-21 06:48 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files\DuckLink\DuckCapture\QtNetwork4.dll

2014-08-21 06:48 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll

2014-08-21 06:48 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files\DuckLink\DuckCapture\QtScript4.dll

2014-08-21 06:48 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files\DuckLink\DuckCapture\QtScriptTools4.dll

2014-08-21 06:48 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files\DuckLink\DuckCapture\QxtGui.dll

2014-08-21 06:48 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files\DuckLink\DuckCapture\QxtCore.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qico4.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll

2014-10-21 18:22 - 2014-10-21 18:22 - 00750080 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-02-05 16:13 - 2015-02-05 16:13 - 00043008 _____ () c:\users\home\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcudqlt.dll

2014-10-21 18:22 - 2014-10-21 18:22 - 00047616 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libEGL.dll

2014-10-21 18:22 - 2014-10-21 18:22 - 00863744 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2014-10-21 18:22 - 2014-10-21 18:22 - 00200704 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Other Registry Areas =====================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-4195104481-2079486966-316092486-500 - Administrator - Disabled)

Guest (S-1-5-21-4195104481-2079486966-316092486-501 - Limited - Disabled)

Home (S-1-5-21-4195104481-2079486966-316092486-1000 - Administrator - Enabled) => C:\Users\Home

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: Lexmark X422

Description: Lexmark X422

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Lexmark

Service: usbscan

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )

Description: ConnectifySvc error: 6Failed to SetServiceStatus

 

Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861

 

 

System errors:

=============

Error: (02/05/2015 04:10:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG WatchDog service failed to start due to the following error: 

%%2

 

Error: (02/05/2015 04:10:00 PM) (Source: volsnap) (EventID: 36) (User: )

Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

 

Error: (02/05/2015 08:14:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG WatchDog service failed to start due to the following error: 

%%2

 

Error: (02/05/2015 08:11:21 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (02/05/2015 07:29:27 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

Error: (02/05/2015 07:29:07 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

Error: (02/05/2015 07:28:47 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

Error: (02/05/2015 07:28:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.

 

Error: (02/05/2015 06:46:49 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR3.

 

Error: (02/04/2015 11:23:05 PM) (Source: DCOM) (EventID: 10000) (User: )

Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}8{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

 

Microsoft Office Sessions:

=========================

Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )

Description: ConnectifySvc error: 6Failed to SetServiceStatus

 

Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861

 

 

==================== Memory info =========================== 

 

Processor: Intel® Pentium® CPU B960 @ 2.20GHz

Percentage of memory in use: 82%

Total physical RAM: 3397.19 MB

Available physical RAM: 597.93 MB

Total Pagefile: 6792.66 MB

Available Pagefile: 3390.23 MB

Total Virtual: 2047.88 MB

Available Virtual: 1898.59 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:149.05 GB) (Free:11.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 4C90DB35)

Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

Step 1

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).

    Please copy and paste the contents of this file into your next post.

Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.

(You can find more detailed instructions in this guide on using Combofix.)

Step 2

Scan with mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.

    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]

  • A window with an option to view the detailed log will appear.

    mbamlog.png

  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please copy and paste these logs in your next reply.

Link to post
Share on other sites

Combofix log file:

 

ComboFix 15-02-02.01 - Home 2015/02/05  17:09:17.1.2 - x86

Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.3397.928 [GMT -6:00]
Running from: c:\users\Home\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
.
.
(((((((((((((((((((((((((   Files Created from 2015-01-05 to 2015-02-05  )))))))))))))))))))))))))))))))
.
.
2015-02-05 23:21 . 2015-02-05 23:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-05 21:28 . 2015-02-05 22:17 -------- d-----w- C:\FRST
2015-01-21 10:54 . 2015-02-01 10:07 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6AFD223-B751-433E-B4AE-90B8DEA79052}\offreg.dll
2015-01-08 16:04 . 2015-01-08 16:04 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-01-08 16:04 . 2015-01-08 16:04 43152 ----a-w- c:\windows\avastSS.scr
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 14:25 . 2014-06-04 01:05 114904 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2015-01-08 16:05 . 2014-09-30 07:29 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-01-08 16:05 . 2014-09-30 07:29 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-01-08 16:04 . 2014-09-30 07:29 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-01-08 16:04 . 2014-09-30 07:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-01-08 16:04 . 2014-09-30 07:29 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-01-08 16:04 . 2014-09-30 07:29 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-01-08 16:04 . 2014-09-30 07:29 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-01-08 16:04 . 2014-09-30 07:29 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-21 12:14 . 2014-07-23 08:12 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 12:14 . 2014-07-23 08:12 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 12:14 . 2014-07-23 08:12 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-08 16:04 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Line"="c:\program files\Naver\LINE\Line.exe" [2015-02-03 4031336]
"DuckCapture"="c:\program files\DuckLink\DuckCapture\DuckCapture.exe" [2011-11-04 436736]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-11 30877280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 145880]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 181208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 189912]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"Google Japanese Input Prelauncher"="c:\program files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" [2013-12-18 1435672]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"XeroxEndeavorBackgroundTask"="xrWCbgnd.dll" [2009-07-14 53760]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
.
c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Content Manager Assistant for PlayStation®.lnk - c:\program files\Sony\Content Manager Assistant\CMA.exe [2014-9-16 3696248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
   Ime File REG_SZ         GIMEJA.IME
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-01-08 91496]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2014-09-29 94520]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2014-01-22 5267776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-02 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-02-05 114904]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-01-08 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-01-08 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-25 243128]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-01-08 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-01-08 70384]
S2 GoogleIMEJaCacheService;Google Japanese Input Cache Service;c:\program files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [2013-12-18 754712]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-09-29 179600]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 59944]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 18472]
S3 bScsiMSx;bScsiMSx;c:\windows\system32\DRIVERS\bScsiMSx.sys [2010-12-10 32296]
S3 bScsiSDx;bScsiSDx;c:\windows\system32\DRIVERS\bScsiSDx.sys [2010-12-12 55336]
S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2010-11-01 348712]
S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0103.sys [2014-06-25 26880]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-04 02:10 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 00:41]
.
2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 00:41]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
mStart Page = www.google.com
uSearchAssistant = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\
FF - prefs.js: network.proxy.http - 1.179.143.178
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.nspdlsd.aflt - spd_ir_14_23_ch
FF - user.js: extensions.nspdlsd.instlRef - 142905_b
FF - user.js: extensions.nspdlsd.cr - 866866320
FF - user.js: extensions.nspdlsd.cd - 2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtB0B0BzztB0B0A0A0B0EtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCtDtAtC0CzzyCtGyDyB0FzytG0A0EtCtAtGtB0D0DtDtGyCyEtA0BzztC0EyE0ByCzyyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0DyBzz0BzyyD0FtG0F0B0EtCtGzzzyyE0AtGtB0B0E0BtGyB0D0Azz0B0F0A0D0CzytBtB2Q
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-02-05  17:24:15
ComboFix-quarantined-files.txt  2015-02-05 23:24
.
Pre-Run: 11,791,745,024 bytes free
Post-Run: 19,393,060,864 bytes free
.
- - End Of File - - CFDD71389B325DAAD2E3946FF3B9E949
A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites

Malwarebytes file:

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 2015/02/05
Scan Time: 17:28:48
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.05.11
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Home
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331827
Time Elapsed: 31 min, 18 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015

Ran by Home (administrator) on HOME-PC on 05-02-2015 18:03:08
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available profiles: Home)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)
HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741
FF DefaultSearchEngine: Google
FF NetworkProxy: "http", "1.179.143.178"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xml
FF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]
CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]
CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()
R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)
R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)
R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
U3 apxlhe8b; C:\Windows\system32\Drivers\apxlhe8b.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
U3 catchme; \??\C:\Users\Home\AppData\Local\Temp\catchme.sys [X]
U3 mbr; \??\C:\ComboFix\mbr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-05 17:24 - 2015-02-05 17:24 - 00012787 _____ () C:\ComboFix.txt
2015-02-05 17:05 - 2015-02-05 17:24 - 00000000 ____D () C:\Qoobox
2015-02-05 17:05 - 2015-02-05 17:22 - 00000000 ____D () C:\Windows\erdnt
2015-02-05 17:05 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-05 17:05 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-05 17:05 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-05 17:01 - 2015-02-05 17:02 - 05611380 ____R (Swearware) C:\Users\Home\Downloads\ComboFix.exe
2015-02-05 16:16 - 2015-02-05 16:17 - 00025901 _____ () C:\Users\Home\Desktop\Addition.txt
2015-02-05 16:14 - 2015-02-05 18:03 - 00020312 _____ () C:\Users\Home\Desktop\FRST.txt
2015-02-05 15:28 - 2015-02-05 18:03 - 00000000 ____D () C:\FRST
2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2015-01-26 20:27 - 2015-01-26 20:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-23 14:16 - 2015-01-23 14:16 - 00243616 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 35.0.exe
2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories
2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-05 18:00 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype
2015-02-05 17:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 17:28 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default
2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public
2015-02-05 17:21 - 2009-07-13 20:04 - 00000215 _____ () C:\Windows\system.ini
2015-02-05 16:20 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-05 16:20 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-05 16:16 - 2014-02-01 18:12 - 02050667 _____ () C:\Windows\WindowsUpdate.log
2015-02-05 16:13 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox
2015-02-05 16:13 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox
2015-02-05 16:11 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-05 16:10 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-05 16:10 - 2009-07-13 22:39 - 00075122 _____ () C:\Windows\setupact.log
2015-02-05 16:09 - 2010-11-20 15:48 - 00039932 _____ () C:\Windows\PFRO.log
2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati
2015-02-05 14:36 - 2014-06-25 01:23 - 00000000 ____D () C:\Program Files\PacketiX VPN Client
2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS
2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.0
2015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc
2015-02-03 20:10 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt
2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media
2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-20 12:29 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note
2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype
2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-06 14:25 - 2014-07-23 02:12 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-06 14:25 - 2014-07-23 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
 
==================== Files in the root of some directories =======
 
2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg
2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys
2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml
2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 02:03
 
==================== End Of Log ============================
Link to post
Share on other sites
Additional.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015

Ran by Home at 2015-02-05 18:04:02

Running from C:\Users\Home\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)

Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)

Adobe Premiere Elements 9 Content (HKLM\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Archeblade (HKLM\...\Steam App 207230) (Version:  - CodeBrush Games)

Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)

Bandicam (HKLM\...\Bandicam) (Version: 2.0.1.651 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.135 - Broadcom Corporation)

Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.4.9.2 - Broadcom Corporation)

Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.6.1 - Broadcom Corporation)

Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Content Manager Assistant for PlayStation® (HKLM\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)

Dropbox (HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

DuckCapture Standard 2.7 (HKLM\...\DuckCapture_is1) (Version: 2.7 - DuckLink)

Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) Hidden

Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden

FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)

foobar2000 v1.3.1 (HKLM\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

Google 日本語入力 (HKLM\...\{56CB4ACA-C79E-439D-B55E-68EA8D57C467}) (Version: 1.13.1641.0 - Google Inc.)

Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )

Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

LINE (HKLM\...\LINE) (Version: 3.9.1.188 - LINE Corporation)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)

Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )

Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)

MKVToolNix 6.7.0 [20140102-565] (HKLM\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)

Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 35.0.1 (x86 ja) (HKLM\...\Mozilla Firefox 35.0.1 (x86 ja)) (Version: 35.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)

MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)

piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

qBittorrent 3.1.8 (HKLM\...\qbittorrent) (Version: 3.1.8 - The qBittorrent project)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

SmartSound Quicktracks for Premiere Elements 9.0 (HKLM\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)

SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) Hidden

Steam (HKLM\...\Steam) (Version:  - Valve Corporation)

Tixati (HKLM\...\tixati) (Version:  - )

Tom Clancy's Ghost Recon Phantoms - NA (HKLM\...\Steam App 243870) (Version:  - Ubisoft Singapore)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XMedia Recode version 3.1.8.4 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.4 - XMedia Recode)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll No File

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4195104481-2079486966-316092486-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

05-02-2015 17:05:41 ComboFix created restore point

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 20:04 - 2015-02-05 17:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0C23445C-A760-4634-B9A0-EB280AD6891C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)

Task: {1DDEFBDC-A5B9-4569-9BCC-FA5CCA6B3935} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {2828B5AE-1AEC-4363-8B73-947A76D3069B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {308944FE-8032-47CB-B624-1730B1E13176} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {8210113A-F918-470A-B812-26177AA90A08} - System32\Tasks\AdobeAAMUpdater-1.0-Home-PC-Home => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)

Task: {992951D0-0FCD-4EE9-BB1C-FC5A751B9490} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-08] (AVAST Software)

Task: {E1F7CBDA-5AF3-43AA-9E16-B9A5DC291879} - System32\Tasks\{DE5C1EA8-35F0-4744-B56A-0B2FA27465AE} => Chrome.exe http://ui.skype.com/ui/0/6.13.0.104/en/abandoninstall?source=lightinstaller&page=tsBing

Task: {F0100D7C-9C62-4D30-BBF6-5F58090D1E26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2015-02-05 07:30 - 2015-02-05 07:30 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020500\algo.dll

2015-02-05 16:14 - 2015-02-05 16:14 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020501\algo.dll

2014-05-10 00:51 - 2014-05-10 00:51 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2014-01-29 23:12 - 2014-01-29 23:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll

2015-01-08 10:04 - 2015-01-08 10:04 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-11-12 23:54 - 2014-11-12 23:54 - 00113664 _____ () C:\Program Files\Naver\LINE\PlayerHelper.dll

2015-02-03 02:08 - 2015-02-03 02:08 - 03123048 _____ () C:\Program Files\Naver\LINE\ampkit_windows.dll

2014-08-21 06:48 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll

2014-08-21 06:48 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files\DuckLink\DuckCapture\QtGui4.dll

2014-08-21 06:48 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files\DuckLink\DuckCapture\QtCore4.dll

2014-08-21 06:48 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files\DuckLink\DuckCapture\QtNetwork4.dll

2014-08-21 06:48 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll

2014-08-21 06:48 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files\DuckLink\DuckCapture\QtScript4.dll

2014-08-21 06:48 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files\DuckLink\DuckCapture\QtScriptTools4.dll

2014-08-21 06:48 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files\DuckLink\DuckCapture\QxtGui.dll

2014-08-21 06:48 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files\DuckLink\DuckCapture\QxtCore.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qico4.dll

2014-08-21 06:48 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll

2015-02-03 20:10 - 2015-01-26 21:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Other Registry Areas =====================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-4195104481-2079486966-316092486-500 - Administrator - Disabled)

Guest (S-1-5-21-4195104481-2079486966-316092486-501 - Limited - Disabled)

Home (S-1-5-21-4195104481-2079486966-316092486-1000 - Administrator - Enabled) => C:\Users\Home

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: Lexmark X422

Description: Lexmark X422

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Lexmark

Service: usbscan

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )

Description: ConnectifySvc error: 6Failed to SetServiceStatus

 

Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861

 

 

System errors:

=============

Error: (02/05/2015 05:21:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (02/05/2015 05:15:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (02/05/2015 05:08:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (02/05/2015 04:10:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG WatchDog service failed to start due to the following error: 

%%2

 

Error: (02/05/2015 04:10:00 PM) (Source: volsnap) (EventID: 36) (User: )

Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

 

Error: (02/05/2015 08:14:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AVG WatchDog service failed to start due to the following error: 

%%2

 

Error: (02/05/2015 08:11:21 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (02/05/2015 07:29:27 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

Error: (02/05/2015 07:29:07 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

Error: (02/05/2015 07:28:47 AM) (Source: bScsiSDx) (EventID: 15) (User: )

Description: The device, \Device\Scsi\bScsiSDx1, is not ready for access yet.

 

 

Microsoft Office Sessions:

=========================

Error: (02/05/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 02:30:54 PM) (Source: ConnectifySvc) (EventID: 0) (User: )

Description: ConnectifySvc error: 6Failed to SetServiceStatus

 

Error: (02/05/2015 08:14:49 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2506889

 

Error: (02/05/2015 07:28:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2505875

 

Error: (02/05/2015 07:28:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/05/2015 07:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2504861

 

 

==================== Memory info =========================== 

 

Processor: Intel® Pentium® CPU B960 @ 2.20GHz

Percentage of memory in use: 70%

Total physical RAM: 3397.19 MB

Available physical RAM: 995.21 MB

Total Pagefile: 6792.66 MB

Available Pagefile: 3069.74 MB

Total Virtual: 2047.88 MB

Available Virtual: 1903.26 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:149.05 GB) (Free:18.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 4C90DB35)

Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:

    CloseProcesses:HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=FF NetworkProxy: "http", "1.179.143.178"FF NetworkProxy: "http_port", 3128FF Plugin: @microsoft.com/GENUINE -> disabled No FileCreateRestorePoint:EmptyTemp:
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

Step 2

Reset Chrome Browser

Chrome - Reset browser settings

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2015
Ran by Home at 2015-02-06 13:26:54 Run:1
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available profiles: Home)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=
SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=
SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4195104481-2079486966-316092486-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=866866320&ir=
FF NetworkProxy: "http", "1.179.143.178"
FF NetworkProxy: "http_port", 3128
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CreateRestorePoint:
EmptyTemp:
*****************
 
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully.
HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. 
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKU\S-1-5-21-4195104481-2079486966-316092486-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully.
HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found. 
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Restore point was successfully created.
EmptyTemp: => Removed 1.4 GB temporary data.
 
 
The system needed a reboot. 
 

 

==== End of Fixlog 13:29:54 ====
Link to post
Share on other sites

Fixlog.txt:


 


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015

Ran by Home (administrator) on HOME-PC on 06-02-2015 13:40:04

Running from C:\Users\Home\Desktop

Loaded Profiles: Home (Available profiles: Home)

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe

(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe

(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe

(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe

(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)

HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)

HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk

ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)

Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741

FF DefaultSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.js

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xml

FF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=SomotoCH&co=US&userid=e3b0ef4c-3de0-8572-4794-eba80106b4f5&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}

CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]

CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]

CHR Extension: (Sad Panda) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-02-28]

CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]

CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]

CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]

CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]

CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]

CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]

CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)

R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)

S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()

R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)

R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)

R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)

R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)

R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)

R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)

S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]

U3 anteyv94; C:\Windows\system32\Drivers\anteyv94.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)

U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Home\AppData\Local\Temp\catchme.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-05 17:24 - 2015-02-05 17:24 - 00012787 _____ () C:\ComboFix.txt

2015-02-05 17:05 - 2015-02-05 17:24 - 00000000 ____D () C:\Qoobox

2015-02-05 17:05 - 2015-02-05 17:22 - 00000000 ____D () C:\Windows\erdnt

2015-02-05 17:05 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe

2015-02-05 17:05 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe

2015-02-05 17:05 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2015-02-05 17:05 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2015-02-05 17:05 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2015-02-05 17:05 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe

2015-02-05 17:05 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe

2015-02-05 17:05 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe

2015-02-05 17:01 - 2015-02-05 17:02 - 05611380 ____R (Swearware) C:\Users\Home\Downloads\ComboFix.exe

2015-02-05 16:16 - 2015-02-05 18:04 - 00025611 _____ () C:\Users\Home\Desktop\Addition.txt

2015-02-05 16:14 - 2015-02-06 13:40 - 00015418 _____ () C:\Users\Home\Desktop\FRST.txt

2015-02-05 15:28 - 2015-02-06 13:40 - 00000000 ____D () C:\FRST

2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe

2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories

2015-01-08 10:05 - 2015-01-08 10:05 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-01-08 10:04 - 2015-01-08 10:04 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2015-01-08 10:04 - 2015-01-08 10:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-06 13:33 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox

2015-02-06 13:33 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox

2015-02-06 13:33 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype

2015-02-06 13:32 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-06 13:32 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-06 13:31 - 2010-11-20 15:48 - 00040478 _____ () C:\Windows\PFRO.log

2015-02-06 13:31 - 2009-07-13 22:39 - 00075290 _____ () C:\Windows\setupact.log

2015-02-06 13:30 - 2014-02-01 18:12 - 02054765 _____ () C:\Windows\WindowsUpdate.log

2015-02-06 13:25 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note

2015-02-06 12:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-06 01:49 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-02-05 17:28 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default

2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public

2015-02-05 17:21 - 2009-07-13 20:04 - 00000215 _____ () C:\Windows\system.ini

2015-02-05 14:38 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati

2015-02-05 14:36 - 2014-06-25 01:23 - 00000000 ____D () C:\Program Files\PacketiX VPN Client

2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS

2015-02-05 12:55 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-04 23:27 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.0

2015-02-04 23:24 - 2014-09-21 17:56 - 00000000 ____D () C:\Users\Home\Downloads\asn

2015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk

2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE

2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc

2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt

2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media

2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype

2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype

2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2015-01-08 10:05 - 2014-09-30 01:29 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2015-01-08 10:05 - 2014-09-30 01:29 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2015-01-08 10:04 - 2014-09-30 01:29 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

 

==================== Files in the root of some directories =======

 

2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg

2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys

2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml

2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG

2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel

 

Some content of TEMP:

====================

C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvzous.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-02-03 02:03

 

 


==================== End Of Log ============================
Link to post
Share on other sites

Let's do a final check up:

Step 1

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png

    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!

eset.gif

Link to post
Share on other sites

Oops, sorry deeprabka, missed up the first time by doing "Uninstall application on close" first before copying the log file!

Well anyways here it is!

 

ESET file:

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fe2f085591de4246af2b0228aaf03a77
# engine=22347
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-02-07 01:03:53
# local_time=2015-02-06 07:03:53 (-0600, Central Standard Time)
# country="Japan"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 31057 10287338 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 174815824 0 0
# scanned=157771
# found=0
# cleaned=0
# scan_time=8912

 

Link to post
Share on other sites

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).

    Copy and paste its contents in your next reply.

tdss.gif
Link to post
Share on other sites
03:00:34.0216 0x02b8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

03:00:38.0281 0x02b8  ============================================================

03:00:38.0281 0x02b8  Current date / time: 2015/02/07 03:00:38.0281

03:00:38.0281 0x02b8  SystemInfo:

03:00:38.0281 0x02b8  

03:00:38.0281 0x02b8  OS Version: 6.1.7601 ServicePack: 1.0

03:00:38.0281 0x02b8  Product type: Workstation

03:00:38.0281 0x02b8  ComputerName: HOME-PC

03:00:38.0281 0x02b8  UserName: Home

03:00:38.0281 0x02b8  Windows directory: C:\Windows

03:00:38.0281 0x02b8  System windows directory: C:\Windows

03:00:38.0281 0x02b8  Processor architecture: Intel x86

03:00:38.0281 0x02b8  Number of processors: 2

03:00:38.0281 0x02b8  Page size: 0x1000

03:00:38.0281 0x02b8  Boot type: Normal boot

03:00:38.0282 0x02b8  ============================================================

03:00:40.0951 0x02b8  KLMD registered as C:\Windows\system32\drivers\80541108.sys

03:00:41.0943 0x02b8  System UUID: {4CBBA671-734A-D9C9-1D54-BF79E8E922C9}

03:00:43.0659 0x02b8  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

03:00:43.0681 0x02b8  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

03:00:44.0022 0x02b8  ============================================================

03:00:44.0022 0x02b8  \Device\Harddisk0\DR0:

03:00:44.0052 0x02b8  MBR partitions:

03:00:44.0052 0x02b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800

03:00:44.0052 0x02b8  \Device\Harddisk1\DR1:

03:00:44.0062 0x02b8  MBR partitions:

03:00:44.0062 0x02b8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385030

03:00:44.0062 0x02b8  ============================================================

03:00:44.0105 0x02b8  C: <-> \Device\Harddisk0\DR0\Partition1

03:00:44.0145 0x02b8  E: <-> \Device\Harddisk1\DR1\Partition1

03:00:44.0145 0x02b8  ============================================================

03:00:44.0145 0x02b8  Initialize success

03:00:44.0145 0x02b8  ============================================================

03:02:10.0028 0x051c  ============================================================

03:02:10.0028 0x051c  Scan started

03:02:10.0028 0x051c  Mode: Manual; SigCheck; TDLFS; 

03:02:10.0028 0x051c  ============================================================

03:02:10.0028 0x051c  KSN ping started

03:02:12.0924 0x051c  KSN ping finished: true

03:02:14.0164 0x051c  ================ Scan system memory ========================

03:02:14.0164 0x051c  System memory - ok

03:02:14.0164 0x051c  ================ Scan services =============================

03:02:14.0751 0x051c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

03:02:15.0204 0x051c  1394ohci - ok

03:02:15.0244 0x051c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys

03:02:15.0383 0x051c  ACPI - ok

03:02:15.0446 0x051c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

03:02:15.0673 0x051c  AcpiPmi - ok

03:02:15.0855 0x051c  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

03:02:16.0023 0x051c  AdobeActiveFileMonitor9.0 - ok

03:02:16.0156 0x051c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

03:02:16.0451 0x051c  AdobeARMservice - ok

03:02:16.0517 0x051c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

03:02:16.0632 0x051c  adp94xx - ok

03:02:16.0712 0x051c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys

03:02:16.0772 0x051c  adpahci - ok

03:02:16.0813 0x051c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys

03:02:16.0843 0x051c  adpu320 - ok

03:02:16.0873 0x051c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

03:02:17.0249 0x051c  AeLookupSvc - ok

03:02:17.0310 0x051c  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys

03:02:17.0474 0x051c  AFD - ok

03:02:17.0520 0x051c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys

03:02:17.0648 0x051c  agp440 - ok

03:02:17.0701 0x051c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

03:02:17.0759 0x051c  aic78xx - ok

03:02:17.0822 0x051c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe

03:02:17.0967 0x051c  ALG - ok

03:02:18.0010 0x051c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys

03:02:18.0050 0x051c  aliide - ok

03:02:18.0090 0x051c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

03:02:18.0170 0x051c  amdagp - ok

03:02:18.0195 0x051c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys

03:02:18.0245 0x051c  amdide - ok

03:02:18.0285 0x051c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

03:02:18.0347 0x051c  AmdK8 - ok

03:02:18.0367 0x051c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

03:02:18.0508 0x051c  AmdPPM - ok

03:02:18.0563 0x051c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

03:02:18.0643 0x051c  amdsata - ok

03:02:18.0689 0x051c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

03:02:18.0798 0x051c  amdsbs - ok

03:02:18.0824 0x051c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

03:02:18.0854 0x051c  amdxata - ok

03:02:18.0899 0x051c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys

03:02:18.0979 0x051c  AppID - ok

03:02:19.0018 0x051c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll

03:02:19.0122 0x051c  AppIDSvc - ok

03:02:19.0142 0x051c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll

03:02:19.0262 0x051c  Appinfo - ok

03:02:19.0340 0x051c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys

03:02:19.0419 0x051c  arc - ok

03:02:19.0438 0x051c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys

03:02:19.0498 0x051c  arcsas - ok

03:02:19.0698 0x051c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

03:02:19.0778 0x051c  aspnet_state - ok

03:02:19.0813 0x051c  [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

03:02:19.0924 0x051c  aswHwid - ok

03:02:19.0944 0x051c  [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

03:02:20.0007 0x051c  aswMonFlt - ok

03:02:20.0037 0x051c  [ DE8D7912469E4BC5FAED78D9D1076888, 8545139B7A7D0B672A0225686BFB03EBEA6E7202D93B772CB2F74CA9E4D7F81D ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

03:02:20.0186 0x051c  aswRdr - ok

03:02:20.0218 0x051c  [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

03:02:20.0299 0x051c  aswRvrt - ok

03:02:20.0467 0x051c  [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

03:02:20.0580 0x051c  aswSnx - ok

03:02:20.0628 0x051c  [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP           C:\Windows\system32\drivers\aswSP.sys

03:02:20.0731 0x051c  aswSP - ok

03:02:20.0771 0x051c  [ 401E663D9CBAFB580FF37A1A44AC84D9, EFF1DA23A1F316B0FA03467F6C04B83EA39D8484A1A7EDF5FCFF20F1CF8DC2E2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys

03:02:20.0871 0x051c  aswStm - ok

03:02:20.0910 0x051c  [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

03:02:20.0997 0x051c  aswVmm - ok

03:02:21.0026 0x051c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

03:02:21.0165 0x051c  AsyncMac - ok

03:02:21.0198 0x051c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys

03:02:21.0235 0x051c  atapi - ok

03:02:21.0284 0x051c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

03:02:21.0394 0x051c  AudioEndpointBuilder - ok

03:02:21.0422 0x051c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll

03:02:21.0486 0x051c  Audiosrv - ok

03:02:21.0556 0x051c  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

03:02:21.0626 0x051c  avast! Antivirus - ok

03:02:21.0666 0x051c  avgwd - ok

03:02:21.0706 0x051c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll

03:02:21.0817 0x051c  AxInstSV - ok

03:02:21.0867 0x051c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys

03:02:21.0958 0x051c  b06bdrv - ok

03:02:22.0002 0x051c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys

03:02:22.0095 0x051c  b57nd60x - ok

03:02:22.0135 0x051c  [ 5CD0EB84E73132C10CDDC8BCF64E37C0, 2576E080AA0D4E2ADCC2F9BECDE3DCCDB452FEA60BC837F85169187353D03770 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys

03:02:22.0195 0x051c  b57xdbd - ok

03:02:22.0225 0x051c  [ 14A09B48562F63257265FB5E42B00AC7, 34E85B9E303D3AC7661150224D09F175EAA42BB7A2FD6D324501D2F0E7345985 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys

03:02:22.0245 0x051c  b57xdmp - ok

03:02:22.0611 0x051c  [ 8AA13A6CD43499A7ADE49B4B9089302F, FE1CE3A79271DE15F3BE88FDF93211FA49ABF726A818045969C77B738F027F85 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys

03:02:22.0958 0x051c  BCM43XX - ok

03:02:23.0008 0x051c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll

03:02:23.0108 0x051c  BDESVC - ok

03:02:23.0128 0x17b4  Object required for P2P: [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata

03:02:23.0148 0x051c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys

03:02:23.0225 0x051c  Beep - ok

03:02:23.0282 0x051c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll

03:02:23.0540 0x051c  BFE - ok

03:02:23.0601 0x051c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll

03:02:23.0728 0x051c  BITS - ok

03:02:23.0765 0x051c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

03:02:23.0828 0x051c  blbdrive - ok

03:02:23.0868 0x051c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

03:02:23.0942 0x051c  bowser - ok

03:02:23.0972 0x051c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

03:02:24.0092 0x051c  BrFiltLo - ok

03:02:24.0112 0x051c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

03:02:24.0162 0x051c  BrFiltUp - ok

03:02:24.0205 0x051c  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

03:02:24.0288 0x051c  BridgeMP - ok

03:02:24.0331 0x051c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll

03:02:24.0515 0x051c  Browser - ok

03:02:24.0584 0x051c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

03:02:24.0710 0x051c  Brserid - ok

03:02:24.0723 0x051c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

03:02:24.0795 0x051c  BrSerWdm - ok

03:02:24.0817 0x051c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

03:02:24.0867 0x051c  BrUsbMdm - ok

03:02:24.0891 0x051c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

03:02:24.0971 0x051c  BrUsbSer - ok

03:02:25.0009 0x051c  [ B1CFA780D968AC7ED07DCE1D3541BCD5, CE62D191FB4F8DC8342C5288BC16EA79044831B3FF45C3B32C7A54C5A3C90079 ] bScsiMSx        C:\Windows\system32\DRIVERS\bScsiMSx.sys

03:02:25.0039 0x051c  bScsiMSx - ok

03:02:25.0069 0x051c  [ AD89ED05A8EA1E7A0EB0BF162AA95ED0, 9232CB20850FF1608E00F32461D97F23C07597A043E9654D2682273B6F10CF9F ] bScsiSDx        C:\Windows\system32\DRIVERS\bScsiSDx.sys

03:02:25.0149 0x051c  bScsiSDx - ok

03:02:25.0179 0x051c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

03:02:25.0239 0x051c  BTHMODEM - ok

03:02:25.0281 0x051c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll

03:02:25.0370 0x051c  bthserv - ok

03:02:25.0499 0x051c  catchme - ok

03:02:25.0528 0x051c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

03:02:25.0622 0x051c  cdfs - ok

03:02:25.0672 0x051c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

03:02:25.0736 0x051c  cdrom - ok

03:02:25.0785 0x051c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll

03:02:25.0846 0x051c  CertPropSvc - ok

03:02:25.0883 0x051c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys

03:02:26.0017 0x051c  circlass - ok

03:02:26.0168 0x051c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys

03:02:26.0238 0x051c  CLFS - ok

03:02:26.0318 0x051c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

03:02:26.0368 0x051c  clr_optimization_v2.0.50727_32 - ok

03:02:26.0429 0x051c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

03:02:26.0557 0x051c  clr_optimization_v4.0.30319_32 - ok

03:02:26.0579 0x051c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

03:02:26.0631 0x051c  CmBatt - ok

03:02:26.0671 0x051c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

03:02:26.0701 0x17b4  Object send P2P result: true

03:02:26.0711 0x051c  cmdide - ok

03:02:26.0797 0x051c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys

03:02:26.0908 0x051c  CNG - ok

03:02:26.0946 0x051c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

03:02:26.0993 0x051c  Compbatt - ok

03:02:27.0030 0x051c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

03:02:27.0100 0x051c  CompositeBus - ok

03:02:27.0110 0x051c  COMSysApp - ok

03:02:27.0150 0x051c  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe

03:02:27.0214 0x051c  cphs - ok

03:02:27.0244 0x051c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

03:02:27.0294 0x051c  crcdisk - ok

03:02:27.0351 0x051c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

03:02:27.0497 0x051c  CryptSvc - ok

03:02:27.0567 0x051c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll

03:02:27.0654 0x051c  DcomLaunch - ok

03:02:27.0684 0x051c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll

03:02:27.0766 0x051c  defragsvc - ok

03:02:27.0800 0x051c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

03:02:27.0860 0x051c  DfsC - ok

03:02:27.0910 0x051c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll

03:02:28.0001 0x051c  Dhcp - ok

03:02:28.0031 0x051c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys

03:02:28.0107 0x051c  discache - ok

03:02:28.0135 0x051c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys

03:02:28.0165 0x051c  Disk - ok

03:02:28.0205 0x051c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll

03:02:28.0301 0x051c  Dnscache - ok

03:02:28.0351 0x051c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll

03:02:28.0423 0x051c  dot3svc - ok

03:02:28.0463 0x051c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll

03:02:28.0561 0x051c  DPS - ok

03:02:28.0615 0x051c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

03:02:28.0703 0x051c  drmkaud - ok

03:02:28.0771 0x051c  [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

03:02:28.0813 0x051c  dtsoftbus01 - ok

03:02:28.0873 0x051c  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

03:02:28.0951 0x051c  DXGKrnl - ok

03:02:29.0008 0x051c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll

03:02:29.0098 0x051c  EapHost - ok

03:02:29.0417 0x051c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys

03:02:29.0684 0x051c  ebdrv - ok

03:02:29.0708 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe

03:02:29.0784 0x051c  EFS - ok

03:02:29.0889 0x051c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

03:02:29.0992 0x051c  ehRecvr - ok

03:02:30.0030 0x051c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe

03:02:30.0097 0x051c  ehSched - ok

03:02:30.0141 0x051c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

03:02:30.0232 0x051c  elxstor - ok

03:02:30.0242 0x051c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

03:02:30.0298 0x051c  ErrDev - ok

03:02:30.0336 0x051c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll

03:02:30.0422 0x051c  EventSystem - ok

03:02:30.0452 0x051c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys

03:02:30.0496 0x051c  exfat - ok

03:02:30.0546 0x051c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

03:02:30.0637 0x051c  fastfat - ok

03:02:30.0689 0x051c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe

03:02:30.0825 0x051c  Fax - ok

03:02:30.0845 0x051c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys

03:02:30.0900 0x051c  fdc - ok

03:02:30.0960 0x051c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll

03:02:31.0048 0x051c  fdPHost - ok

03:02:31.0069 0x051c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll

03:02:31.0138 0x051c  FDResPub - ok

03:02:31.0168 0x051c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

03:02:31.0222 0x051c  FileInfo - ok

03:02:31.0234 0x051c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

03:02:31.0274 0x051c  Filetrace - ok

03:02:31.0295 0x051c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

03:02:31.0355 0x051c  flpydisk - ok

03:02:31.0400 0x051c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

03:02:31.0450 0x051c  FltMgr - ok

03:02:31.0534 0x051c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll

03:02:31.0675 0x051c  FontCache - ok

03:02:31.0786 0x051c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

03:02:31.0861 0x051c  FontCache3.0.0.0 - ok

03:02:31.0888 0x051c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

03:02:31.0926 0x051c  FsDepends - ok

03:02:31.0966 0x051c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

03:02:32.0003 0x051c  Fs_Rec - ok

03:02:32.0055 0x051c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

03:02:32.0107 0x051c  fvevol - ok

03:02:32.0147 0x051c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

03:02:32.0184 0x051c  gagp30kx - ok

03:02:32.0401 0x051c  [ 5AE64F0DDD7EBD1532FC70ECDB963023, 28D5F5B1B3AFC335EFC1ABD1B8EBA3C9629C6552F81670A4B5DBDFB18110C5D7 ] GoogleIMEJaCacheService C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe

03:02:32.0523 0x051c  GoogleIMEJaCacheService - ok

03:02:32.0600 0x051c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll

03:02:32.0758 0x051c  gpsvc - ok

03:02:32.0814 0x051c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

03:02:32.0854 0x051c  gupdate - ok

03:02:32.0864 0x051c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

03:02:32.0889 0x051c  gupdatem - ok

03:02:32.0935 0x051c  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

03:02:33.0000 0x051c  gusvc - ok

03:02:33.0040 0x051c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

03:02:33.0170 0x051c  hcw85cir - ok

03:02:33.0234 0x051c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

03:02:33.0304 0x051c  HdAudAddService - ok

03:02:33.0391 0x051c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

03:02:33.0496 0x051c  HDAudBus - ok

03:02:33.0516 0x051c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

03:02:33.0581 0x051c  HidBatt - ok

03:02:33.0596 0x051c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys

03:02:33.0666 0x051c  HidBth - ok

03:02:33.0707 0x051c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys

03:02:33.0757 0x051c  HidIr - ok

03:02:33.0788 0x051c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll

03:02:33.0895 0x051c  hidserv - ok

03:02:33.0924 0x051c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

03:02:33.0999 0x051c  HidUsb - ok

03:02:34.0020 0x051c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll

03:02:34.0085 0x051c  hkmsvc - ok

03:02:34.0116 0x051c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll

03:02:34.0196 0x051c  HomeGroupListener - ok

03:02:34.0246 0x051c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

03:02:34.0318 0x051c  HomeGroupProvider - ok

03:02:34.0362 0x051c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

03:02:34.0401 0x051c  HpSAMD - ok

03:02:34.0441 0x051c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

03:02:34.0518 0x051c  HTTP - ok

03:02:34.0538 0x051c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

03:02:34.0568 0x051c  hwpolicy - ok

03:02:34.0635 0x051c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

03:02:34.0702 0x051c  i8042prt - ok

03:02:34.0759 0x051c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

03:02:34.0834 0x051c  iaStorV - ok

03:02:34.0904 0x051c  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

03:02:35.0010 0x051c  idsvc - ok

03:02:35.0021 0x051c  IEEtwCollectorService - ok

03:02:35.0242 0x051c  [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys

03:02:35.0571 0x051c  igfx - ok

03:02:35.0607 0x051c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys

03:02:35.0657 0x051c  iirsp - ok

03:02:35.0731 0x051c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll

03:02:35.0884 0x051c  IKEEXT - ok

03:02:35.0903 0x051c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys

03:02:35.0933 0x051c  intelide - ok

03:02:35.0992 0x051c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

03:02:36.0055 0x051c  intelppm - ok

03:02:36.0085 0x051c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

03:02:36.0145 0x051c  IPBusEnum - ok

03:02:36.0188 0x051c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

03:02:36.0251 0x051c  IpFilterDriver - ok

03:02:36.0338 0x051c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

03:02:36.0429 0x051c  iphlpsvc - ok

03:02:36.0449 0x051c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

03:02:36.0506 0x051c  IPMIDRV - ok

03:02:36.0536 0x051c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

03:02:36.0596 0x051c  IPNAT - ok

03:02:36.0616 0x051c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys

03:02:36.0656 0x051c  IRENUM - ok

03:02:36.0698 0x051c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys

03:02:36.0734 0x051c  isapnp - ok

03:02:36.0797 0x051c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

03:02:36.0847 0x051c  iScsiPrt - ok

03:02:36.0882 0x051c  [ 8497AC41BA99ED488A312856B67832C4, E016F625B4F934B60F58DE4EACB274FABED174F0B2C4BC6887896E73374B7FD2 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys

03:02:36.0942 0x051c  k57nd60x - ok

03:02:36.0981 0x051c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

03:02:37.0013 0x051c  kbdclass - ok

03:02:37.0053 0x051c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

03:02:37.0101 0x051c  kbdhid - ok

03:02:37.0126 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe

03:02:37.0146 0x051c  KeyIso - ok

03:02:37.0196 0x051c  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

03:02:37.0246 0x051c  KSecDD - ok

03:02:37.0266 0x051c  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

03:02:37.0373 0x051c  KSecPkg - ok

03:02:37.0491 0x051c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll

03:02:37.0579 0x051c  KtmRm - ok

03:02:37.0610 0x051c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll

03:02:37.0689 0x051c  LanmanServer - ok

03:02:37.0721 0x051c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

03:02:37.0771 0x051c  LanmanWorkstation - ok

03:02:37.0817 0x051c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

03:02:37.0930 0x051c  lltdio - ok

03:02:37.0976 0x051c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

03:02:38.0067 0x051c  lltdsvc - ok

03:02:38.0111 0x051c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll

03:02:38.0188 0x051c  lmhosts - ok

03:02:38.0228 0x051c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

03:02:38.0258 0x051c  LSI_FC - ok

03:02:38.0290 0x051c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

03:02:38.0320 0x051c  LSI_SAS - ok

03:02:38.0340 0x051c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

03:02:38.0384 0x051c  LSI_SAS2 - ok

03:02:38.0406 0x051c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

03:02:38.0446 0x051c  LSI_SCSI - ok

03:02:38.0466 0x051c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys

03:02:38.0541 0x051c  luafv - ok

03:02:38.0611 0x051c  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

03:02:38.0793 0x051c  MBAMSwissArmy - ok

03:02:38.0823 0x051c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

03:02:38.0892 0x051c  Mcx2Svc - ok

03:02:38.0932 0x051c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys

03:02:38.0952 0x051c  megasas - ok

03:02:39.0005 0x051c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

03:02:39.0040 0x051c  MegaSR - ok

03:02:39.0090 0x051c  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys

03:02:39.0196 0x051c  MEI - ok

03:02:39.0290 0x051c  [ 600630D8A1703CFC9ED00E20C0CA6212, 4C6432DBB3B2AF687CE33C249E682EB841E3D27EADAE32748EDB3D0F1892663E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys

03:02:39.0361 0x051c  mfehidk - ok

03:02:39.0405 0x051c  [ 469F5BC46C4850FC653365005C58E076, DB9A1F2B5218217B211FC0BFE8E6C5288ECE9BE85BCA66D3EF0C863BB582AD66 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys

03:02:39.0465 0x051c  mferkdet - ok

03:02:39.0496 0x051c  [ 33FFACE454410F61B106F7BCE241B08C, B19E113869785FD5A743AF957EBE0C434047935F97DA444FD861F25A241D3D12 ] mfevtp          C:\Windows\system32\mfevtps.exe

03:02:39.0560 0x051c  mfevtp - ok

03:02:39.0596 0x051c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll

03:02:39.0666 0x051c  MMCSS - ok

03:02:39.0690 0x051c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys

03:02:39.0750 0x051c  Modem - ok

03:02:39.0770 0x051c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

03:02:39.0828 0x051c  monitor - ok

03:02:39.0868 0x051c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

03:02:39.0908 0x051c  mouclass - ok

03:02:39.0958 0x051c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

03:02:40.0009 0x051c  mouhid - ok

03:02:40.0049 0x051c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

03:02:40.0093 0x051c  mountmgr - ok

03:02:40.0166 0x051c  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

03:02:40.0256 0x051c  MozillaMaintenance - ok

03:02:40.0292 0x051c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys

03:02:40.0345 0x051c  mpio - ok

03:02:40.0396 0x051c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

03:02:40.0446 0x051c  mpsdrv - ok

03:02:40.0525 0x051c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll

03:02:40.0636 0x051c  MpsSvc - ok

03:02:40.0683 0x051c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

03:02:40.0785 0x051c  MRxDAV - ok

03:02:40.0820 0x051c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

03:02:40.0860 0x051c  mrxsmb - ok

03:02:40.0884 0x051c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

03:02:40.0927 0x051c  mrxsmb10 - ok

03:02:40.0957 0x051c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

03:02:41.0006 0x051c  mrxsmb20 - ok

03:02:41.0036 0x051c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys

03:02:41.0066 0x051c  msahci - ok

03:02:41.0095 0x051c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

03:02:41.0136 0x051c  msdsm - ok

03:02:41.0166 0x051c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe

03:02:41.0240 0x051c  MSDTC - ok

03:02:41.0260 0x051c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys

03:02:41.0327 0x051c  Msfs - ok

03:02:41.0357 0x051c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

03:02:41.0401 0x051c  mshidkmdf - ok

03:02:41.0421 0x051c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

03:02:41.0461 0x051c  msisadrv - ok

03:02:41.0491 0x051c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

03:02:41.0571 0x051c  MSiSCSI - ok

03:02:41.0571 0x051c  msiserver - ok

03:02:41.0608 0x051c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

03:02:41.0648 0x051c  MSKSSRV - ok

03:02:41.0692 0x051c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

03:02:41.0793 0x051c  MSPCLOCK - ok

03:02:41.0813 0x051c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

03:02:41.0873 0x051c  MSPQM - ok

03:02:41.0901 0x051c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

03:02:41.0936 0x051c  MsRPC - ok

03:02:41.0966 0x051c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

03:02:42.0004 0x051c  mssmbios - ok

03:02:42.0024 0x051c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

03:02:42.0084 0x051c  MSTEE - ok

03:02:42.0104 0x051c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

03:02:42.0154 0x051c  MTConfig - ok

03:02:42.0174 0x051c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys

03:02:42.0212 0x051c  Mup - ok

03:02:42.0242 0x051c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll

03:02:42.0336 0x051c  napagent - ok

03:02:42.0400 0x051c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

03:02:42.0435 0x051c  NativeWifiP - ok

03:02:42.0479 0x051c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys

03:02:42.0540 0x051c  NDIS - ok

03:02:42.0601 0x051c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

03:02:42.0707 0x051c  NdisCap - ok

03:02:42.0720 0x051c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

03:02:42.0772 0x051c  NdisTapi - ok

03:02:42.0815 0x051c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

03:02:42.0875 0x051c  Ndisuio - ok

03:02:42.0895 0x051c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

03:02:42.0959 0x051c  NdisWan - ok

03:02:42.0984 0x051c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

03:02:43.0040 0x051c  NDProxy - ok

03:02:43.0084 0x051c  [ 1FAA852C845912797275319CBCAA27D2, DE5B45D1FE8422E21A900BAA4D41B5EC58591AEF0755DDDF5707C6B0E05DE390 ] Neo_VPN         C:\Windows\system32\DRIVERS\Neo_0103.sys

03:02:43.0117 0x051c  Neo_VPN - ok

03:02:43.0152 0x051c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

03:02:43.0202 0x051c  NetBIOS - ok

03:02:43.0222 0x051c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

03:02:43.0301 0x051c  NetBT - ok

03:02:43.0322 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe

03:02:43.0342 0x051c  Netlogon - ok

03:02:43.0389 0x051c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll

03:02:43.0452 0x051c  Netman - ok

03:02:43.0507 0x051c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:02:43.0559 0x051c  NetMsmqActivator - ok

03:02:43.0569 0x051c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:02:43.0597 0x051c  NetPipeActivator - ok

03:02:43.0637 0x051c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll

03:02:43.0714 0x051c  netprofm - ok

03:02:43.0734 0x051c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:02:43.0764 0x051c  NetTcpActivator - ok

03:02:43.0774 0x051c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:02:43.0808 0x051c  NetTcpPortSharing - ok

03:02:43.0851 0x051c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

03:02:43.0894 0x051c  nfrd960 - ok

03:02:43.0921 0x051c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll

03:02:43.0998 0x051c  NlaSvc - ok

03:02:44.0025 0x051c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

03:02:44.0076 0x051c  Npfs - ok

03:02:44.0100 0x051c  npggsvc - ok

03:02:44.0130 0x051c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll

03:02:44.0185 0x051c  nsi - ok

03:02:44.0194 0x051c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

03:02:44.0266 0x051c  nsiproxy - ok

03:02:44.0409 0x051c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

03:02:44.0541 0x051c  Ntfs - ok

03:02:44.0593 0x051c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys

03:02:44.0649 0x051c  Null - ok

03:02:44.0687 0x051c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys

03:02:44.0712 0x051c  nvraid - ok

03:02:44.0752 0x051c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

03:02:44.0782 0x051c  nvstor - ok

03:02:44.0826 0x051c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

03:02:44.0856 0x051c  nv_agp - ok

03:02:44.0914 0x051c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

03:02:44.0993 0x051c  ohci1394 - ok

03:02:45.0057 0x051c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

03:02:45.0107 0x051c  ose - ok

03:02:45.0410 0x051c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

03:02:45.0728 0x051c  osppsvc - ok

03:02:45.0758 0x051c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

03:02:45.0898 0x051c  p2pimsvc - ok

03:02:45.0949 0x051c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll

03:02:46.0014 0x051c  p2psvc - ok

03:02:46.0036 0x051c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys

03:02:46.0083 0x051c  Parport - ok

03:02:46.0103 0x051c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys

03:02:46.0143 0x051c  partmgr - ok

03:02:46.0163 0x051c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

03:02:46.0213 0x051c  Parvdm - ok

03:02:46.0243 0x051c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll

03:02:46.0348 0x051c  PcaSvc - ok

03:02:46.0381 0x051c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys

03:02:46.0431 0x051c  pci - ok

03:02:46.0461 0x051c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys

03:02:46.0495 0x051c  pciide - ok

03:02:46.0539 0x051c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

03:02:46.0596 0x051c  pcmcia - ok

03:02:46.0616 0x051c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys

03:02:46.0656 0x051c  pcw - ok

03:02:46.0713 0x051c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

03:02:46.0834 0x051c  PEAUTH - ok

03:02:47.0065 0x051c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll

03:02:47.0256 0x051c  pla - ok

03:02:47.0310 0x051c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

03:02:47.0457 0x051c  PlugPlay - ok

03:02:47.0518 0x051c  [ 3A2E85F7D90D15460C337CE80C2E3B29, EECAA20359FD2D75D6A564A3BAADACAA2CB69D061E455AA3F75055A3EAB54168 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe

03:02:47.0568 0x051c  PnkBstrA - ok

03:02:47.0608 0x051c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

03:02:47.0680 0x051c  PNRPAutoReg - ok

03:02:47.0709 0x051c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

03:02:47.0752 0x051c  PNRPsvc - ok

03:02:47.0802 0x051c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

03:02:47.0862 0x051c  PolicyAgent - ok

03:02:47.0906 0x051c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll

03:02:47.0956 0x051c  Power - ok

03:02:48.0006 0x051c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

03:02:48.0070 0x051c  PptpMiniport - ok

03:02:48.0090 0x051c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys

03:02:48.0140 0x051c  Processor - ok

03:02:48.0206 0x051c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll

03:02:48.0295 0x051c  ProfSvc - ok

03:02:48.0315 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe

03:02:48.0335 0x051c  ProtectedStorage - ok

03:02:48.0365 0x051c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

03:02:48.0436 0x051c  Psched - ok

03:02:48.0483 0x051c  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys

03:02:48.0513 0x051c  PxHelp20 - ok

03:02:48.0608 0x051c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys

03:02:48.0720 0x051c  ql2300 - ok

03:02:48.0781 0x051c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

03:02:48.0809 0x051c  ql40xx - ok

03:02:48.0923 0x051c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll

03:02:49.0016 0x051c  QWAVE - ok

03:02:49.0036 0x051c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

03:02:49.0093 0x051c  QWAVEdrv - ok

03:02:49.0123 0x051c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

03:02:49.0183 0x051c  RasAcd - ok

03:02:49.0213 0x051c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

03:02:49.0273 0x051c  RasAgileVpn - ok

03:02:49.0310 0x051c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll

03:02:49.0373 0x051c  RasAuto - ok

03:02:49.0401 0x051c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

03:02:49.0458 0x051c  Rasl2tp - ok

03:02:49.0496 0x051c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll

03:02:49.0562 0x051c  RasMan - ok

03:02:49.0599 0x051c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

03:02:49.0652 0x051c  RasPppoe - ok

03:02:49.0693 0x051c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

03:02:49.0763 0x051c  RasSstp - ok

03:02:49.0796 0x051c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

03:02:49.0844 0x051c  rdbss - ok

03:02:49.0890 0x051c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

03:02:49.0916 0x051c  rdpbus - ok

03:02:49.0931 0x051c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

03:02:50.0032 0x051c  RDPCDD - ok

03:02:50.0072 0x051c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

03:02:50.0139 0x051c  RDPENCDD - ok

03:02:50.0159 0x051c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

03:02:50.0216 0x051c  RDPREFMP - ok

03:02:50.0256 0x051c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

03:02:50.0417 0x051c  RdpVideoMiniport - ok

03:02:50.0457 0x051c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

03:02:50.0551 0x051c  RDPWD - ok

03:02:50.0608 0x051c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

03:02:50.0658 0x051c  rdyboost - ok

03:02:50.0692 0x051c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll

03:02:50.0733 0x051c  RemoteAccess - ok

03:02:50.0753 0x051c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll

03:02:50.0826 0x051c  RemoteRegistry - ok

03:02:50.0866 0x051c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

03:02:50.0933 0x051c  RpcEptMapper - ok

03:02:51.0003 0x051c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe

03:02:51.0073 0x051c  RpcLocator - ok

03:02:51.0103 0x051c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll

03:02:51.0193 0x051c  RpcSs - ok

03:02:51.0235 0x051c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

03:02:51.0317 0x051c  rspndr - ok

03:02:51.0329 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe

03:02:51.0359 0x051c  SamSs - ok

03:02:51.0400 0x051c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

03:02:51.0414 0x051c  sbp2port - ok

03:02:51.0454 0x051c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

03:02:51.0533 0x051c  SCardSvr - ok

03:02:51.0543 0x051c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

03:02:51.0602 0x051c  scfilter - ok

03:02:51.0665 0x051c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll

03:02:51.0751 0x051c  Schedule - ok

03:02:51.0771 0x051c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll

03:02:51.0811 0x051c  SCPolicySvc - ok

03:02:51.0851 0x051c  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys

03:02:51.0900 0x051c  sdbus - ok

03:02:51.0926 0x051c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

03:02:52.0013 0x051c  SDRSVC - ok

03:02:52.0033 0x051c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

03:02:52.0093 0x051c  secdrv - ok

03:02:52.0107 0x051c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll

03:02:52.0177 0x051c  seclogon - ok

03:02:52.0197 0x051c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll

03:02:52.0277 0x051c  SENS - ok

03:02:52.0311 0x051c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

03:02:52.0371 0x051c  SensrSvc - ok

03:02:52.0411 0x051c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys

03:02:52.0451 0x051c  Serenum - ok

03:02:52.0481 0x051c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys

03:02:52.0502 0x051c  Serial - ok

03:02:52.0552 0x051c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys

03:02:52.0606 0x051c  sermouse - ok

03:02:52.0638 0x051c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll

03:02:52.0709 0x051c  SessionEnv - ok

03:02:52.0729 0x051c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

03:02:52.0769 0x051c  sffdisk - ok

03:02:52.0806 0x051c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

03:02:52.0856 0x051c  sffp_mmc - ok

03:02:52.0866 0x051c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

03:02:53.0005 0x051c  sffp_sd - ok

03:02:53.0045 0x051c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

03:02:53.0116 0x051c  sfloppy - ok

03:02:53.0166 0x051c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll

03:02:53.0266 0x051c  SharedAccess - ok

03:02:53.0348 0x051c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

03:02:53.0455 0x051c  ShellHWDetection - ok

03:02:53.0492 0x051c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys

03:02:53.0522 0x051c  sisagp - ok

03:02:53.0562 0x051c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

03:02:53.0591 0x051c  SiSRaid2 - ok

03:02:53.0611 0x051c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

03:02:53.0651 0x051c  SiSRaid4 - ok

03:02:53.0759 0x051c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe

03:02:53.0930 0x051c  SkypeUpdate - ok

03:02:53.0970 0x051c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

03:02:54.0034 0x051c  Smb - ok

03:02:54.0074 0x051c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

03:02:54.0114 0x051c  SNMPTRAP - ok

Link to post
Share on other sites
03:02:54.0134 0x051c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys

03:02:54.0174 0x051c  spldr - ok

03:02:54.0210 0x051c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe

03:02:54.0262 0x051c  Spooler - ok

03:02:54.0423 0x051c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe

03:02:54.0657 0x051c  sppsvc - ok

03:02:54.0694 0x051c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll

03:02:54.0792 0x051c  sppuinotify - ok

03:02:54.0884 0x051c  [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd            C:\Windows\System32\Drivers\sptd.sys

03:02:54.0956 0x051c  sptd - ok

03:02:54.0994 0x051c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys

03:02:55.0079 0x051c  srv - ok

03:02:55.0100 0x051c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

03:02:55.0160 0x051c  srv2 - ok

03:02:55.0190 0x051c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

03:02:55.0220 0x051c  srvnet - ok

03:02:55.0250 0x051c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

03:02:55.0301 0x051c  SSDPSRV - ok

03:02:55.0331 0x051c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

03:02:55.0386 0x051c  SstpSvc - ok

03:02:55.0432 0x051c  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe

03:02:55.0495 0x051c  Steam Client Service - ok

03:02:55.0521 0x051c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys

03:02:55.0551 0x051c  stexstor - ok

03:02:55.0603 0x051c  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

03:02:55.0694 0x051c  StillCam - ok

03:02:55.0750 0x051c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll

03:02:55.0820 0x051c  StiSvc - ok

03:02:55.0840 0x051c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

03:02:55.0870 0x051c  swenum - ok

03:02:55.0907 0x051c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll

03:02:55.0977 0x051c  swprv - ok

03:02:56.0035 0x051c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll

03:02:56.0149 0x051c  SysMain - ok

03:02:56.0179 0x051c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll

03:02:56.0232 0x051c  TabletInputService - ok

03:02:56.0252 0x051c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll

03:02:56.0320 0x051c  TapiSrv - ok

03:02:56.0341 0x051c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll

03:02:56.0393 0x051c  TBS - ok

03:02:56.0484 0x051c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

03:02:56.0585 0x051c  Tcpip - ok

03:02:56.0648 0x051c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

03:02:56.0719 0x051c  TCPIP6 - ok

03:02:56.0749 0x051c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

03:02:56.0791 0x051c  tcpipreg - ok

03:02:56.0813 0x051c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

03:02:56.0895 0x051c  TDPIPE - ok

03:02:56.0930 0x051c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

03:02:56.0981 0x051c  TDTCP - ok

03:02:57.0010 0x051c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

03:02:57.0090 0x051c  tdx - ok

03:02:57.0140 0x051c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

03:02:57.0160 0x051c  TermDD - ok

03:02:57.0215 0x051c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll

03:02:57.0301 0x051c  TermService - ok

03:02:57.0321 0x051c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll

03:02:57.0392 0x051c  Themes - ok

03:02:57.0411 0x051c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll

03:02:57.0443 0x051c  THREADORDER - ok

03:02:57.0489 0x051c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll

03:02:57.0547 0x051c  TrkWks - ok

03:02:57.0597 0x051c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

03:02:57.0664 0x051c  TrustedInstaller - ok

03:02:57.0692 0x051c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

03:02:57.0750 0x051c  tssecsrv - ok

03:02:57.0795 0x051c  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

03:02:57.0838 0x051c  TsUsbFlt - ok

03:02:57.0868 0x051c  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

03:02:57.0923 0x051c  TsUsbGD - ok

03:02:57.0989 0x051c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

03:02:58.0050 0x051c  tunnel - ok

03:02:58.0060 0x051c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

03:02:58.0106 0x051c  uagp35 - ok

03:02:58.0137 0x051c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

03:02:58.0217 0x051c  udfs - ok

03:02:58.0247 0x051c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe

03:02:58.0294 0x051c  UI0Detect - ok

03:02:58.0334 0x051c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

03:02:58.0364 0x051c  uliagpkx - ok

03:02:58.0419 0x051c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

03:02:58.0464 0x051c  umbus - ok

03:02:58.0502 0x051c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys

03:02:58.0533 0x051c  UmPass - ok

03:02:58.0563 0x051c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll

03:02:58.0646 0x051c  upnphost - ok

03:02:58.0687 0x051c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

03:02:58.0717 0x051c  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )

03:03:01.0713 0x051c  Detect skipped due to KSN trusted

03:03:01.0713 0x051c  USBAAPL - ok

03:03:01.0796 0x051c  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

03:03:01.0850 0x051c  usbaudio - ok

03:03:01.0887 0x051c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

03:03:01.0947 0x051c  usbccgp - ok

03:03:01.0967 0x051c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys

03:03:02.0018 0x051c  usbcir - ok

03:03:02.0028 0x051c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys

03:03:02.0058 0x051c  usbehci - ok

03:03:02.0116 0x051c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

03:03:02.0181 0x051c  usbhub - ok

03:03:02.0209 0x051c  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

03:03:02.0249 0x051c  usbohci - ok

03:03:02.0269 0x051c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys

03:03:02.0293 0x051c  usbprint - ok

03:03:02.0343 0x051c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

03:03:02.0385 0x051c  usbscan - ok

03:03:02.0417 0x051c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

03:03:02.0484 0x051c  USBSTOR - ok

03:03:02.0521 0x051c  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

03:03:02.0571 0x051c  usbuhci - ok

03:03:02.0625 0x051c  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

03:03:02.0675 0x051c  usbvideo - ok

03:03:02.0713 0x051c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll

03:03:02.0773 0x051c  UxSms - ok

03:03:02.0794 0x051c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe

03:03:02.0810 0x051c  VaultSvc - ok

03:03:02.0830 0x051c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

03:03:02.0880 0x051c  vdrvroot - ok

03:03:02.0914 0x051c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe

03:03:03.0002 0x051c  vds - ok

03:03:03.0041 0x051c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

03:03:03.0081 0x051c  vga - ok

03:03:03.0091 0x051c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys

03:03:03.0141 0x051c  VgaSave - ok

03:03:03.0161 0x051c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

03:03:03.0193 0x051c  vhdmp - ok

03:03:03.0242 0x051c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys

03:03:03.0287 0x051c  viaagp - ok

03:03:03.0316 0x051c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys

03:03:03.0366 0x051c  ViaC7 - ok

03:03:03.0396 0x051c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys

03:03:03.0436 0x051c  viaide - ok

03:03:03.0456 0x051c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

03:03:03.0483 0x051c  volmgr - ok

03:03:03.0495 0x051c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

03:03:03.0535 0x051c  volmgrx - ok

03:03:03.0566 0x051c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

03:03:03.0607 0x051c  volsnap - ok

03:03:03.0657 0x051c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

03:03:03.0698 0x051c  vsmraid - ok

03:03:03.0748 0x051c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe

03:03:03.0892 0x051c  VSS - ok

03:03:03.0912 0x051c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

03:03:03.0952 0x051c  vwifibus - ok

03:03:03.0972 0x051c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

03:03:04.0010 0x051c  vwififlt - ok

03:03:04.0046 0x051c  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

03:03:04.0093 0x051c  vwifimp - ok

03:03:04.0113 0x051c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll

03:03:04.0183 0x051c  W32Time - ok

03:03:04.0193 0x051c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

03:03:04.0243 0x051c  WacomPen - ok

03:03:04.0263 0x051c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

03:03:04.0328 0x051c  WANARP - ok

03:03:04.0328 0x051c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

03:03:04.0368 0x051c  Wanarpv6 - ok

03:03:04.0473 0x051c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

03:03:04.0556 0x0d80  Object required for P2P: [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc

03:03:04.0694 0x051c  WatAdminSvc - ok

03:03:04.0910 0x051c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe

03:03:05.0045 0x051c  wbengine - ok

03:03:05.0075 0x051c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

03:03:05.0129 0x051c  WbioSrvc - ok

03:03:05.0149 0x051c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll

03:03:05.0200 0x051c  wcncsvc - ok

03:03:05.0220 0x051c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

03:03:05.0300 0x051c  WcsPlugInService - ok

03:03:05.0350 0x051c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys

03:03:05.0393 0x051c  Wd - ok

03:03:05.0437 0x051c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

03:03:05.0506 0x051c  Wdf01000 - ok

03:03:05.0518 0x051c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll

03:03:05.0592 0x051c  WdiServiceHost - ok

03:03:05.0592 0x051c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll

03:03:05.0632 0x051c  WdiSystemHost - ok

03:03:05.0662 0x051c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll

03:03:05.0732 0x051c  WebClient - ok

03:03:05.0762 0x051c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll

03:03:05.0817 0x051c  Wecsvc - ok

03:03:05.0819 0x051c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

03:03:05.0885 0x051c  wercplsupport - ok

03:03:05.0913 0x051c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll

03:03:05.0963 0x051c  WerSvc - ok

03:03:05.0985 0x051c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

03:03:06.0021 0x051c  WfpLwf - ok

03:03:06.0051 0x051c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

03:03:06.0101 0x051c  WIMMount - ok

03:03:06.0192 0x051c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

03:03:06.0284 0x051c  WinDefend - ok

03:03:06.0292 0x051c  WinHttpAutoProxySvc - ok

03:03:06.0352 0x051c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

03:03:06.0430 0x051c  Winmgmt - ok

03:03:06.0504 0x051c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll

03:03:06.0634 0x051c  WinRM - ok

03:03:06.0698 0x051c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

03:03:06.0738 0x051c  WinUsb - ok

03:03:06.0801 0x051c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll

03:03:06.0899 0x051c  Wlansvc - ok

03:03:07.0014 0x051c  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

03:03:07.0127 0x051c  wlidsvc - ok

03:03:07.0157 0x051c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

03:03:07.0197 0x051c  WmiAcpi - ok

03:03:07.0227 0x051c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

03:03:07.0267 0x051c  wmiApSrv - ok

03:03:07.0559 0x051c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

03:03:07.0596 0x0d80  Object send P2P result: true

03:03:07.0596 0x0d80  Object required for P2P: [ 79D10964DE86B292320E9DFE02282A23 ] monitor

03:03:07.0700 0x051c  WMPNetworkSvc - ok

03:03:07.0720 0x051c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

03:03:07.0804 0x051c  WPCSvc - ok

03:03:07.0835 0x051c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

03:03:07.0905 0x051c  WPDBusEnum - ok

03:03:07.0945 0x051c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

03:03:08.0017 0x051c  ws2ifsl - ok

03:03:08.0044 0x051c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll

03:03:08.0089 0x051c  wscsvc - ok

03:03:08.0099 0x051c  WSearch - ok

03:03:08.0200 0x051c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll

03:03:08.0343 0x051c  wuauserv - ok

03:03:08.0373 0x051c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

03:03:08.0408 0x051c  WudfPf - ok

03:03:08.0438 0x051c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

03:03:08.0484 0x051c  WUDFRd - ok

03:03:08.0521 0x051c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

03:03:08.0583 0x051c  wudfsvc - ok

03:03:08.0619 0x051c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll

03:03:08.0709 0x051c  WwanSvc - ok

03:03:08.0739 0x051c  ================ Scan global ===============================

03:03:08.0783 0x051c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll

03:03:08.0833 0x051c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

03:03:08.0863 0x051c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

03:03:08.0902 0x051c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll

03:03:08.0937 0x051c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe

03:03:08.0947 0x051c  [ Global ] - ok

03:03:08.0947 0x051c  ================ Scan MBR ==================================

03:03:08.0957 0x051c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

03:03:09.0336 0x051c  \Device\Harddisk0\DR0 - ok

03:03:09.0346 0x051c  ================ Scan VBR ==================================

03:03:09.0356 0x051c  [ B92CFCBFF0990C56135FA8180212A509 ] \Device\Harddisk0\DR0\Partition1

03:03:09.0356 0x051c  \Device\Harddisk0\DR0\Partition1 - ok

03:03:09.0366 0x051c  ================ Scan generic autorun ======================

03:03:09.0406 0x051c  [ 4C2ECFF76CE32EC594545152D1DCEB35, 93C089183A47FEACA09D40A3A0142C3BDDBD3712A3C99C6D3E97EECAE38B1A62 ] C:\Windows\system32\igfxtray.exe

03:03:09.0483 0x051c  IgfxTray - ok

03:03:09.0513 0x051c  [ 1B422F7D2238612919EE9771D26B0208, A656217E36733D704C4AB8755B885085ADB01819C369B0BDF45441286215EF53 ] C:\Windows\system32\hkcmd.exe

03:03:09.0563 0x051c  HotKeysCmds - ok

03:03:09.0597 0x051c  [ 22884291BD017D70E047D50DAD3C4602, 2D3F34E07C7962606944B38F6D06810E066117FB14A2939DFA80A43966ADE0BB ] C:\Windows\system32\igfxpers.exe

03:03:09.0647 0x051c  Persistence - ok

03:03:09.0692 0x051c  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

03:03:09.0732 0x051c  NUSB3MON - ok

03:03:09.0855 0x051c  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

03:03:09.0981 0x051c  AdobeAAMUpdater-1.0 - ok

03:03:10.0117 0x051c  [ 6B90AE01904E5071226E2D2C4397FE52, F58DEC674B2D30AD67347708E4739E9ED2D4774B48CFD30E6009F7412EC597BC ] C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe

03:03:10.0207 0x051c  Google Japanese Input Prelauncher - ok

03:03:10.0287 0x051c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe

03:03:10.0331 0x051c  BCSSync - ok

03:03:10.0371 0x051c  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

03:03:10.0422 0x051c  SunJavaUpdateSched - ok

03:03:10.0422 0x051c  XeroxEndeavorBackgroundTask - ok

03:03:10.0657 0x0d80  Object send P2P result: true

03:03:10.0657 0x0d80  Object required for P2P: [ 55055F8AD8BE27A64C831322A780A228 ] msdsm

03:03:10.0693 0x051c  [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

03:03:11.0014 0x051c  AvastUI.exe - ok

03:03:11.0251 0x051c  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe

03:03:11.0500 0x051c  DAEMON Tools Lite - ok

03:03:11.0950 0x051c  [ 9544B88064F31774D7D317498A9ABBFA, B4815E6AD0998CD4B183A597B191AD36ACC045A943EE7EB8E9C208B50874ADB1 ] C:\Program Files\Naver\LINE\Line.exe

03:03:12.0433 0x051c  Line - ok

03:03:12.0537 0x051c  [ E429410581E60535B555DDA729424885, 6324FABE1977E54C9742A466DD39E539BCE2DCD0ECD29700B859B80D3033A20D ] C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe

03:03:12.0604 0x051c  DuckCapture - detected UnsignedFile.Multi.Generic ( 1 )

03:03:15.0407 0x051c  Detect skipped due to KSN trusted

03:03:15.0407 0x051c  DuckCapture - ok

03:03:15.0447 0x051c  Skype - ok

03:03:15.0457 0x051c  Waiting for KSN requests completion. In queue: 235

03:03:16.0463 0x051c  Waiting for KSN requests completion. In queue: 235

03:03:17.0468 0x051c  Waiting for KSN requests completion. In queue: 235

03:03:18.0397 0x1650  Object required for P2P: [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub

03:03:18.0477 0x051c  Waiting for KSN requests completion. In queue: 231

03:03:19.0483 0x051c  Waiting for KSN requests completion. In queue: 231

03:03:20.0483 0x051c  Waiting for KSN requests completion. In queue: 231

03:03:21.0484 0x051c  Waiting for KSN requests completion. In queue: 231

03:03:21.0484 0x1650  Object send P2P result: true

03:03:21.0484 0x1650  Object required for P2P: [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid

03:03:22.0484 0x051c  Waiting for KSN requests completion. In queue: 212

03:03:23.0485 0x051c  Waiting for KSN requests completion. In queue: 212

03:03:24.0485 0x051c  Waiting for KSN requests completion. In queue: 212

03:03:24.0532 0x1650  Object send P2P result: true

03:03:24.0542 0x1650  Object required for P2P: [ AC804569BB2364FB6017370258A4091B ] wercplsupport

03:03:25.0485 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:26.0485 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:27.0486 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:28.0486 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:29.0486 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:30.0486 0x051c  Waiting for KSN requests completion. In queue: 192

03:03:30.0691 0x0d80  Object send P2P result: false

03:03:30.0699 0x0d80  Object required for P2P: [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD

03:03:31.0486 0x051c  Waiting for KSN requests completion. In queue: 108

03:03:32.0486 0x051c  Waiting for KSN requests completion. In queue: 108

03:03:33.0486 0x051c  Waiting for KSN requests completion. In queue: 108

03:03:33.0791 0x0d80  Object send P2P result: true

03:03:33.0798 0x0d80  Object required for P2P: [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs

03:03:34.0486 0x051c  Waiting for KSN requests completion. In queue: 39

03:03:35.0486 0x051c  Waiting for KSN requests completion. In queue: 39

03:03:36.0486 0x051c  Waiting for KSN requests completion. In queue: 39

03:03:36.0898 0x0d80  Object send P2P result: true

03:03:37.0486 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:38.0486 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:39.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:40.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:41.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:42.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:43.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:44.0488 0x051c  Waiting for KSN requests completion. In queue: 33

03:03:44.0563 0x1650  Object send P2P result: false

03:03:45.0525 0x051c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )

03:03:45.0565 0x051c  Win FW state via NFP2: enabled

03:03:48.0438 0x051c  ============================================================

03:03:48.0438 0x051c  Scan finished

03:03:48.0438 0x051c  ============================================================

03:03:48.0448 0x0c30  Detected object count: 0

03:03:48.0448 0x0c30  Actual detected object count: 0

03:03:58.0013 0x0ebc  ============================================================

03:03:58.0013 0x0ebc  Scan started

03:03:58.0013 0x0ebc  Mode: Manual; SigCheck; TDLFS; 

03:03:58.0013 0x0ebc  ============================================================

03:03:58.0013 0x0ebc  KSN ping started

03:04:00.0816 0x0ebc  KSN ping finished: true

03:04:01.0381 0x0ebc  ================ Scan system memory ========================

03:04:01.0381 0x0ebc  System memory - ok

03:04:01.0382 0x0ebc  ================ Scan services =============================

03:04:01.0566 0x0ebc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

03:04:01.0611 0x0ebc  1394ohci - ok

03:04:01.0645 0x0ebc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys

03:04:01.0678 0x0ebc  ACPI - ok

03:04:01.0697 0x0ebc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

03:04:01.0735 0x0ebc  AcpiPmi - ok

03:04:01.0862 0x0ebc  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

03:04:01.0894 0x0ebc  AdobeActiveFileMonitor9.0 - ok

03:04:02.0104 0x0ebc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

03:04:02.0135 0x0ebc  AdobeARMservice - ok

03:04:02.0220 0x0ebc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

03:04:02.0264 0x0ebc  adp94xx - ok

03:04:02.0310 0x0ebc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys

03:04:02.0347 0x0ebc  adpahci - ok

03:04:02.0374 0x0ebc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys

03:04:02.0403 0x0ebc  adpu320 - ok

03:04:02.0453 0x0ebc  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

03:04:02.0495 0x0ebc  AeLookupSvc - ok

03:04:02.0531 0x0ebc  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys

03:04:02.0586 0x0ebc  AFD - ok

03:04:02.0615 0x0ebc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys

03:04:02.0640 0x0ebc  agp440 - ok

03:04:02.0681 0x0ebc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

03:04:02.0701 0x0ebc  aic78xx - ok

03:04:02.0731 0x0ebc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe

03:04:02.0761 0x0ebc  ALG - ok

03:04:02.0797 0x0ebc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys

03:04:02.0813 0x0ebc  aliide - ok

03:04:02.0843 0x0ebc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

03:04:02.0872 0x0ebc  amdagp - ok

03:04:02.0879 0x0ebc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys

03:04:02.0899 0x0ebc  amdide - ok

03:04:02.0919 0x0ebc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

03:04:02.0939 0x0ebc  AmdK8 - ok

03:04:02.0959 0x0ebc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

03:04:02.0989 0x0ebc  AmdPPM - ok

03:04:03.0121 0x0ebc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

03:04:03.0171 0x0ebc  amdsata - ok

03:04:03.0303 0x0ebc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

03:04:03.0343 0x0ebc  amdsbs - ok

03:04:03.0363 0x0ebc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

03:04:03.0383 0x0ebc  amdxata - ok

03:04:03.0383 0x0ebc  Object required for P2P: [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata

03:04:23.0409 0x0ebc  Object send P2P result: false

03:04:23.0480 0x0ebc  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys

03:04:23.0529 0x0ebc  AppID - ok

03:04:23.0555 0x0ebc  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll

03:04:23.0595 0x0ebc  AppIDSvc - ok

03:04:23.0625 0x0ebc  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll

03:04:23.0645 0x0ebc  Appinfo - ok

03:04:23.0665 0x0ebc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys

03:04:23.0685 0x0ebc  arc - ok

03:04:23.0715 0x0ebc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys

03:04:23.0739 0x0ebc  arcsas - ok

03:04:23.0836 0x0ebc  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

03:04:23.0886 0x0ebc  aspnet_state - ok

03:04:23.0916 0x0ebc  [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

03:04:23.0936 0x0ebc  aswHwid - ok

03:04:23.0956 0x0ebc  [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

03:04:23.0976 0x0ebc  aswMonFlt - ok

03:04:23.0989 0x0ebc  [ DE8D7912469E4BC5FAED78D9D1076888, 8545139B7A7D0B672A0225686BFB03EBEA6E7202D93B772CB2F74CA9E4D7F81D ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

03:04:24.0019 0x0ebc  aswRdr - ok

03:04:24.0029 0x0ebc  [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

03:04:24.0059 0x0ebc  aswRvrt - ok

03:04:24.0101 0x0ebc  [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

03:04:24.0161 0x0ebc  aswSnx - ok

03:04:24.0181 0x0ebc  [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP           C:\Windows\system32\drivers\aswSP.sys

03:04:24.0231 0x0ebc  aswSP - ok

03:04:24.0261 0x0ebc  [ 401E663D9CBAFB580FF37A1A44AC84D9, EFF1DA23A1F316B0FA03467F6C04B83EA39D8484A1A7EDF5FCFF20F1CF8DC2E2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys

03:04:24.0281 0x0ebc  aswStm - ok

03:04:24.0291 0x0ebc  [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

03:04:24.0333 0x0ebc  aswVmm - ok

03:04:24.0364 0x0ebc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

03:04:24.0394 0x0ebc  AsyncMac - ok

03:04:24.0454 0x0ebc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys

03:04:24.0474 0x0ebc  atapi - ok

03:04:24.0574 0x0ebc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

03:04:24.0634 0x0ebc  AudioEndpointBuilder - ok

03:04:24.0664 0x0ebc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll

03:04:24.0724 0x0ebc  Audiosrv - ok

03:04:24.0784 0x0ebc  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

03:04:24.0804 0x0ebc  avast! Antivirus - ok

03:04:24.0843 0x0ebc  avgwd - ok

03:04:24.0869 0x0ebc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll

03:04:24.0899 0x0ebc  AxInstSV - ok

03:04:24.0949 0x0ebc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys

03:04:24.0989 0x0ebc  b06bdrv - ok

03:04:25.0009 0x0ebc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys

03:04:25.0053 0x0ebc  b57nd60x - ok

03:04:25.0090 0x0ebc  [ 5CD0EB84E73132C10CDDC8BCF64E37C0, 2576E080AA0D4E2ADCC2F9BECDE3DCCDB452FEA60BC837F85169187353D03770 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys

03:04:25.0110 0x0ebc  b57xdbd - ok

03:04:25.0140 0x0ebc  [ 14A09B48562F63257265FB5E42B00AC7, 34E85B9E303D3AC7661150224D09F175EAA42BB7A2FD6D324501D2F0E7345985 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys

03:04:25.0160 0x0ebc  b57xdmp - ok

03:04:25.0370 0x0ebc  [ 8AA13A6CD43499A7ADE49B4B9089302F, FE1CE3A79271DE15F3BE88FDF93211FA49ABF726A818045969C77B738F027F85 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys

03:04:25.0540 0x0ebc  BCM43XX - ok

03:04:25.0620 0x0ebc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll

03:04:25.0670 0x0ebc  BDESVC - ok

03:04:25.0690 0x0ebc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys

03:04:25.0720 0x0ebc  Beep - ok

03:04:25.0772 0x0ebc  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll

03:04:25.0829 0x0ebc  BFE - ok

03:04:25.0884 0x0ebc  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll

03:04:25.0944 0x0ebc  BITS - ok

03:04:25.0954 0x0ebc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

03:04:25.0984 0x0ebc  blbdrive - ok

03:04:26.0014 0x0ebc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

03:04:26.0034 0x0ebc  bowser - ok

03:04:26.0075 0x0ebc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

03:04:26.0095 0x0ebc  BrFiltLo - ok

03:04:26.0105 0x0ebc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

03:04:26.0135 0x0ebc  BrFiltUp - ok

03:04:26.0155 0x0ebc  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

03:04:26.0195 0x0ebc  BridgeMP - ok

03:04:26.0225 0x0ebc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll

03:04:26.0255 0x0ebc  Browser - ok

03:04:26.0295 0x0ebc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

03:04:26.0335 0x0ebc  Brserid - ok

03:04:26.0375 0x0ebc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

03:04:26.0405 0x0ebc  BrSerWdm - ok

03:04:26.0435 0x0ebc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

03:04:26.0455 0x0ebc  BrUsbMdm - ok

03:04:26.0495 0x0ebc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

03:04:26.0515 0x0ebc  BrUsbSer - ok

03:04:26.0565 0x0ebc  [ B1CFA780D968AC7ED07DCE1D3541BCD5, CE62D191FB4F8DC8342C5288BC16EA79044831B3FF45C3B32C7A54C5A3C90079 ] bScsiMSx        C:\Windows\system32\DRIVERS\bScsiMSx.sys

03:04:26.0585 0x0ebc  bScsiMSx - ok

03:04:26.0605 0x0ebc  [ AD89ED05A8EA1E7A0EB0BF162AA95ED0, 9232CB20850FF1608E00F32461D97F23C07597A043E9654D2682273B6F10CF9F ] bScsiSDx        C:\Windows\system32\DRIVERS\bScsiSDx.sys

03:04:26.0625 0x0ebc  bScsiSDx - ok

03:04:26.0645 0x0ebc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

03:04:26.0665 0x0ebc  BTHMODEM - ok

03:04:26.0705 0x0ebc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll

03:04:26.0755 0x0ebc  bthserv - ok

03:04:26.0845 0x0ebc  catchme - ok

03:04:26.0875 0x0ebc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

03:04:26.0925 0x0ebc  cdfs - ok

03:04:26.0955 0x0ebc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

03:04:26.0985 0x0ebc  cdrom - ok

03:04:27.0015 0x0ebc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll

03:04:27.0045 0x0ebc  CertPropSvc - ok

03:04:27.0081 0x0ebc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys

03:04:27.0107 0x0ebc  circlass - ok

03:04:27.0142 0x0ebc  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys

03:04:27.0170 0x0ebc  CLFS - ok

03:04:27.0220 0x0ebc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

03:04:27.0270 0x0ebc  clr_optimization_v2.0.50727_32 - ok

03:04:27.0310 0x0ebc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

03:04:27.0350 0x0ebc  clr_optimization_v4.0.30319_32 - ok

03:04:27.0360 0x0ebc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

03:04:27.0390 0x0ebc  CmBatt - ok

03:04:27.0420 0x0ebc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

03:04:27.0440 0x0ebc  cmdide - ok

03:04:27.0490 0x0ebc  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys

03:04:27.0550 0x0ebc  CNG - ok

03:04:27.0570 0x0ebc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

03:04:27.0590 0x0ebc  Compbatt - ok

03:04:27.0600 0x0ebc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

03:04:27.0630 0x0ebc  CompositeBus - ok

03:04:27.0630 0x0ebc  COMSysApp - ok

03:04:27.0672 0x0ebc  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe

03:04:27.0702 0x0ebc  cphs - ok

03:04:27.0732 0x0ebc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

03:04:27.0752 0x0ebc  crcdisk - ok

03:04:27.0792 0x0ebc  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

03:04:27.0822 0x0ebc  CryptSvc - ok

03:04:27.0862 0x0ebc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll

03:04:27.0922 0x0ebc  DcomLaunch - ok

03:04:27.0972 0x0ebc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll

03:04:28.0062 0x0ebc  defragsvc - ok

03:04:28.0072 0x0ebc  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

03:04:28.0112 0x0ebc  DfsC - ok

03:04:28.0140 0x0ebc  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll

03:04:28.0174 0x0ebc  Dhcp - ok

03:04:28.0204 0x0ebc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys

03:04:28.0244 0x0ebc  discache - ok

03:04:28.0264 0x0ebc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys

03:04:28.0284 0x0ebc  Disk - ok

03:04:28.0314 0x0ebc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll

03:04:28.0344 0x0ebc  Dnscache - ok

03:04:28.0424 0x0ebc  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll

03:04:28.0484 0x0ebc  dot3svc - ok

03:04:28.0514 0x0ebc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll

03:04:28.0554 0x0ebc  DPS - ok

03:04:28.0594 0x0ebc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

03:04:28.0634 0x0ebc  drmkaud - ok

03:04:28.0664 0x0ebc  [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

03:04:28.0694 0x0ebc  dtsoftbus01 - ok

03:04:28.0774 0x0ebc  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

03:04:28.0834 0x0ebc  DXGKrnl - ok

03:04:28.0854 0x0ebc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll

03:04:28.0894 0x0ebc  EapHost - ok

03:04:29.0054 0x0ebc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys

03:04:29.0207 0x0ebc  ebdrv - ok

03:04:29.0247 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe

03:04:29.0297 0x0ebc  EFS - ok

03:04:29.0387 0x0ebc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

03:04:29.0457 0x0ebc  ehRecvr - ok

03:04:29.0467 0x0ebc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe

03:04:29.0497 0x0ebc  ehSched - ok

03:04:29.0537 0x0ebc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

03:04:29.0577 0x0ebc  elxstor - ok

03:04:29.0597 0x0ebc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

03:04:29.0617 0x0ebc  ErrDev - ok

03:04:29.0657 0x0ebc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll

03:04:29.0707 0x0ebc  EventSystem - ok

03:04:29.0737 0x0ebc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys

03:04:29.0777 0x0ebc  exfat - ok

03:04:29.0817 0x0ebc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

03:04:29.0887 0x0ebc  fastfat - ok

03:04:29.0927 0x0ebc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe

03:04:29.0977 0x0ebc  Fax - ok

03:04:29.0997 0x0ebc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys

03:04:30.0017 0x0ebc  fdc - ok

03:04:30.0037 0x0ebc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll

03:04:30.0077 0x0ebc  fdPHost - ok

03:04:30.0097 0x0ebc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll

03:04:30.0138 0x0ebc  FDResPub - ok

03:04:30.0158 0x0ebc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

03:04:30.0169 0x0ebc  FileInfo - ok

03:04:30.0179 0x0ebc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

03:04:30.0219 0x0ebc  Filetrace - ok

03:04:30.0239 0x0ebc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

03:04:30.0259 0x0ebc  flpydisk - ok

03:04:30.0289 0x0ebc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

03:04:30.0309 0x0ebc  FltMgr - ok

03:04:30.0399 0x0ebc  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll

03:04:30.0469 0x0ebc  FontCache - ok

03:04:30.0549 0x0ebc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

03:04:30.0589 0x0ebc  FontCache3.0.0.0 - ok

03:04:30.0609 0x0ebc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

03:04:30.0639 0x0ebc  FsDepends - ok

03:04:30.0669 0x0ebc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

03:04:30.0689 0x0ebc  Fs_Rec - ok

03:04:30.0719 0x0ebc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

03:04:30.0749 0x0ebc  fvevol - ok

03:04:30.0789 0x0ebc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

03:04:30.0809 0x0ebc  gagp30kx - ok

03:04:30.0919 0x0ebc  [ 5AE64F0DDD7EBD1532FC70ECDB963023, 28D5F5B1B3AFC335EFC1ABD1B8EBA3C9629C6552F81670A4B5DBDFB18110C5D7 ] GoogleIMEJaCacheService C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe

03:04:30.0973 0x0ebc  GoogleIMEJaCacheService - ok

03:04:31.0019 0x0ebc  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll

03:04:31.0089 0x0ebc  gpsvc - ok

03:04:31.0151 0x0ebc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

03:04:31.0169 0x0ebc  gupdate - ok

03:04:31.0179 0x0ebc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

03:04:31.0199 0x0ebc  gupdatem - ok

03:04:31.0229 0x0ebc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

03:04:31.0259 0x0ebc  gusvc - ok

03:04:31.0289 0x0ebc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

03:04:31.0309 0x0ebc  hcw85cir - ok

03:04:31.0349 0x0ebc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

03:04:31.0389 0x0ebc  HdAudAddService - ok

03:04:31.0399 0x0ebc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

03:04:31.0429 0x0ebc  HDAudBus - ok

03:04:31.0449 0x0ebc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

03:04:31.0469 0x0ebc  HidBatt - ok

03:04:31.0509 0x0ebc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys

03:04:31.0539 0x0ebc  HidBth - ok

03:04:31.0559 0x0ebc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys

03:04:31.0589 0x0ebc  HidIr - ok

03:04:31.0629 0x0ebc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll

03:04:31.0668 0x0ebc  hidserv - ok

03:04:31.0688 0x0ebc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

03:04:31.0718 0x0ebc  HidUsb - ok

03:04:31.0741 0x0ebc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll

03:04:31.0774 0x0ebc  hkmsvc - ok

03:04:31.0811 0x0ebc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll

03:04:31.0846 0x0ebc  HomeGroupListener - ok

03:04:31.0876 0x0ebc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

03:04:31.0906 0x0ebc  HomeGroupProvider - ok

03:04:31.0946 0x0ebc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

03:04:31.0966 0x0ebc  HpSAMD - ok

03:04:32.0002 0x0ebc  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

03:04:32.0062 0x0ebc  HTTP - ok

03:04:32.0082 0x0ebc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

03:04:32.0092 0x0ebc  hwpolicy - ok

03:04:32.0112 0x0ebc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

03:04:32.0150 0x0ebc  i8042prt - ok

03:04:32.0204 0x0ebc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

03:04:32.0234 0x0ebc  iaStorV - ok

03:04:32.0304 0x0ebc  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

03:04:32.0364 0x0ebc  idsvc - ok

03:04:32.0364 0x0ebc  IEEtwCollectorService - ok

03:04:32.0726 0x0ebc  [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys

03:04:32.0914 0x0ebc  igfx - ok

03:04:32.0954 0x0ebc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys

03:04:32.0974 0x0ebc  iirsp - ok

03:04:33.0024 0x0ebc  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll

03:04:33.0084 0x0ebc  IKEEXT - ok

03:04:33.0094 0x0ebc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys

03:04:33.0114 0x0ebc  intelide - ok

03:04:33.0155 0x0ebc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

03:04:33.0183 0x0ebc  intelppm - ok

03:04:33.0198 0x0ebc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

03:04:33.0241 0x0ebc  IPBusEnum - ok

03:04:33.0261 0x0ebc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

03:04:33.0301 0x0ebc  IpFilterDriver - ok

03:04:33.0341 0x0ebc  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

03:04:33.0402 0x0ebc  iphlpsvc - ok

03:04:33.0417 0x0ebc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

03:04:33.0434 0x0ebc  IPMIDRV - ok

03:04:33.0464 0x0ebc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

03:04:33.0504 0x0ebc  IPNAT - ok

03:04:33.0524 0x0ebc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys

03:04:33.0554 0x0ebc  IRENUM - ok

03:04:33.0564 0x0ebc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys

03:04:33.0584 0x0ebc  isapnp - ok

03:04:33.0624 0x0ebc  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

03:04:33.0654 0x0ebc  iScsiPrt - ok

03:04:33.0694 0x0ebc  [ 8497AC41BA99ED488A312856B67832C4, E016F625B4F934B60F58DE4EACB274FABED174F0B2C4BC6887896E73374B7FD2 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys

03:04:33.0724 0x0ebc  k57nd60x - ok

03:04:33.0744 0x0ebc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

03:04:33.0764 0x0ebc  kbdclass - ok

03:04:33.0794 0x0ebc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

03:04:33.0814 0x0ebc  kbdhid - ok

03:04:33.0824 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe

03:04:33.0854 0x0ebc  KeyIso - ok

03:04:33.0884 0x0ebc  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

03:04:33.0904 0x0ebc  KSecDD - ok

03:04:33.0914 0x0ebc  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

03:04:33.0944 0x0ebc  KSecPkg - ok

03:04:33.0984 0x0ebc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll

03:04:34.0041 0x0ebc  KtmRm - ok

03:04:34.0081 0x0ebc  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll

03:04:34.0131 0x0ebc  LanmanServer - ok

03:04:34.0166 0x0ebc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

03:04:34.0203 0x0ebc  LanmanWorkstation - ok

03:04:34.0243 0x0ebc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

03:04:34.0273 0x0ebc  lltdio - ok

03:04:34.0313 0x0ebc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

03:04:34.0363 0x0ebc  lltdsvc - ok

03:04:34.0383 0x0ebc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll

03:04:34.0423 0x0ebc  lmhosts - ok

03:04:34.0473 0x0ebc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

03:04:34.0503 0x0ebc  LSI_FC - ok

03:04:34.0523 0x0ebc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

03:04:34.0553 0x0ebc  LSI_SAS - ok

03:04:34.0587 0x0ebc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

03:04:34.0609 0x0ebc  LSI_SAS2 - ok

03:04:34.0642 0x0ebc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

03:04:34.0658 0x0ebc  LSI_SCSI - ok

03:04:34.0680 0x0ebc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys

03:04:34.0720 0x0ebc  luafv - ok

03:04:34.0750 0x0ebc  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

03:04:34.0780 0x0ebc  MBAMSwissArmy - ok

03:04:34.0820 0x0ebc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

03:04:34.0850 0x0ebc  Mcx2Svc - ok

03:04:34.0850 0x0ebc  Object required for P2P: [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc

03:04:54.0873 0x0ebc  Object send P2P result: false

03:04:54.0945 0x0ebc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys

03:04:54.0995 0x0ebc  megasas - ok

03:04:55.0025 0x0ebc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

03:04:55.0056 0x0ebc  MegaSR - ok

03:04:55.0099 0x0ebc  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys

03:04:55.0123 0x0ebc  MEI - ok

03:04:55.0178 0x0ebc  [ 600630D8A1703CFC9ED00E20C0CA6212, 4C6432DBB3B2AF687CE33C249E682EB841E3D27EADAE32748EDB3D0F1892663E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys

03:04:55.0228 0x0ebc  mfehidk - ok

03:04:55.0274 0x0ebc  [ 469F5BC46C4850FC653365005C58E076, DB9A1F2B5218217B211FC0BFE8E6C5288ECE9BE85BCA66D3EF0C863BB582AD66 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys

03:04:55.0298 0x0ebc  mferkdet - ok

03:04:55.0317 0x0ebc  [ 33FFACE454410F61B106F7BCE241B08C, B19E113869785FD5A743AF957EBE0C434047935F97DA444FD861F25A241D3D12 ] mfevtp          C:\Windows\system32\mfevtps.exe

03:04:55.0347 0x0ebc  mfevtp - ok

03:04:55.0377 0x0ebc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll

03:04:55.0437 0x0ebc  MMCSS - ok

03:04:55.0457 0x0ebc  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys

03:04:55.0497 0x0ebc  Modem - ok

03:04:55.0527 0x0ebc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

03:04:55.0547 0x0ebc  monitor - ok

03:04:55.0547 0x0ebc  Object required for P2P: [ 79D10964DE86B292320E9DFE02282A23 ] monitor

03:05:15.0578 0x0ebc  Object send P2P result: false

Link to post
Share on other sites
03:05:15.0638 0x0ebc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

03:05:15.0688 0x0ebc  mouclass - ok

03:05:15.0708 0x0ebc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

03:05:15.0748 0x0ebc  mouhid - ok

03:05:15.0758 0x0ebc  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

03:05:15.0778 0x0ebc  mountmgr - ok

03:05:15.0808 0x0ebc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

03:05:15.0838 0x0ebc  MozillaMaintenance - ok

03:05:15.0858 0x0ebc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys

03:05:15.0888 0x0ebc  mpio - ok

03:05:15.0908 0x0ebc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

03:05:15.0948 0x0ebc  mpsdrv - ok

03:05:16.0018 0x0ebc  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll

03:05:16.0088 0x0ebc  MpsSvc - ok

03:05:16.0118 0x0ebc  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

03:05:16.0148 0x0ebc  MRxDAV - ok

03:05:16.0178 0x0ebc  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

03:05:16.0208 0x0ebc  mrxsmb - ok

03:05:16.0218 0x0ebc  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

03:05:16.0258 0x0ebc  mrxsmb10 - ok

03:05:16.0268 0x0ebc  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

03:05:16.0288 0x0ebc  mrxsmb20 - ok

03:05:16.0328 0x0ebc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys

03:05:16.0348 0x0ebc  msahci - ok

03:05:16.0388 0x0ebc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

03:05:16.0408 0x0ebc  msdsm - ok

03:05:16.0408 0x0ebc  Object required for P2P: [ 55055F8AD8BE27A64C831322A780A228 ] msdsm

03:05:19.0478 0x0ebc  Object send P2P result: true

03:05:19.0598 0x0ebc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe

03:05:19.0648 0x0ebc  MSDTC - ok

03:05:19.0698 0x0ebc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys

03:05:19.0728 0x0ebc  Msfs - ok

03:05:19.0748 0x0ebc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

03:05:19.0788 0x0ebc  mshidkmdf - ok

03:05:19.0798 0x0ebc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

03:05:19.0818 0x0ebc  msisadrv - ok

03:05:19.0858 0x0ebc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

03:05:19.0938 0x0ebc  MSiSCSI - ok

03:05:19.0948 0x0ebc  msiserver - ok

03:05:19.0968 0x0ebc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

03:05:20.0008 0x0ebc  MSKSSRV - ok

03:05:20.0018 0x0ebc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

03:05:20.0068 0x0ebc  MSPCLOCK - ok

03:05:20.0078 0x0ebc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

03:05:20.0108 0x0ebc  MSPQM - ok

03:05:20.0138 0x0ebc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

03:05:20.0158 0x0ebc  MsRPC - ok

03:05:20.0178 0x0ebc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

03:05:20.0198 0x0ebc  mssmbios - ok

03:05:20.0208 0x0ebc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

03:05:20.0248 0x0ebc  MSTEE - ok

03:05:20.0268 0x0ebc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

03:05:20.0288 0x0ebc  MTConfig - ok

03:05:20.0298 0x0ebc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys

03:05:20.0318 0x0ebc  Mup - ok

03:05:20.0358 0x0ebc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll

03:05:20.0418 0x0ebc  napagent - ok

03:05:20.0438 0x0ebc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

03:05:20.0478 0x0ebc  NativeWifiP - ok

03:05:20.0518 0x0ebc  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys

03:05:20.0568 0x0ebc  NDIS - ok

03:05:20.0598 0x0ebc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

03:05:20.0658 0x0ebc  NdisCap - ok

03:05:20.0688 0x0ebc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

03:05:20.0728 0x0ebc  NdisTapi - ok

03:05:20.0738 0x0ebc  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

03:05:20.0778 0x0ebc  Ndisuio - ok

03:05:20.0798 0x0ebc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

03:05:20.0838 0x0ebc  NdisWan - ok

03:05:20.0858 0x0ebc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

03:05:20.0888 0x0ebc  NDProxy - ok

03:05:20.0918 0x0ebc  [ 1FAA852C845912797275319CBCAA27D2, DE5B45D1FE8422E21A900BAA4D41B5EC58591AEF0755DDDF5707C6B0E05DE390 ] Neo_VPN         C:\Windows\system32\DRIVERS\Neo_0103.sys

03:05:20.0948 0x0ebc  Neo_VPN - ok

03:05:20.0968 0x0ebc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

03:05:21.0008 0x0ebc  NetBIOS - ok

03:05:21.0028 0x0ebc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

03:05:21.0068 0x0ebc  NetBT - ok

03:05:21.0078 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe

03:05:21.0098 0x0ebc  Netlogon - ok

03:05:21.0138 0x0ebc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll

03:05:21.0188 0x0ebc  Netman - ok

03:05:21.0218 0x0ebc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:05:21.0248 0x0ebc  NetMsmqActivator - ok

03:05:21.0258 0x0ebc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:05:21.0278 0x0ebc  NetPipeActivator - ok

03:05:21.0298 0x0ebc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll

03:05:21.0366 0x0ebc  netprofm - ok

03:05:21.0374 0x0ebc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:05:21.0400 0x0ebc  NetTcpActivator - ok

03:05:21.0400 0x0ebc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

03:05:21.0430 0x0ebc  NetTcpPortSharing - ok

03:05:21.0450 0x0ebc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

03:05:21.0470 0x0ebc  nfrd960 - ok

03:05:21.0510 0x0ebc  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll

03:05:21.0550 0x0ebc  NlaSvc - ok

03:05:21.0560 0x0ebc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

03:05:21.0600 0x0ebc  Npfs - ok

03:05:21.0600 0x0ebc  npggsvc - ok

03:05:21.0630 0x0ebc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll

03:05:21.0670 0x0ebc  nsi - ok

03:05:21.0690 0x0ebc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

03:05:21.0720 0x0ebc  nsiproxy - ok

03:05:21.0820 0x0ebc  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

03:05:21.0900 0x0ebc  Ntfs - ok

03:05:21.0930 0x0ebc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys

03:05:21.0970 0x0ebc  Null - ok

03:05:21.0990 0x0ebc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys

03:05:22.0010 0x0ebc  nvraid - ok

03:05:22.0062 0x0ebc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

03:05:22.0082 0x0ebc  nvstor - ok

03:05:22.0112 0x0ebc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

03:05:22.0132 0x0ebc  nv_agp - ok

03:05:22.0162 0x0ebc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

03:05:22.0192 0x0ebc  ohci1394 - ok

03:05:22.0252 0x0ebc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

03:05:22.0307 0x0ebc  ose - ok

03:05:22.0514 0x0ebc  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

03:05:22.0694 0x0ebc  osppsvc - ok

03:05:22.0764 0x0ebc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

03:05:22.0824 0x0ebc  p2pimsvc - ok

03:05:22.0844 0x0ebc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll

03:05:22.0874 0x0ebc  p2psvc - ok

03:05:22.0914 0x0ebc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys

03:05:22.0934 0x0ebc  Parport - ok

03:05:22.0954 0x0ebc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys

03:05:22.0974 0x0ebc  partmgr - ok

03:05:22.0994 0x0ebc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

03:05:23.0014 0x0ebc  Parvdm - ok

03:05:23.0054 0x0ebc  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll

03:05:23.0084 0x0ebc  PcaSvc - ok

03:05:23.0104 0x0ebc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys

03:05:23.0134 0x0ebc  pci - ok

03:05:23.0164 0x0ebc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys

03:05:23.0184 0x0ebc  pciide - ok

03:05:23.0234 0x0ebc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

03:05:23.0274 0x0ebc  pcmcia - ok

03:05:23.0284 0x0ebc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys

03:05:23.0304 0x0ebc  pcw - ok

03:05:23.0344 0x0ebc  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

03:05:23.0404 0x0ebc  PEAUTH - ok

03:05:23.0504 0x0ebc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll

03:05:23.0614 0x0ebc  pla - ok

03:05:23.0654 0x0ebc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

03:05:23.0694 0x0ebc  PlugPlay - ok

03:05:23.0724 0x0ebc  [ 3A2E85F7D90D15460C337CE80C2E3B29, EECAA20359FD2D75D6A564A3BAADACAA2CB69D061E455AA3F75055A3EAB54168 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe

03:05:23.0744 0x0ebc  PnkBstrA - ok

03:05:23.0774 0x0ebc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

03:05:23.0804 0x0ebc  PNRPAutoReg - ok

03:05:23.0824 0x0ebc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

03:05:23.0864 0x0ebc  PNRPsvc - ok

03:05:23.0904 0x0ebc  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

03:05:23.0964 0x0ebc  PolicyAgent - ok

03:05:23.0994 0x0ebc  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll

03:05:24.0039 0x0ebc  Power - ok

03:05:24.0069 0x0ebc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

03:05:24.0109 0x0ebc  PptpMiniport - ok

03:05:24.0119 0x0ebc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys

03:05:24.0149 0x0ebc  Processor - ok

03:05:24.0201 0x0ebc  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll

03:05:24.0231 0x0ebc  ProfSvc - ok

03:05:24.0241 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe

03:05:24.0271 0x0ebc  ProtectedStorage - ok

03:05:24.0281 0x0ebc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

03:05:24.0331 0x0ebc  Psched - ok

03:05:24.0371 0x0ebc  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys

03:05:24.0401 0x0ebc  PxHelp20 - ok

03:05:24.0471 0x0ebc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys

03:05:24.0541 0x0ebc  ql2300 - ok

03:05:24.0561 0x0ebc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

03:05:24.0581 0x0ebc  ql40xx - ok

03:05:24.0621 0x0ebc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll

03:05:24.0661 0x0ebc  QWAVE - ok

03:05:24.0671 0x0ebc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

03:05:24.0691 0x0ebc  QWAVEdrv - ok

03:05:24.0721 0x0ebc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

03:05:24.0751 0x0ebc  RasAcd - ok

03:05:24.0771 0x0ebc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

03:05:24.0801 0x0ebc  RasAgileVpn - ok

03:05:24.0841 0x0ebc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll

03:05:24.0881 0x0ebc  RasAuto - ok

03:05:24.0881 0x0ebc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

03:05:24.0921 0x0ebc  Rasl2tp - ok

03:05:24.0941 0x0ebc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll

03:05:24.0991 0x0ebc  RasMan - ok

03:05:25.0011 0x0ebc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

03:05:25.0051 0x0ebc  RasPppoe - ok

03:05:25.0091 0x0ebc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

03:05:25.0121 0x0ebc  RasSstp - ok

03:05:25.0141 0x0ebc  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

03:05:25.0191 0x0ebc  rdbss - ok

03:05:25.0201 0x0ebc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

03:05:25.0231 0x0ebc  rdpbus - ok

03:05:25.0241 0x0ebc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

03:05:25.0281 0x0ebc  RDPCDD - ok

03:05:25.0291 0x0ebc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

03:05:25.0321 0x0ebc  RDPENCDD - ok

03:05:25.0341 0x0ebc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

03:05:25.0371 0x0ebc  RDPREFMP - ok

03:05:25.0401 0x0ebc  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

03:05:25.0421 0x0ebc  RdpVideoMiniport - ok

03:05:25.0451 0x0ebc  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

03:05:25.0481 0x0ebc  RDPWD - ok

03:05:25.0481 0x0ebc  Object required for P2P: [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD

03:05:28.0726 0x0ebc  Object send P2P result: true

03:05:28.0806 0x0ebc  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

03:05:28.0856 0x0ebc  rdyboost - ok

03:05:28.0886 0x0ebc  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll

03:05:28.0936 0x0ebc  RemoteAccess - ok

03:05:28.0966 0x0ebc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll

03:05:29.0006 0x0ebc  RemoteRegistry - ok

03:05:29.0026 0x0ebc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

03:05:29.0066 0x0ebc  RpcEptMapper - ok

03:05:29.0096 0x0ebc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe

03:05:29.0146 0x0ebc  RpcLocator - ok

03:05:29.0166 0x0ebc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll

03:05:29.0226 0x0ebc  RpcSs - ok

03:05:29.0256 0x0ebc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

03:05:29.0296 0x0ebc  rspndr - ok

03:05:29.0306 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe

03:05:29.0336 0x0ebc  SamSs - ok

03:05:29.0356 0x0ebc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

03:05:29.0386 0x0ebc  sbp2port - ok

03:05:29.0416 0x0ebc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

03:05:29.0456 0x0ebc  SCardSvr - ok

03:05:29.0466 0x0ebc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

03:05:29.0506 0x0ebc  scfilter - ok

03:05:29.0546 0x0ebc  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll

03:05:29.0626 0x0ebc  Schedule - ok

03:05:29.0636 0x0ebc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll

03:05:29.0676 0x0ebc  SCPolicySvc - ok

03:05:29.0706 0x0ebc  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys

03:05:29.0736 0x0ebc  sdbus - ok

03:05:29.0766 0x0ebc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

03:05:29.0796 0x0ebc  SDRSVC - ok

03:05:29.0836 0x0ebc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

03:05:29.0866 0x0ebc  secdrv - ok

03:05:29.0886 0x0ebc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll

03:05:29.0926 0x0ebc  seclogon - ok

03:05:29.0936 0x0ebc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll

03:05:29.0976 0x0ebc  SENS - ok

03:05:30.0006 0x0ebc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

03:05:30.0036 0x0ebc  SensrSvc - ok

03:05:30.0056 0x0ebc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys

03:05:30.0076 0x0ebc  Serenum - ok

03:05:30.0096 0x0ebc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys

03:05:30.0126 0x0ebc  Serial - ok

03:05:30.0146 0x0ebc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys

03:05:30.0166 0x0ebc  sermouse - ok

03:05:30.0206 0x0ebc  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll

03:05:30.0246 0x0ebc  SessionEnv - ok

03:05:30.0276 0x0ebc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

03:05:30.0296 0x0ebc  sffdisk - ok

03:05:30.0336 0x0ebc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

03:05:30.0366 0x0ebc  sffp_mmc - ok

03:05:30.0376 0x0ebc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

03:05:30.0406 0x0ebc  sffp_sd - ok

03:05:30.0416 0x0ebc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

03:05:30.0446 0x0ebc  sfloppy - ok

03:05:30.0496 0x0ebc  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll

03:05:30.0566 0x0ebc  SharedAccess - ok

03:05:30.0616 0x0ebc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

03:05:30.0676 0x0ebc  ShellHWDetection - ok

03:05:30.0696 0x0ebc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys

03:05:30.0716 0x0ebc  sisagp - ok

03:05:30.0756 0x0ebc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

03:05:30.0786 0x0ebc  SiSRaid2 - ok

03:05:30.0806 0x0ebc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

03:05:30.0826 0x0ebc  SiSRaid4 - ok

03:05:30.0896 0x0ebc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe

03:05:30.0956 0x0ebc  SkypeUpdate - ok

03:05:30.0976 0x0ebc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

03:05:31.0016 0x0ebc  Smb - ok

03:05:31.0046 0x0ebc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

03:05:31.0076 0x0ebc  SNMPTRAP - ok

03:05:31.0086 0x0ebc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys

03:05:31.0106 0x0ebc  spldr - ok

03:05:31.0156 0x0ebc  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe

03:05:31.0216 0x0ebc  Spooler - ok

03:05:31.0386 0x0ebc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe

03:05:31.0556 0x0ebc  sppsvc - ok

03:05:31.0576 0x0ebc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll

03:05:31.0616 0x0ebc  sppuinotify - ok

03:05:31.0666 0x0ebc  [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd            C:\Windows\System32\Drivers\sptd.sys

03:05:31.0706 0x0ebc  sptd - ok

03:05:31.0746 0x0ebc  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys

03:05:31.0776 0x0ebc  srv - ok

03:05:31.0796 0x0ebc  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

03:05:31.0836 0x0ebc  srv2 - ok

03:05:31.0856 0x0ebc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

03:05:31.0876 0x0ebc  srvnet - ok

03:05:31.0906 0x0ebc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

03:05:31.0956 0x0ebc  SSDPSRV - ok

03:05:31.0966 0x0ebc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

03:05:32.0016 0x0ebc  SstpSvc - ok

03:05:32.0066 0x0ebc  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe

03:05:32.0106 0x0ebc  Steam Client Service - ok

03:05:32.0126 0x0ebc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys

03:05:32.0146 0x0ebc  stexstor - ok

03:05:32.0176 0x0ebc  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

03:05:32.0196 0x0ebc  StillCam - ok

03:05:32.0246 0x0ebc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll

03:05:32.0296 0x0ebc  StiSvc - ok

03:05:32.0336 0x0ebc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

03:05:32.0346 0x0ebc  swenum - ok

03:05:32.0386 0x0ebc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll

03:05:32.0446 0x0ebc  swprv - ok

03:05:32.0496 0x0ebc  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll

03:05:32.0583 0x0ebc  SysMain - ok

03:05:32.0618 0x0ebc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll

03:05:32.0648 0x0ebc  TabletInputService - ok

03:05:32.0669 0x0ebc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll

03:05:32.0710 0x0ebc  TapiSrv - ok

03:05:32.0730 0x0ebc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll

03:05:32.0780 0x0ebc  TBS - ok

03:05:32.0870 0x0ebc  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

03:05:32.0950 0x0ebc  Tcpip - ok

03:05:32.0990 0x0ebc  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

03:05:33.0062 0x0ebc  TCPIP6 - ok

03:05:33.0092 0x0ebc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

03:05:33.0112 0x0ebc  tcpipreg - ok

03:05:33.0142 0x0ebc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

03:05:33.0162 0x0ebc  TDPIPE - ok

03:05:33.0212 0x0ebc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

03:05:33.0252 0x0ebc  TDTCP - ok

03:05:33.0292 0x0ebc  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

03:05:33.0332 0x0ebc  tdx - ok

03:05:33.0332 0x0ebc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

03:05:33.0352 0x0ebc  TermDD - ok

03:05:33.0412 0x0ebc  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll

03:05:33.0502 0x0ebc  TermService - ok

03:05:33.0522 0x0ebc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll

03:05:33.0552 0x0ebc  Themes - ok

03:05:33.0562 0x0ebc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll

03:05:33.0602 0x0ebc  THREADORDER - ok

03:05:33.0622 0x0ebc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll

03:05:33.0672 0x0ebc  TrkWks - ok

03:05:33.0712 0x0ebc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

03:05:33.0752 0x0ebc  TrustedInstaller - ok

03:05:33.0782 0x0ebc  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

03:05:33.0812 0x0ebc  tssecsrv - ok

03:05:33.0832 0x0ebc  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

03:05:33.0862 0x0ebc  TsUsbFlt - ok

03:05:33.0882 0x0ebc  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

03:05:33.0912 0x0ebc  TsUsbGD - ok

03:05:33.0942 0x0ebc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

03:05:33.0982 0x0ebc  tunnel - ok

03:05:34.0002 0x0ebc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

03:05:34.0022 0x0ebc  uagp35 - ok

03:05:34.0052 0x0ebc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

03:05:34.0102 0x0ebc  udfs - ok

03:05:34.0102 0x0ebc  Object required for P2P: [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs

03:05:37.0184 0x0ebc  Object send P2P result: true

03:05:37.0254 0x0ebc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe

03:05:37.0284 0x0ebc  UI0Detect - ok

03:05:37.0314 0x0ebc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

03:05:37.0334 0x0ebc  uliagpkx - ok

03:05:37.0354 0x0ebc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

03:05:37.0384 0x0ebc  umbus - ok

03:05:37.0394 0x0ebc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys

03:05:37.0414 0x0ebc  UmPass - ok

03:05:37.0444 0x0ebc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll

03:05:37.0494 0x0ebc  upnphost - ok

03:05:37.0514 0x0ebc  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

03:05:37.0534 0x0ebc  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )

03:05:37.0534 0x0ebc  Detect skipped due to KSN trusted

03:05:37.0534 0x0ebc  USBAAPL - ok

03:05:37.0564 0x0ebc  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

03:05:37.0594 0x0ebc  usbaudio - ok

03:05:37.0624 0x0ebc  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

03:05:37.0654 0x0ebc  usbccgp - ok

03:05:37.0674 0x0ebc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys

03:05:37.0704 0x0ebc  usbcir - ok

03:05:37.0731 0x0ebc  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys

03:05:37.0755 0x0ebc  usbehci - ok

03:05:37.0782 0x0ebc  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

03:05:37.0807 0x0ebc  usbhub - ok

03:05:37.0807 0x0ebc  Object required for P2P: [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub

03:05:40.0897 0x0ebc  Object send P2P result: true

03:05:40.0957 0x0ebc  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

03:05:41.0007 0x0ebc  usbohci - ok

03:05:41.0027 0x0ebc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys

03:05:41.0047 0x0ebc  usbprint - ok

03:05:41.0077 0x0ebc  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

03:05:41.0107 0x0ebc  usbscan - ok

03:05:41.0137 0x0ebc  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

03:05:41.0157 0x0ebc  USBSTOR - ok

03:05:41.0187 0x0ebc  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

03:05:41.0207 0x0ebc  usbuhci - ok

03:05:41.0247 0x0ebc  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

03:05:41.0277 0x0ebc  usbvideo - ok

03:05:41.0297 0x0ebc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll

03:05:41.0337 0x0ebc  UxSms - ok

03:05:41.0347 0x0ebc  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe

03:05:41.0367 0x0ebc  VaultSvc - ok

03:05:41.0387 0x0ebc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

03:05:41.0407 0x0ebc  vdrvroot - ok

03:05:41.0437 0x0ebc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe

03:05:41.0497 0x0ebc  vds - ok

03:05:41.0527 0x0ebc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

03:05:41.0557 0x0ebc  vga - ok

03:05:41.0567 0x0ebc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys

03:05:41.0607 0x0ebc  VgaSave - ok

03:05:41.0637 0x0ebc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

03:05:41.0667 0x0ebc  vhdmp - ok

03:05:41.0687 0x0ebc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys

03:05:41.0707 0x0ebc  viaagp - ok

03:05:41.0727 0x0ebc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys

03:05:41.0747 0x0ebc  ViaC7 - ok

03:05:41.0787 0x0ebc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys

03:05:41.0827 0x0ebc  viaide - ok

03:05:41.0857 0x0ebc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

03:05:41.0887 0x0ebc  volmgr - ok

03:05:41.0907 0x0ebc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

03:05:41.0937 0x0ebc  volmgrx - ok

03:05:41.0957 0x0ebc  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

03:05:41.0987 0x0ebc  volsnap - ok

03:05:42.0017 0x0ebc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

03:05:42.0047 0x0ebc  vsmraid - ok

03:05:42.0047 0x0ebc  Object required for P2P: [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid

03:05:45.0107 0x0ebc  Object send P2P result: true

03:05:45.0197 0x0ebc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe

03:05:45.0297 0x0ebc  VSS - ok

03:05:45.0317 0x0ebc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

03:05:45.0337 0x0ebc  vwifibus - ok

03:05:45.0357 0x0ebc  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

03:05:45.0377 0x0ebc  vwififlt - ok

03:05:45.0417 0x0ebc  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

03:05:45.0437 0x0ebc  vwifimp - ok

03:05:45.0467 0x0ebc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll

03:05:45.0527 0x0ebc  W32Time - ok

03:05:45.0537 0x0ebc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

03:05:45.0567 0x0ebc  WacomPen - ok

03:05:45.0577 0x0ebc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

03:05:45.0617 0x0ebc  WANARP - ok

03:05:45.0627 0x0ebc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

03:05:45.0657 0x0ebc  Wanarpv6 - ok

03:05:45.0747 0x0ebc  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

03:05:45.0827 0x0ebc  WatAdminSvc - ok

03:05:45.0887 0x0ebc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe

03:05:45.0977 0x0ebc  wbengine - ok

03:05:45.0997 0x0ebc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

03:05:46.0037 0x0ebc  WbioSrvc - ok

03:05:46.0047 0x0ebc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll

03:05:46.0097 0x0ebc  wcncsvc - ok

03:05:46.0117 0x0ebc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

03:05:46.0147 0x0ebc  WcsPlugInService - ok

03:05:46.0177 0x0ebc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys

03:05:46.0197 0x0ebc  Wd - ok

03:05:46.0247 0x0ebc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

03:05:46.0287 0x0ebc  Wdf01000 - ok

03:05:46.0307 0x0ebc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll

03:05:46.0337 0x0ebc  WdiServiceHost - ok

03:05:46.0347 0x0ebc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll

03:05:46.0377 0x0ebc  WdiSystemHost - ok

03:05:46.0407 0x0ebc  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll

03:05:46.0447 0x0ebc  WebClient - ok

03:05:46.0487 0x0ebc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll

03:05:46.0527 0x0ebc  Wecsvc - ok

03:05:46.0547 0x0ebc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

03:05:46.0587 0x0ebc  wercplsupport - ok

03:05:46.0587 0x0ebc  Object required for P2P: [ AC804569BB2364FB6017370258A4091B ] wercplsupport

03:05:49.0747 0x0ebc  Object send P2P result: true

03:05:49.0817 0x0ebc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll

03:05:49.0877 0x0ebc  WerSvc - ok

03:05:49.0887 0x0ebc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

03:05:49.0927 0x0ebc  WfpLwf - ok

03:05:49.0967 0x0ebc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

03:05:49.0987 0x0ebc  WIMMount - ok

03:05:50.0077 0x0ebc  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

03:05:50.0137 0x0ebc  WinDefend - ok

03:05:50.0147 0x0ebc  WinHttpAutoProxySvc - ok

03:05:50.0217 0x0ebc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

03:05:50.0277 0x0ebc  Winmgmt - ok

03:05:50.0407 0x0ebc  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll

03:05:50.0517 0x0ebc  WinRM - ok

03:05:50.0547 0x0ebc  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

03:05:50.0577 0x0ebc  WinUsb - ok

03:05:50.0657 0x0ebc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll

03:05:50.0737 0x0ebc  Wlansvc - ok

03:05:50.0857 0x0ebc  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

03:05:50.0957 0x0ebc  wlidsvc - ok

03:05:50.0987 0x0ebc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

03:05:51.0007 0x0ebc  WmiAcpi - ok

03:05:51.0037 0x0ebc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

03:05:51.0067 0x0ebc  wmiApSrv - ok

03:05:51.0167 0x0ebc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

03:05:51.0259 0x0ebc  WMPNetworkSvc - ok

03:05:51.0279 0x0ebc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

03:05:51.0309 0x0ebc  WPCSvc - ok

03:05:51.0329 0x0ebc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

03:05:51.0359 0x0ebc  WPDBusEnum - ok

03:05:51.0389 0x0ebc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

03:05:51.0419 0x0ebc  ws2ifsl - ok

03:05:51.0459 0x0ebc  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll

03:05:51.0489 0x0ebc  wscsvc - ok

03:05:51.0499 0x0ebc  WSearch - ok

03:05:51.0619 0x0ebc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll

03:05:51.0743 0x0ebc  wuauserv - ok

03:05:51.0784 0x0ebc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

03:05:51.0821 0x0ebc  WudfPf - ok

03:05:51.0851 0x0ebc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

03:05:51.0881 0x0ebc  WUDFRd - ok

03:05:51.0901 0x0ebc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

03:05:51.0931 0x0ebc  wudfsvc - ok

03:05:51.0971 0x0ebc  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll

03:05:52.0001 0x0ebc  WwanSvc - ok

03:05:52.0021 0x0ebc  ================ Scan global ===============================

03:05:52.0051 0x0ebc  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll

03:05:52.0091 0x0ebc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

03:05:52.0121 0x0ebc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

03:05:52.0151 0x0ebc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll

03:05:52.0191 0x0ebc  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe

03:05:52.0201 0x0ebc  [ Global ] - ok

03:05:52.0201 0x0ebc  ================ Scan MBR ==================================

03:05:52.0211 0x0ebc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

03:05:52.0671 0x0ebc  \Device\Harddisk0\DR0 - ok

03:05:52.0681 0x0ebc  ================ Scan VBR ==================================

03:05:52.0691 0x0ebc  [ B92CFCBFF0990C56135FA8180212A509 ] \Device\Harddisk0\DR0\Partition1

03:05:52.0691 0x0ebc  \Device\Harddisk0\DR0\Partition1 - ok

03:05:52.0711 0x0ebc  ================ Scan generic autorun ======================

03:05:52.0751 0x0ebc  [ 4C2ECFF76CE32EC594545152D1DCEB35, 93C089183A47FEACA09D40A3A0142C3BDDBD3712A3C99C6D3E97EECAE38B1A62 ] C:\Windows\system32\igfxtray.exe

03:05:52.0781 0x0ebc  IgfxTray - ok

03:05:52.0861 0x0ebc  [ 1B422F7D2238612919EE9771D26B0208, A656217E36733D704C4AB8755B885085ADB01819C369B0BDF45441286215EF53 ] C:\Windows\system32\hkcmd.exe

03:05:52.0901 0x0ebc  HotKeysCmds - ok

03:05:52.0931 0x0ebc  [ 22884291BD017D70E047D50DAD3C4602, 2D3F34E07C7962606944B38F6D06810E066117FB14A2939DFA80A43966ADE0BB ] C:\Windows\system32\igfxpers.exe

03:05:52.0961 0x0ebc  Persistence - ok

03:05:53.0001 0x0ebc  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

03:05:53.0021 0x0ebc  NUSB3MON - ok

03:05:53.0151 0x0ebc  [ BB7481A1306823D1B6592263F1AB8DD7, 2D48A5DD217D81E99D134580721A1BC65EEFFB22FE9D2C03EAA3D9879F86A5D5 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

03:05:53.0181 0x0ebc  AdobeAAMUpdater-1.0 - ok

03:05:53.0351 0x0ebc  [ 6B90AE01904E5071226E2D2C4397FE52, F58DEC674B2D30AD67347708E4739E9ED2D4774B48CFD30E6009F7412EC597BC ] C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe

03:05:53.0421 0x0ebc  Google Japanese Input Prelauncher - ok

03:05:53.0491 0x0ebc  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe

03:05:53.0551 0x0ebc  BCSSync - ok

03:05:53.0581 0x0ebc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

03:05:53.0621 0x0ebc  SunJavaUpdateSched - ok

03:05:53.0621 0x0ebc  XeroxEndeavorBackgroundTask - ok

03:05:53.0891 0x0ebc  [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

03:05:54.0121 0x0ebc  AvastUI.exe - ok

03:05:54.0370 0x0ebc  [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files\DAEMON Tools Lite\DTLite.exe

03:05:54.0550 0x0ebc  DAEMON Tools Lite - ok

03:05:55.0010 0x0ebc  [ 9544B88064F31774D7D317498A9ABBFA, B4815E6AD0998CD4B183A597B191AD36ACC045A943EE7EB8E9C208B50874ADB1 ] C:\Program Files\Naver\LINE\Line.exe

03:05:55.0190 0x0ebc  Line - ok

03:05:55.0300 0x0ebc  [ E429410581E60535B555DDA729424885, 6324FABE1977E54C9742A466DD39E539BCE2DCD0ECD29700B859B80D3033A20D ] C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe

03:05:55.0370 0x0ebc  DuckCapture - detected UnsignedFile.Multi.Generic ( 1 )

03:05:55.0370 0x0ebc  Detect skipped due to KSN trusted

03:05:55.0370 0x0ebc  DuckCapture - ok

03:05:55.0390 0x0ebc  Skype - ok

03:05:55.0400 0x0ebc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )

03:05:55.0410 0x0ebc  Win FW state via NFP2: enabled

03:05:58.0242 0x0ebc  ============================================================

03:05:58.0242 0x0ebc  Scan finished

03:05:58.0242 0x0ebc  ============================================================

03:05:58.0242 0x1074  Detected object count: 0

03:05:58.0242 0x1074  Actual detected object count: 0
Link to post
Share on other sites

Hi,
did you reset Chrome?
 
 
Step 1

Please copy&paste the following text into the URL-linie of your chrome-browser and delete the "feed.snapdo.com"-entry:
 

chrome://settings/homePageOverlay

 
Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.
Link to post
Share on other sites

Yep, I had reset Chrome from the previous steps!

 

Here is FRST info!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015
Ran by Home (administrator) on HOME-PC on 08-02-2015 16:58:51
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available profiles: Home)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LINE Corporation) C:\Program Files\Naver\LINE\Line.exe
(DuckLink Software) C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe
(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe
(Google Inc.) C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)
HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [Line] => C:\Program Files\Naver\LINE\Line.exe [4031336 2015-02-03] (LINE Corporation)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [DuckCapture] => C:\Program Files\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4195104481-2079486966-316092486-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\oshiete-goo.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\rakuten.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xml
FF Extension: DownloadHelper - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\76dr9cm9.default-1394098711741\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-30]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]
CHR Extension: (4chan X) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-02-02]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]
CHR HKU\S-1-5-21-4195104481-2079486966-316092486-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-09-29] (McAfee, Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 avgwd; "C:\Program Files\AVG\AVG2015\avgwdsvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()
R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [59944 2010-12-11] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18472 2010-12-11] (Broadcom Corporation)
R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [32296 2010-12-10] (Broadcom Corporation)
R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [55336 2010-12-11] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-02-25] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-05] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94520 2014-09-29] (McAfee, Inc.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0103.sys [26880 2014-06-25] (SoftEther Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-25] (Duplex Secure Ltd.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
U3 aatq0g54; C:\Windows\system32\Drivers\aatq0g54.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Home\AppData\Local\Temp\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-07 02:58 - 2015-02-07 02:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Home\Desktop\tdsskiller.exe
2015-02-06 13:57 - 2015-02-06 13:57 - 00000000 ____D () C:\Program Files\ESET
2015-02-06 13:55 - 2015-02-06 13:55 - 02347384 _____ (ESET) C:\Users\Home\Desktop\esetsmartinstaller_enu.exe
2015-02-05 17:24 - 2015-02-05 17:24 - 00012787 _____ () C:\ComboFix.txt
2015-02-05 17:05 - 2015-02-05 17:24 - 00000000 ____D () C:\Qoobox
2015-02-05 17:05 - 2015-02-05 17:22 - 00000000 ____D () C:\Windows\erdnt
2015-02-05 17:05 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-05 17:05 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-05 17:05 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-05 17:05 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-05 17:01 - 2015-02-05 17:02 - 05611380 ____R (Swearware) C:\Users\Home\Downloads\ComboFix.exe
2015-02-05 16:16 - 2015-02-05 18:04 - 00025611 _____ () C:\Users\Home\Desktop\Addition.txt
2015-02-05 16:14 - 2015-02-08 16:59 - 00015107 _____ () C:\Users\Home\Desktop\FRST.txt
2015-02-05 15:28 - 2015-02-08 16:58 - 00000000 ____D () C:\FRST
2015-02-05 14:39 - 2015-02-05 14:40 - 01123328 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2015-01-10 10:33 - 2012-01-13 07:03 - 00000000 ____D () C:\Users\Home\Desktop\Wink - Memories
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-08 16:57 - 2014-02-02 15:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype
2015-02-08 16:57 - 2014-02-01 18:12 - 02061776 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 16:56 - 2014-02-21 17:48 - 00000000 ___RD () C:\Users\Home\Dropbox
2015-02-08 16:56 - 2014-02-21 17:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox
2015-02-08 16:54 - 2014-02-01 18:41 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 16:54 - 2010-11-20 15:48 - 00040982 _____ () C:\Windows\PFRO.log
2015-02-08 16:54 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 16:54 - 2009-07-13 22:39 - 00075962 _____ () C:\Windows\setupact.log
2015-02-08 16:50 - 2014-02-01 18:41 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 13:44 - 2010-11-20 15:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 05:41 - 2014-11-02 23:15 - 00000000 ____D () C:\Users\Home\AppData\Local\JDownloader 2.0
2015-02-07 23:33 - 2014-02-27 15:37 - 00000000 ____D () C:\Users\Home\AppData\Roaming\CUE Tools
2015-02-07 23:24 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\tixati
2015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-06 13:40 - 2009-07-13 22:34 - 00022736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-06 13:25 - 2014-02-03 05:06 - 00000000 ____D () C:\Users\Home\Documents\Note
2015-02-06 01:49 - 2014-02-01 18:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 17:28 - 2014-06-03 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 __RHD () C:\Users\Default
2015-02-05 17:24 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Public
2015-02-05 17:21 - 2009-07-13 20:04 - 00000215 _____ () C:\Windows\system.ini
2015-02-05 14:36 - 2014-06-25 01:23 - 00000000 ____D () C:\Program Files\PacketiX VPN Client
2015-02-05 14:35 - 2014-08-11 02:33 - 00000000 ____D () C:\Program Files\OBS
2015-02-04 23:24 - 2014-09-21 17:56 - 00000000 ____D () C:\Users\Home\Downloads\asn
2015-02-04 18:58 - 2014-04-26 12:32 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-02-04 18:58 - 2014-04-26 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-02-03 21:35 - 2014-02-05 04:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\vlc
2015-01-31 21:49 - 2015-01-05 21:29 - 00000000 ____D () C:\Users\Home\Desktop\jt
2015-01-31 21:03 - 2014-08-05 14:57 - 00000000 ____D () C:\Users\Home\Desktop\Media
2015-01-31 16:14 - 2014-02-06 00:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-23 14:18 - 2014-02-06 00:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-23 14:18 - 2014-02-06 00:48 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-19 21:23 - 2014-03-14 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-19 21:23 - 2014-03-14 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 06:57 - 2014-02-02 15:40 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 06:56 - 2014-10-12 10:55 - 00000000 ___RD () C:\Program Files\Skype
2015-01-09 06:52 - 2014-07-23 02:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
 
==================== Files in the root of some directories =======
 
2014-09-22 18:06 - 2014-09-24 01:03 - 0004535 _____ () C:\Users\Home\AppData\Roaming\CamStudio.cfg
2014-05-10 00:52 - 2014-05-10 00:52 - 0138904 _____ () C:\Users\Home\AppData\Roaming\PnkBstrK.sys
2014-09-22 17:59 - 2014-09-22 17:59 - 0000096 _____ () C:\Users\Home\AppData\Roaming\version2.xml
2014-06-02 23:01 - 2014-06-02 23:01 - 0000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
2014-08-25 14:38 - 2014-08-25 14:38 - 0005129 _____ () C:\Users\Home\AppData\Local\recently-used.xbel
 
Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpatsxm5.dll
C:\Users\Home\AppData\Local\Temp\proxy_vole8283764376109644791.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 02:03
 
==================== End Of Log ============================
Link to post
Share on other sites

Uninstall Combofix:
Type "combofix /uninstall" in the run box (w7.png+R) and hit enter.
3w7i5uxa.png

That's it! abklatsch.gif
Your logs look clean to me at the moment. thumbup2.gif
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free, however...
If I have helped you then please consider donating to continue the fight against malware: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

 

Adobe Flash Player 12 Plugin
Java 7 Update 45

 

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.