Solved MalwareBytes and Firefox?

[GAWoods]

I am having MalwareBytes block outgoing attempt to site 162.210.192.22 multiple times when using Firefox browser. I find this strange because it does not happen with Chrome or IE. I have ran MalwareBytes which finds no problems. I have uninstalled Firefox completely and re-installed a new download version after restart but same thing happens. My virus protection does not indicate a problem but it would seem something is hijacking Firefox. Any ideas?

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[GAWoods]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.24.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Beth :: BETH [administrator]

Protection: Enabled

2/24/2014 1:51:47 PM
mbam-log-2014-02-24 (13-51-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215388
Time elapsed: 4 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798 BrowserJavaVersion: 10.51.2
Run by Beth at 14:38:59 on 2014-02-24
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6030.3961 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe /S
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\34963736F64493138373 : DHCPNameServer = 63.148.157.2 63.148.157.3 205.171.3.65
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\642716E6B6C696E60234F657E6479702055726C6963602353686F6F6C637 : DHCPNameServer = 10.92.208.2
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\845696562747D27657563747 : DHCPNameServer = 74.128.17.114 74.128.19.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Plus-HD-1.3: {11111111-1111-1111-1111-110311121157} -
x64-BHO: Highlightly: {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\bme5wwmz.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe [2012-10-24 68608]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-9-2 166720]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-16 701512]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-2 365376]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-7-24 17152]
R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2012-10-31 61824]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-8-22 21152]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-22 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-16 25928]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-9-2 295056]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-2 683664]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-9-2 2451456]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-10-17 39056]
S4 RealPlayer Desktop Service;RealPlayer Desktop Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2013-12-8 1418336]
S4 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2013-10-25 29320]
.
=============== Created Last 30 ================
.
2014-02-24 15:46:07 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA6D6895-DE18-4A27-8F08-0564AE4E01B9}\mpengine.dll
2014-02-24 15:46:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-02-24 15:41:31 -------- d-----w- C:\Windows\LastGood.Tmp
2014-02-16 15:35:04 -------- d-----w- C:\Program Files\CCleaner
2014-02-16 15:28:49 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-16 14:59:39 -------- d-----w- C:\Users\Beth\AppData\Roaming\Malwarebytes
2014-02-16 14:59:17 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-16 14:59:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-16 14:59:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-13 04:47:25 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-13 04:47:25 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-13 04:47:25 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-13 04:47:25 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
.
==================== Find3M ====================
.
2014-02-24 18:26:26 380 ----a-w- C:\Users\Beth\AppData\Roaming\sp_data.sys
2014-02-17 22:03:37 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03:37 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-08 17:43:09 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-12-08 17:43:09 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 19:46:36 58256 ----a-w- C:\Windows\System32\drivers\hlnfd.sys
.
============= FINISH: 14:39:24.11 ===============


(end)

2014/02/24 06:27:25 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61161, Process: firefox.exe)
2014/02/24 06:27:25 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61162, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61376, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61377, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61378, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61379, Process: firefox.exe)
2014/02/24 06:52:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61790, Process: firefox.exe)
2014/02/24 06:52:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61791, Process: firefox.exe)
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE Starting database refresh
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE Stopping IP protection
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE IP Protection stopped successfully
2014/02/24 10:08:38 -0500 BETH Beth MESSAGE Database refreshed successfully
2014/02/24 10:08:38 -0500 BETH Beth MESSAGE Starting IP protection
2014/02/24 10:08:40 -0500 BETH Beth MESSAGE IP Protection started successfully
2014/02/24 10:11:43 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62006, Process: chrome.exe)
2014/02/24 10:11:43 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62007, Process: chrome.exe)
2014/02/24 10:12:31 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62133, Process: chrome.exe)
2014/02/24 10:12:31 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62134, Process: chrome.exe)
2014/02/24 10:12:47 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62194, Process: chrome.exe)
2014/02/24 10:12:47 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62195, Process: chrome.exe)
2014/02/24 10:15:12 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62256, Process: chrome.exe)
2014/02/24 10:15:12 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62257, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62320, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62321, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62322, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62323, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62348, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62349, Process: chrome.exe)
2014/02/24 10:34:23 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62546, Process: firefox.exe)
2014/02/24 10:34:23 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62550, Process: firefox.exe)
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 11:00:18 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49284, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49288, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49315, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49316, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49317, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49318, Process: firefox.exe)
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 11:42:46 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 11:55:06 -0500 BETH Beth MESSAGE Executing scheduled update: Daily
2014/02/24 11:55:07 -0500 BETH Beth ERROR Scheduled update failed: No address found failed with error code 0
2014/02/24 12:13:56 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49243, Process: chrome.exe)
2014/02/24 12:13:56 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49244, Process: chrome.exe)
2014/02/24 12:14:12 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49265, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49266, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49267, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49268, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49294, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49295, Process: chrome.exe)
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 13:25:30 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 13:28:01 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49237, Process: firefox.exe)
2014/02/24 13:28:01 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49241, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49314, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49316, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49319, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49320, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49336, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49337, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49338, Process: firefox.exe)
2014/02/24 13:32:59 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49339, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49358, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49359, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49435, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49436, Process: firefox.exe)

 

[Broni]

I still need Attach.txt log from DDS.

 

[GAWoods]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 12/24/2012 6:40:19 PM
System Uptime: 2/24/2014 1:24:42 PM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | K55A
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | SOCKET 0 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 227.609 GiB free.
D: is FIXED (NTFS) - 398 GiB total, 397.852 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP60: 2/6/2014 3:00:06 AM - Windows Update
RP61: 2/13/2014 3:00:08 AM - Windows Update
RP62: 2/16/2014 10:27:28 AM - Installed Java 7 Update 51
RP63: 2/21/2014 3:00:03 AM - Windows Update
RP64: 2/24/2014 10:27:55 AM - Removed AVG 2014
.
==== Installed Programs ======================
.
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9) MUI
aioscnnr
Amazon Kindle
ASUS InstantOn
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Smart Gesture
ASUS Splendid Video Enhancement Technology
ASUS Tutor
ASUS USB Charger Plus
ASUS WebStorage Sync Agent
ASUSDVD
AsusVibe2.0
ATK Package
C4USelfUpdater
CCleaner
center
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DMUninstaller
essentials
Google Chrome
Google Update Helper
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Java 7 Update 51
Java Auto Updater
Kodak AIO Printer
KODAK AiO Software
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
ocr
PreReq
PrintProjects
Qualcomm Atheros Client Installation Program
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
RealUpgrade 1.1
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
UpdateService
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)
WinFlash
.
==== End Of File ===========================

 

[Broni]

Download RogueKiller from one of the following links and save it to your Desktop:

• Link 1
• Link 2

• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[GAWoods]

Report from RogueKiller:

RogueKiller V8.8.9 [Feb 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Beth [Admin rights]
Mode : Remove -- Date : 02/24/2014 15:04:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 3 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED
[V2][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED
[V2][SUSP PATH] VisualBeeRecovery : C:\Users\Beth\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-80HXZT3 +++++
--- User ---
[MBR] 19ac8675e980f87b29a338a320bb7672
[BSP] 741ce919bb5be8ebfebbd75f0888fedc : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_02242014_150426.txt >>
RKreport[0]_S_02242014_150404.txt

 

[GAWoods]

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.24.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Beth :: BETH [administrator]

2/24/2014 3:11:32 PM
mbar-log-2014-02-24 (15-11-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 233278
Time elapsed: 12 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16798

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 6322577408, free: 3719008256

Downloaded database version: v2014.02.24.08
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
02/24/2014 15:11:28
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsBaStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\AsusTP.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbfiltr.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\AsHIDSwitch64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800757d060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003b\
Lower Device Object: 0xfffffa8005cd65e0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800757d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800757db10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800757d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004e9fba0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8005cd65e0, DeviceName: \Device\0000003b\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CC1AD6D4

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 683032418
GPT Header CurrentLba = 1 BackupLba 1465149167
GPT Header FirstUsableLba 34 LastUsableLba 1465149134
GPT Header Guid 318e5764-b057-4403-b643-ff4ffcf7b111
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 683032418
Backup GPT header CurrentLba = 1465149167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1465149134
Backup GPT header Guid 318e5764-b057-4403-b643-ff4ffcf7b111
Backup GPT header Contains 128 partition entries starting at LBA 1465149135
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID b5117df1-3bf8-40f5-8a71-b3761ff7b29d
FirstLBA 2048 Last LBA 616447
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 8ee548e6-bce-4e19-9211-c9028ab16f6
FirstLBA 616448 Last LBA 1845247
Attributes 1
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 5f41c7f9-b90a-4477-afc7-31444894c23
FirstLBA 1845248 Last LBA 2107391
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID c3542398-a435-4069-8e7d-4a5f12aa5b35
FirstLBA 2107392 Last LBA 588165119
Attributes 0
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 692ea671-32a4-4a83-886f-10b95ba9872d
FirstLBA 588165120 Last LBA 1423204351
Attributes 0
Partition Name Basic data partition

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID e35f238e-c6ed-40fb-b8ed-4624e3eae15
FirstLBA 1423204352 Last LBA 1465147391
Attributes 1
Partition Name Basic data partition

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Done!
Infected file C:\Users\Beth\AppData\Local\Temp\pgbxyarggttyhb\wajam_validate.exe could not be remediated because backup file is not available
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe-k.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe-u.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe-r.mbam...
Removal finished

 

[Broni]

Download TDSSKiller and save it to your desktop.

• Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[GAWoods]

File upload: TDSSKiller

 

[Broni]

Please observe forum rules.
All logs have to be pasted not attached not to mention zipped.

 

[GAWoods]

Log was too big to be posted will have to break it down.

 

[Broni]

That's the way to do it.

 

[GAWoods]

Part #1

15:42:54.0780 0x0f7c TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
15:42:54.0780 0x0f7c UEFI system
15:42:59.0295 0x0f7c ============================================================
15:42:59.0295 0x0f7c Current date / time: 2014/02/24 15:42:59.0295
15:42:59.0295 0x0f7c SystemInfo:
15:42:59.0295 0x0f7c
15:42:59.0295 0x0f7c OS Version: 6.2.9200 ServicePack: 0.0
15:42:59.0295 0x0f7c Product type: Workstation
15:42:59.0295 0x0f7c ComputerName: BETH
15:42:59.0295 0x0f7c UserName: Beth
15:42:59.0295 0x0f7c Windows directory: C:\Windows
15:42:59.0295 0x0f7c System windows directory: C:\Windows
15:42:59.0295 0x0f7c Running under WOW64
15:42:59.0295 0x0f7c Processor architecture: Intel x64
15:42:59.0295 0x0f7c Number of processors: 4
15:42:59.0295 0x0f7c Page size: 0x1000
15:42:59.0295 0x0f7c Boot type: Normal boot
15:42:59.0295 0x0f7c ============================================================
15:43:00.0139 0x0f7c KLMD registered as C:\Windows\system32\drivers\55126714.sys
15:43:00.0342 0x0f7c System UUID: {FE86F429-002F-2B0B-1C38-0EC25576B25A}
15:43:01.0717 0x0f7c Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:43:01.0717 0x0f7c ============================================================
15:43:01.0717 0x0f7c \Device\Harddisk0\DR0:
15:43:01.0717 0x0f7c GPT partitions:
15:43:01.0717 0x0f7c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B5117DF1-3BF8-40F5-8A71-B3761FF7B29D}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
15:43:01.0717 0x0f7c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8EE548E6-0BCE-4E19-9211-C90028AB16F6}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
15:43:01.0717 0x0f7c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5F41C7F9-B90A-4477-AFC7-314404894C23}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
15:43:01.0733 0x0f7c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C3542398-A435-4069-8E7D-4A5F12AA5B35}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x22EE8800
15:43:01.0733 0x0f7c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {692EA671-32A4-4A83-886F-10B95BA9872D}, Name: Basic data partition, StartLBA 0x230EB000, BlocksNum 0x31C5B000
15:43:01.0733 0x0f7c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E35F238E-C6ED-40FB-B8ED-04624E3EAE15}, Name: Basic data partition, StartLBA 0x54D46000, BlocksNum 0x2800000
15:43:01.0733 0x0f7c MBR partitions:
15:43:01.0733 0x0f7c ============================================================
15:43:01.0733 0x0f7c C: <-> \Device\Harddisk0\DR0\Partition4
15:43:01.0842 0x0f7c D: <-> \Device\Harddisk0\DR0\Partition5
15:43:01.0842 0x0f7c ============================================================
15:43:01.0842 0x0f7c Initialize success
15:43:01.0842 0x0f7c ============================================================
15:43:06.0077 0x13ac ============================================================
15:43:06.0077 0x13ac Scan started
15:43:06.0077 0x13ac Mode: Manual;
15:43:06.0077 0x13ac ============================================================
15:43:06.0077 0x13ac KSN ping started
15:43:08.0515 0x13ac KSN ping finished: true
15:43:08.0827 0x13ac ================ Scan system memory ========================
15:43:08.0827 0x13ac System memory - ok
15:43:08.0827 0x13ac ================ Scan services =============================
15:43:08.0952 0x13ac [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
15:43:08.0968 0x13ac 1394ohci - ok
15:43:08.0983 0x13ac [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
15:43:08.0983 0x13ac 3ware - ok
15:43:09.0015 0x13ac [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:43:09.0030 0x13ac ACPI - ok
15:43:09.0046 0x13ac [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
15:43:09.0046 0x13ac acpiex - ok
15:43:09.0062 0x13ac [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
15:43:09.0062 0x13ac acpipagr - ok
15:43:09.0077 0x13ac [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
15:43:09.0077 0x13ac AcpiPmi - ok
15:43:09.0093 0x13ac [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
15:43:09.0093 0x13ac acpitime - ok
15:43:09.0140 0x13ac [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:43:09.0155 0x13ac AdobeARMservice - ok
15:43:09.0249 0x13ac [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:09.0249 0x13ac AdobeFlashPlayerUpdateSvc - ok
15:43:09.0280 0x13ac [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:43:09.0280 0x13ac adp94xx - ok
15:43:09.0296 0x13ac [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:43:09.0296 0x13ac adpahci - ok
15:43:09.0312 0x13ac [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:43:09.0312 0x13ac adpu320 - ok
15:43:09.0343 0x13ac [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:43:09.0343 0x13ac AeLookupSvc - ok
15:43:09.0390 0x13ac [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\Windows\system32\drivers\afd.sys
15:43:09.0405 0x13ac AFD - ok
15:43:09.0452 0x13ac [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
15:43:09.0483 0x13ac AgereSoftModem - ok
15:43:09.0499 0x13ac [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:43:09.0499 0x13ac agp440 - ok
15:43:09.0515 0x13ac [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
15:43:09.0530 0x13ac AiCharger - ok
15:43:09.0546 0x13ac [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
15:43:09.0546 0x13ac ALG - ok
15:43:09.0577 0x13ac [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
15:43:09.0577 0x13ac AllUserInstallAgent - ok
15:43:09.0593 0x13ac [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
15:43:09.0608 0x13ac AmdK8 - ok
15:43:09.0608 0x13ac [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
15:43:09.0608 0x13ac AmdPPM - ok
15:43:09.0624 0x13ac [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:43:09.0624 0x13ac amdsata - ok
15:43:09.0640 0x13ac [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:43:09.0655 0x13ac amdsbs - ok
15:43:09.0655 0x13ac [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:43:09.0655 0x13ac amdxata - ok
15:43:09.0671 0x13ac [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
15:43:09.0671 0x13ac AppID - ok
15:43:09.0687 0x13ac [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:43:09.0702 0x13ac AppIDSvc - ok
15:43:09.0718 0x13ac [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
15:43:09.0718 0x13ac Appinfo - ok
15:43:09.0718 0x13ac [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
15:43:09.0733 0x13ac arc - ok
15:43:09.0733 0x13ac [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:43:09.0749 0x13ac arcsas - ok
15:43:09.0827 0x13ac [ FA713019412C061385F09BD373BF747A, 83ED108FEE95BA7CBE87C845154F97FCB4597F9D9BEC1F802B92D8994BD5931D ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:43:09.0827 0x13ac ASLDRService - ok
15:43:09.0843 0x13ac [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:43:09.0843 0x13ac ASMMAP64 - ok
15:43:09.0874 0x13ac [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
15:43:09.0874 0x13ac ASUS InstantOn - ok
15:43:09.0937 0x13ac [ 24F433B99D1774BD50FCD6B2CFEC1905, DE208D7F6AF3F7B66F55238837E8FAC34E6FFD56DB80EB86CA1831131C4C00CF ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe
15:43:09.0937 0x13ac Asus WebStorage Windows Service - ok
15:43:09.0952 0x13ac [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:09.0952 0x13ac AsyncMac - ok
15:43:09.0968 0x13ac [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
15:43:09.0968 0x13ac atapi - ok
15:43:10.0093 0x13ac [ A34167BD20D771B8E68F2C41CC85168C, 33E5ACA0D853918E1DE2B9544A6B0B616C09CA92013B1D99C7F48655B1DDB4A9 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
15:43:10.0187 0x13ac athr - ok
15:43:10.0218 0x13ac [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:43:10.0218 0x13ac ATKGFNEXSrv - ok
15:43:10.0233 0x13ac [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:43:10.0233 0x13ac ATKWMIACPIIO - ok
15:43:10.0249 0x13ac [ 437EB91CB20144375DDE145149778405, 5E76CDE2B3C852755F6E54AF774E9BECDF472103D83B815899333DE268536B98 ] ATP C:\Windows\System32\drivers\AsusTP.sys
15:43:10.0249 0x13ac ATP - ok
15:43:10.0280 0x13ac [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:43:10.0280 0x13ac AudioEndpointBuilder - ok
15:43:10.0343 0x13ac [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:43:10.0359 0x13ac Audiosrv - ok
15:43:10.0390 0x13ac [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:43:10.0390 0x13ac AxInstSV - ok
15:43:10.0437 0x13ac [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:43:10.0437 0x13ac b06bdrv - ok
15:43:10.0452 0x13ac [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
15:43:10.0452 0x13ac BasicDisplay - ok
15:43:10.0468 0x13ac [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
15:43:10.0468 0x13ac BasicRender - ok
15:43:10.0499 0x13ac [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
15:43:10.0515 0x13ac BDESVC - ok
15:43:10.0515 0x13ac [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
15:43:10.0515 0x13ac Beep - ok
15:43:10.0562 0x13ac [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\Windows\System32\bfe.dll
15:43:10.0577 0x13ac BFE - ok
15:43:10.0640 0x13ac [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
15:43:10.0671 0x13ac BITS - ok
15:43:10.0702 0x13ac [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:43:10.0702 0x13ac bowser - ok
15:43:10.0718 0x13ac [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:43:10.0734 0x13ac BrokerInfrastructure - ok
15:43:10.0765 0x13ac [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
15:43:10.0765 0x13ac Browser - ok
15:43:10.0780 0x13ac [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
15:43:10.0780 0x13ac BthAvrcpTg - ok
15:43:10.0812 0x13ac [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
15:43:10.0812 0x13ac BthEnum - ok
15:43:10.0843 0x13ac [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
15:43:10.0843 0x13ac BthHFEnum - ok
15:43:10.0874 0x13ac [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
15:43:10.0874 0x13ac bthhfhid - ok
15:43:10.0874 0x13ac [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
15:43:10.0874 0x13ac BTHMODEM - ok
15:43:10.0921 0x13ac [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:43:10.0921 0x13ac BthPan - ok
15:43:10.0968 0x13ac [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:43:10.0984 0x13ac BTHPORT - ok
15:43:11.0015 0x13ac [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
15:43:11.0015 0x13ac bthserv - ok
15:43:11.0046 0x13ac [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:43:11.0046 0x13ac BTHUSB - ok
15:43:11.0062 0x13ac [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:43:11.0062 0x13ac cdfs - ok
15:43:11.0077 0x13ac [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
15:43:11.0077 0x13ac cdrom - ok
15:43:11.0093 0x13ac [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
15:43:11.0109 0x13ac CertPropSvc - ok
15:43:11.0109 0x13ac [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
15:43:11.0109 0x13ac circlass - ok
15:43:11.0124 0x13ac [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\Windows\system32\drivers\CLFS.sys
15:43:11.0140 0x13ac CLFS - ok
15:43:11.0155 0x13ac [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
15:43:11.0155 0x13ac CmBatt - ok
15:43:11.0187 0x13ac [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\Windows\system32\Drivers\cng.sys
15:43:11.0202 0x13ac CNG - ok
15:43:11.0218 0x13ac [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
15:43:11.0218 0x13ac CompositeBus - ok
15:43:11.0218 0x13ac COMSysApp - ok
15:43:11.0234 0x13ac [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
15:43:11.0234 0x13ac condrv - ok
15:43:11.0312 0x13ac [ 9F5AFC3EE57412798B1A559B620386A0, DD50CDCEC64EB83B86FA3720919620233E2E963B4067234AF5DB5472F8B388BA ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:43:11.0327 0x13ac cphs - ok
15:43:11.0359 0x13ac [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:43:11.0359 0x13ac CryptSvc - ok
15:43:11.0374 0x13ac [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
15:43:11.0374 0x13ac dam - ok
15:43:11.0421 0x13ac [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:43:11.0437 0x13ac DcomLaunch - ok
15:43:11.0468 0x13ac [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\Windows\System32\defragsvc.dll
15:43:11.0468 0x13ac defragsvc - ok
15:43:11.0484 0x13ac [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
15:43:11.0499 0x13ac DeviceAssociationService - ok
15:43:11.0515 0x13ac [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
15:43:11.0515 0x13ac DeviceInstall - ok
15:43:11.0546 0x13ac [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
15:43:11.0546 0x13ac Dfsc - ok
15:43:11.0577 0x13ac [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:43:11.0593 0x13ac dg_ssudbus - ok
15:43:11.0624 0x13ac [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:43:11.0624 0x13ac Dhcp - ok
15:43:11.0640 0x13ac [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
15:43:11.0640 0x13ac discache - ok
15:43:11.0655 0x13ac [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
15:43:11.0655 0x13ac disk - ok
15:43:11.0671 0x13ac [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
15:43:11.0671 0x13ac dmvsc - ok
15:43:11.0702 0x13ac [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:43:11.0702 0x13ac Dnscache - ok
15:43:11.0718 0x13ac [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
15:43:11.0734 0x13ac dot3svc - ok
15:43:11.0749 0x13ac [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
15:43:11.0749 0x13ac DPS - ok
15:43:11.0765 0x13ac [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:43:11.0765 0x13ac drmkaud - ok
15:43:11.0796 0x13ac [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
15:43:11.0796 0x13ac DsmSvc - ok
15:43:11.0859 0x13ac [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:43:11.0890 0x13ac DXGKrnl - ok
15:43:11.0921 0x13ac [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress C:\Windows\system32\DRIVERS\e1i63x64.sys
15:43:11.0937 0x13ac e1iexpress - ok
15:43:11.0952 0x13ac [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
15:43:11.0952 0x13ac Eaphost - ok
15:43:12.0077 0x13ac [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:43:12.0155 0x13ac ebdrv - ok
15:43:12.0171 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\Windows\System32\lsass.exe
15:43:12.0171 0x13ac EFS - ok
15:43:12.0187 0x13ac [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
15:43:12.0187 0x13ac EhStorClass - ok
15:43:12.0202 0x13ac [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:43:12.0202 0x13ac EhStorTcgDrv - ok
15:43:12.0234 0x13ac [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
15:43:12.0234 0x13ac ErrDev - ok
15:43:12.0265 0x13ac [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
15:43:12.0280 0x13ac EventSystem - ok
15:43:12.0296 0x13ac [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
15:43:12.0296 0x13ac exfat - ok
15:43:12.0312 0x13ac [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:43:12.0312 0x13ac fastfat - ok
15:43:12.0359 0x13ac [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
15:43:12.0374 0x13ac Fax - ok
15:43:12.0390 0x13ac [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
15:43:12.0390 0x13ac fdc - ok
15:43:12.0421 0x13ac [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
15:43:12.0421 0x13ac fdPHost - ok
15:43:12.0437 0x13ac [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
15:43:12.0437 0x13ac FDResPub - ok
15:43:12.0468 0x13ac [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
15:43:12.0468 0x13ac fhsvc - ok
15:43:12.0484 0x13ac [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:43:12.0484 0x13ac FileInfo - ok
15:43:12.0499 0x13ac [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:43:12.0499 0x13ac Filetrace - ok
15:43:12.0515 0x13ac [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
15:43:12.0515 0x13ac flpydisk - ok
15:43:12.0531 0x13ac [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:43:12.0546 0x13ac FltMgr - ok
15:43:12.0593 0x13ac [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\Windows\system32\FntCache.dll
15:43:12.0640 0x13ac FontCache - ok
15:43:12.0702 0x13ac [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:43:12.0702 0x13ac FontCache3.0.0.0 - ok
15:43:12.0718 0x13ac [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:43:12.0718 0x13ac FsDepends - ok
15:43:12.0734 0x13ac [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:43:12.0734 0x13ac Fs_Rec - ok
15:43:12.0796 0x13ac [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:43:12.0812 0x13ac fvevol - ok
15:43:12.0827 0x13ac [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
15:43:12.0827 0x13ac FxPPM - ok
15:43:12.0843 0x13ac [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:43:12.0843 0x13ac gagp30kx - ok
15:43:12.0874 0x13ac [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
15:43:12.0874 0x13ac gencounter - ok
15:43:12.0906 0x13ac [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
15:43:12.0906 0x13ac GPIOClx0101 - ok
15:43:12.0952 0x13ac [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
15:43:12.0999 0x13ac gpsvc - ok
15:43:13.0077 0x13ac [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:43:13.0077 0x13ac gupdate - ok
15:43:13.0077 0x13ac [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:43:13.0077 0x13ac gupdatem - ok
15:43:13.0124 0x13ac [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:43:13.0124 0x13ac HdAudAddService - ok
15:43:13.0156 0x13ac [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
15:43:13.0156 0x13ac HDAudBus - ok
15:43:13.0187 0x13ac [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
15:43:13.0187 0x13ac HidBatt - ok
15:43:13.0202 0x13ac [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
15:43:13.0218 0x13ac HidBth - ok
15:43:13.0234 0x13ac [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
15:43:13.0234 0x13ac hidi2c - ok
15:43:13.0249 0x13ac [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
15:43:13.0249 0x13ac HidIr - ok
15:43:13.0265 0x13ac [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
15:43:13.0265 0x13ac hidserv - ok
15:43:13.0296 0x13ac [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\Windows\System32\drivers\AsHIDSwitch64.sys
15:43:13.0296 0x13ac HIDSwitch - ok
15:43:13.0312 0x13ac [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
15:43:13.0312 0x13ac HidUsb - ok
15:43:13.0327 0x13ac [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1

 

[GAWoods]

Part #2

15:43:13.0343 0x13ac hkmsvc - ok
15:43:13.0390 0x13ac [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:43:13.0390 0x13ac HomeGroupListener - ok
15:43:13.0421 0x13ac [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:43:13.0437 0x13ac HomeGroupProvider - ok
15:43:13.0452 0x13ac [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:43:13.0452 0x13ac HpSAMD - ok
15:43:13.0499 0x13ac [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:43:13.0531 0x13ac HTTP - ok
15:43:13.0546 0x13ac [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:43:13.0546 0x13ac hwpolicy - ok
15:43:13.0562 0x13ac [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
15:43:13.0562 0x13ac hyperkbd - ok
15:43:13.0562 0x13ac [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
15:43:13.0562 0x13ac HyperVideo - ok
15:43:13.0593 0x13ac [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
15:43:13.0593 0x13ac i8042prt - ok
15:43:13.0640 0x13ac [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
15:43:13.0640 0x13ac iaStorA - ok
15:43:13.0671 0x13ac [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:43:13.0687 0x13ac iaStorV - ok
15:43:13.0781 0x13ac [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:43:13.0812 0x13ac IconMan_R - ok
15:43:14.0046 0x13ac [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:43:14.0187 0x13ac igfx - ok
15:43:14.0202 0x13ac [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:43:14.0202 0x13ac iirsp - ok
15:43:14.0265 0x13ac [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\Windows\System32\ikeext.dll
15:43:14.0296 0x13ac IKEEXT - ok
15:43:14.0421 0x13ac [ DF74EBA74729CD86D011AB52111D6802, BEB72F83B7049A36C5B45F10C33EF4684ED5C55E6546B6D86D59DE65E15B08CB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:43:14.0531 0x13ac IntcAzAudAddService - ok
15:43:14.0562 0x13ac [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:43:14.0562 0x13ac IntcDAud - ok
15:43:14.0640 0x13ac [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:43:14.0656 0x13ac Intel(R) Capability Licensing Service Interface - ok
15:43:14.0656 0x13ac [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
15:43:14.0656 0x13ac intelide - ok
15:43:14.0687 0x13ac [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
15:43:14.0687 0x13ac intelppm - ok
15:43:14.0718 0x13ac [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:14.0718 0x13ac IpFilterDriver - ok
15:43:14.0781 0x13ac [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:43:14.0812 0x13ac iphlpsvc - ok
15:43:14.0843 0x13ac [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
15:43:14.0843 0x13ac IPMIDRV - ok
15:43:14.0859 0x13ac [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:43:14.0859 0x13ac IPNAT - ok
15:43:14.0874 0x13ac [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:43:14.0874 0x13ac IRENUM - ok
15:43:14.0890 0x13ac [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:43:14.0890 0x13ac isapnp - ok
15:43:14.0921 0x13ac [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
15:43:14.0921 0x13ac iScsiPrt - ok
15:43:14.0999 0x13ac [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:43:14.0999 0x13ac jhi_service - ok
15:43:14.0999 0x13ac [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
15:43:14.0999 0x13ac kbdclass - ok
15:43:15.0031 0x13ac [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
15:43:15.0031 0x13ac kbdhid - ok
15:43:15.0046 0x13ac [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\Windows\System32\drivers\kbfiltr.sys
15:43:15.0046 0x13ac kbfiltr - ok
15:43:15.0062 0x13ac [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
15:43:15.0062 0x13ac kdnic - ok
15:43:15.0077 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\Windows\system32\lsass.exe
15:43:15.0077 0x13ac KeyIso - ok
15:43:15.0156 0x13ac [ 140692763A50BFFF322CDC076300587E, 4B6D9AE479EDDB429C1DE36406517FA65C2B3927B20792B3A27CEE05A6B7A3AB ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:43:15.0171 0x13ac Kodak AiO Network Discovery Service - ok
15:43:15.0203 0x13ac [ E29F999616D7C08B0E91296908C47CAF, 285594B526A15911238B89E5FCBCFFA48A6C69CCC481918D2C474C6BB12869E6 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:43:15.0218 0x13ac Kodak AiO Status Monitor Service - ok
15:43:15.0249 0x13ac [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:43:15.0249 0x13ac KSecDD - ok
15:43:15.0281 0x13ac [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:43:15.0281 0x13ac KSecPkg - ok
15:43:15.0312 0x13ac [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:43:15.0312 0x13ac ksthunk - ok
15:43:15.0343 0x13ac [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:43:15.0359 0x13ac KtmRm - ok
15:43:15.0390 0x13ac [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:43:15.0390 0x13ac LanmanServer - ok
15:43:15.0421 0x13ac [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:43:15.0421 0x13ac LanmanWorkstation - ok
15:43:15.0437 0x13ac [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:43:15.0437 0x13ac lltdio - ok
15:43:15.0468 0x13ac [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:43:15.0468 0x13ac lltdsvc - ok
15:43:15.0484 0x13ac [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:43:15.0499 0x13ac lmhosts - ok
15:43:15.0515 0x13ac [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:43:15.0515 0x13ac LMS - ok
15:43:15.0531 0x13ac [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:43:15.0531 0x13ac LSI_SAS - ok
15:43:15.0546 0x13ac [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:43:15.0546 0x13ac LSI_SAS2 - ok
15:43:15.0562 0x13ac [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:43:15.0562 0x13ac LSI_SCSI - ok
15:43:15.0578 0x13ac [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
15:43:15.0578 0x13ac LSI_SSS - ok
15:43:15.0609 0x13ac [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\Windows\System32\lsm.dll
15:43:15.0624 0x13ac LSM - ok
15:43:15.0640 0x13ac [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
15:43:15.0640 0x13ac luafv - ok
15:43:15.0671 0x13ac [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:43:15.0671 0x13ac MBAMProtector - ok
15:43:15.0718 0x13ac [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:43:15.0718 0x13ac MBAMScheduler - ok
15:43:15.0749 0x13ac [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:43:15.0765 0x13ac MBAMService - ok
15:43:15.0781 0x13ac [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
15:43:15.0781 0x13ac megasas - ok
15:43:15.0796 0x13ac [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:43:15.0796 0x13ac MegaSR - ok
15:43:15.0828 0x13ac [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
15:43:15.0828 0x13ac MEIx64 - ok
15:43:15.0859 0x13ac [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
15:43:15.0859 0x13ac MMCSS - ok
15:43:15.0874 0x13ac [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
15:43:15.0874 0x13ac Modem - ok
15:43:15.0906 0x13ac [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
15:43:15.0906 0x13ac monitor - ok
15:43:15.0906 0x13ac [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
15:43:15.0906 0x13ac mouclass - ok
15:43:15.0921 0x13ac [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
15:43:15.0921 0x13ac mouhid - ok
15:43:15.0937 0x13ac [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:43:15.0937 0x13ac mountmgr - ok
15:43:15.0984 0x13ac [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:43:15.0984 0x13ac MozillaMaintenance - ok
15:43:16.0015 0x13ac [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:43:16.0015 0x13ac mpsdrv - ok
15:43:16.0062 0x13ac [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:43:16.0093 0x13ac MpsSvc - ok
15:43:16.0109 0x13ac [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:43:16.0109 0x13ac MRxDAV - ok
15:43:16.0156 0x13ac [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:16.0156 0x13ac mrxsmb - ok
15:43:16.0187 0x13ac [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:16.0187 0x13ac mrxsmb10 - ok
15:43:16.0218 0x13ac [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:16.0218 0x13ac mrxsmb20 - ok
15:43:16.0249 0x13ac [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
15:43:16.0249 0x13ac MsBridge - ok
15:43:16.0281 0x13ac [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
15:43:16.0296 0x13ac MSDTC - ok
15:43:16.0312 0x13ac [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:43:16.0312 0x13ac Msfs - ok
15:43:16.0343 0x13ac [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
15:43:16.0343 0x13ac msgpiowin32 - ok
15:43:16.0359 0x13ac [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:43:16.0359 0x13ac mshidkmdf - ok
15:43:16.0359 0x13ac [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
15:43:16.0359 0x13ac mshidumdf - ok
15:43:16.0374 0x13ac [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:43:16.0374 0x13ac msisadrv - ok
15:43:16.0406 0x13ac [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:43:16.0406 0x13ac MSiSCSI - ok
15:43:16.0421 0x13ac msiserver - ok
15:43:16.0437 0x13ac [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:43:16.0437 0x13ac MSKSSRV - ok
15:43:16.0453 0x13ac [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
15:43:16.0453 0x13ac MsLldp - ok
15:43:16.0453 0x13ac [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:16.0453 0x13ac MSPCLOCK - ok
15:43:16.0453 0x13ac [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:43:16.0453 0x13ac MSPQM - ok
15:43:16.0484 0x13ac [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:43:16.0499 0x13ac MsRPC - ok
15:43:16.0515 0x13ac [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
15:43:16.0515 0x13ac mssmbios - ok
15:43:16.0515 0x13ac [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:43:16.0515 0x13ac MSTEE - ok
15:43:16.0531 0x13ac [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
15:43:16.0531 0x13ac MTConfig - ok
15:43:16.0546 0x13ac [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
15:43:16.0546 0x13ac Mup - ok
15:43:16.0562 0x13ac [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
15:43:16.0562 0x13ac mvumis - ok
15:43:16.0609 0x13ac [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
15:43:16.0609 0x13ac napagent - ok
15:43:16.0640 0x13ac [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:43:16.0640 0x13ac NativeWifiP - ok
15:43:16.0671 0x13ac [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
15:43:16.0687 0x13ac NcaSvc - ok
15:43:16.0687 0x13ac [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
15:43:16.0703 0x13ac NcdAutoSetup - ok
15:43:16.0749 0x13ac [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
15:43:16.0765 0x13ac NDIS - ok
15:43:16.0781 0x13ac [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:16.0781 0x13ac NdisCap - ok
15:43:16.0796 0x13ac [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:43:16.0796 0x13ac NdisImPlatform - ok
15:43:16.0812 0x13ac [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:16.0812 0x13ac NdisTapi - ok
15:43:16.0828 0x13ac [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:16.0828 0x13ac Ndisuio - ok
15:43:16.0843 0x13ac [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:16.0843 0x13ac NdisWan - ok
15:43:16.0843 0x13ac [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:16.0843 0x13ac NDISWANLEGACY - ok
15:43:16.0874 0x13ac [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:43:16.0874 0x13ac NDProxy - ok
15:43:16.0890 0x13ac [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
15:43:16.0890 0x13ac Ndu - ok
15:43:16.0906 0x13ac [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:43:16.0906 0x13ac NetBIOS - ok
15:43:16.0906 0x13ac [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:43:16.0921 0x13ac NetBT - ok
15:43:16.0937 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\Windows\system32\lsass.exe
15:43:16.0937 0x13ac Netlogon - ok
15:43:16.0968 0x13ac [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
15:43:16.0968 0x13ac Netman - ok
15:43:17.0000 0x13ac [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
15:43:17.0015 0x13ac netprofm - ok
15:43:17.0062 0x13ac [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:17.0062 0x13ac NetTcpPortSharing - ok
15:43:17.0296 0x13ac [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:43:17.0437 0x13ac NETwNs64 - ok
15:43:17.0453 0x13ac [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:43:17.0468 0x13ac nfrd960 - ok
15:43:17.0484 0x13ac [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:43:17.0500 0x13ac NlaSvc - ok
15:43:17.0515 0x13ac [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:43:17.0515 0x13ac Npfs - ok
15:43:17.0531 0x13ac [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
15:43:17.0531 0x13ac npsvctrig - ok

 

[GAWoods]

Part #2

15:43:13.0343 0x13ac hkmsvc - ok
15:43:13.0390 0x13ac [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:43:13.0390 0x13ac HomeGroupListener - ok
15:43:13.0421 0x13ac [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:43:13.0437 0x13ac HomeGroupProvider - ok
15:43:13.0452 0x13ac [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:43:13.0452 0x13ac HpSAMD - ok
15:43:13.0499 0x13ac [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:43:13.0531 0x13ac HTTP - ok
15:43:13.0546 0x13ac [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:43:13.0546 0x13ac hwpolicy - ok
15:43:13.0562 0x13ac [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
15:43:13.0562 0x13ac hyperkbd - ok
15:43:13.0562 0x13ac [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
15:43:13.0562 0x13ac HyperVideo - ok
15:43:13.0593 0x13ac [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
15:43:13.0593 0x13ac i8042prt - ok
15:43:13.0640 0x13ac [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
15:43:13.0640 0x13ac iaStorA - ok
15:43:13.0671 0x13ac [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:43:13.0687 0x13ac iaStorV - ok
15:43:13.0781 0x13ac [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:43:13.0812 0x13ac IconMan_R - ok
15:43:14.0046 0x13ac [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:43:14.0187 0x13ac igfx - ok
15:43:14.0202 0x13ac [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:43:14.0202 0x13ac iirsp - ok
15:43:14.0265 0x13ac [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\Windows\System32\ikeext.dll
15:43:14.0296 0x13ac IKEEXT - ok
15:43:14.0421 0x13ac [ DF74EBA74729CD86D011AB52111D6802, BEB72F83B7049A36C5B45F10C33EF4684ED5C55E6546B6D86D59DE65E15B08CB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:43:14.0531 0x13ac IntcAzAudAddService - ok
15:43:14.0562 0x13ac [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:43:14.0562 0x13ac IntcDAud - ok
15:43:14.0640 0x13ac [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:43:14.0656 0x13ac Intel(R) Capability Licensing Service Interface - ok
15:43:14.0656 0x13ac [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
15:43:14.0656 0x13ac intelide - ok
15:43:14.0687 0x13ac [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
15:43:14.0687 0x13ac intelppm - ok
15:43:14.0718 0x13ac [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:14.0718 0x13ac IpFilterDriver - ok
15:43:14.0781 0x13ac [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:43:14.0812 0x13ac iphlpsvc - ok
15:43:14.0843 0x13ac [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
15:43:14.0843 0x13ac IPMIDRV - ok
15:43:14.0859 0x13ac [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:43:14.0859 0x13ac IPNAT - ok
15:43:14.0874 0x13ac [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:43:14.0874 0x13ac IRENUM - ok
15:43:14.0890 0x13ac [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:43:14.0890 0x13ac isapnp - ok
15:43:14.0921 0x13ac [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
15:43:14.0921 0x13ac iScsiPrt - ok
15:43:14.0999 0x13ac [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:43:14.0999 0x13ac jhi_service - ok
15:43:14.0999 0x13ac [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
15:43:14.0999 0x13ac kbdclass - ok
15:43:15.0031 0x13ac [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
15:43:15.0031 0x13ac kbdhid - ok
15:43:15.0046 0x13ac [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\Windows\System32\drivers\kbfiltr.sys
15:43:15.0046 0x13ac kbfiltr - ok
15:43:15.0062 0x13ac [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
15:43:15.0062 0x13ac kdnic - ok
15:43:15.0077 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\Windows\system32\lsass.exe
15:43:15.0077 0x13ac KeyIso - ok
15:43:15.0156 0x13ac [ 140692763A50BFFF322CDC076300587E, 4B6D9AE479EDDB429C1DE36406517FA65C2B3927B20792B3A27CEE05A6B7A3AB ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:43:15.0171 0x13ac Kodak AiO Network Discovery Service - ok
15:43:15.0203 0x13ac [ E29F999616D7C08B0E91296908C47CAF, 285594B526A15911238B89E5FCBCFFA48A6C69CCC481918D2C474C6BB12869E6 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:43:15.0218 0x13ac Kodak AiO Status Monitor Service - ok
15:43:15.0249 0x13ac [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:43:15.0249 0x13ac KSecDD - ok
15:43:15.0281 0x13ac [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:43:15.0281 0x13ac KSecPkg - ok
15:43:15.0312 0x13ac [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:43:15.0312 0x13ac ksthunk - ok
15:43:15.0343 0x13ac [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:43:15.0359 0x13ac KtmRm - ok
15:43:15.0390 0x13ac [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:43:15.0390 0x13ac LanmanServer - ok
15:43:15.0421 0x13ac [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:43:15.0421 0x13ac LanmanWorkstation - ok
15:43:15.0437 0x13ac [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:43:15.0437 0x13ac lltdio - ok
15:43:15.0468 0x13ac [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:43:15.0468 0x13ac lltdsvc - ok
15:43:15.0484 0x13ac [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:43:15.0499 0x13ac lmhosts - ok
15:43:15.0515 0x13ac [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:43:15.0515 0x13ac LMS - ok
15:43:15.0531 0x13ac [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:43:15.0531 0x13ac LSI_SAS - ok
15:43:15.0546 0x13ac [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:43:15.0546 0x13ac LSI_SAS2 - ok
15:43:15.0562 0x13ac [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:43:15.0562 0x13ac LSI_SCSI - ok
15:43:15.0578 0x13ac [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
15:43:15.0578 0x13ac LSI_SSS - ok
15:43:15.0609 0x13ac [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\Windows\System32\lsm.dll
15:43:15.0624 0x13ac LSM - ok
15:43:15.0640 0x13ac [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
15:43:15.0640 0x13ac luafv - ok
15:43:15.0671 0x13ac [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:43:15.0671 0x13ac MBAMProtector - ok
15:43:15.0718 0x13ac [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:43:15.0718 0x13ac MBAMScheduler - ok
15:43:15.0749 0x13ac [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:43:15.0765 0x13ac MBAMService - ok
15:43:15.0781 0x13ac [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
15:43:15.0781 0x13ac megasas - ok
15:43:15.0796 0x13ac [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:43:15.0796 0x13ac MegaSR - ok
15:43:15.0828 0x13ac [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
15:43:15.0828 0x13ac MEIx64 - ok
15:43:15.0859 0x13ac [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
15:43:15.0859 0x13ac MMCSS - ok
15:43:15.0874 0x13ac [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
15:43:15.0874 0x13ac Modem - ok
15:43:15.0906 0x13ac [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
15:43:15.0906 0x13ac monitor - ok
15:43:15.0906 0x13ac [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
15:43:15.0906 0x13ac mouclass - ok
15:43:15.0921 0x13ac [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
15:43:15.0921 0x13ac mouhid - ok
15:43:15.0937 0x13ac [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:43:15.0937 0x13ac mountmgr - ok
15:43:15.0984 0x13ac [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:43:15.0984 0x13ac MozillaMaintenance - ok
15:43:16.0015 0x13ac [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:43:16.0015 0x13ac mpsdrv - ok
15:43:16.0062 0x13ac [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:43:16.0093 0x13ac MpsSvc - ok
15:43:16.0109 0x13ac [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:43:16.0109 0x13ac MRxDAV - ok
15:43:16.0156 0x13ac [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:16.0156 0x13ac mrxsmb - ok
15:43:16.0187 0x13ac [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:16.0187 0x13ac mrxsmb10 - ok
15:43:16.0218 0x13ac [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:16.0218 0x13ac mrxsmb20 - ok
15:43:16.0249 0x13ac [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
15:43:16.0249 0x13ac MsBridge - ok
15:43:16.0281 0x13ac [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
15:43:16.0296 0x13ac MSDTC - ok
15:43:16.0312 0x13ac [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:43:16.0312 0x13ac Msfs - ok
15:43:16.0343 0x13ac [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
15:43:16.0343 0x13ac msgpiowin32 - ok
15:43:16.0359 0x13ac [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:43:16.0359 0x13ac mshidkmdf - ok
15:43:16.0359 0x13ac [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
15:43:16.0359 0x13ac mshidumdf - ok
15:43:16.0374 0x13ac [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:43:16.0374 0x13ac msisadrv - ok
15:43:16.0406 0x13ac [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:43:16.0406 0x13ac MSiSCSI - ok
15:43:16.0421 0x13ac msiserver - ok
15:43:16.0437 0x13ac [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:43:16.0437 0x13ac MSKSSRV - ok
15:43:16.0453 0x13ac [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
15:43:16.0453 0x13ac MsLldp - ok
15:43:16.0453 0x13ac [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:16.0453 0x13ac MSPCLOCK - ok
15:43:16.0453 0x13ac [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:43:16.0453 0x13ac MSPQM - ok
15:43:16.0484 0x13ac [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:43:16.0499 0x13ac MsRPC - ok
15:43:16.0515 0x13ac [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
15:43:16.0515 0x13ac mssmbios - ok
15:43:16.0515 0x13ac [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:43:16.0515 0x13ac MSTEE - ok
15:43:16.0531 0x13ac [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
15:43:16.0531 0x13ac MTConfig - ok
15:43:16.0546 0x13ac [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
15:43:16.0546 0x13ac Mup - ok
15:43:16.0562 0x13ac [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
15:43:16.0562 0x13ac mvumis - ok
15:43:16.0609 0x13ac [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
15:43:16.0609 0x13ac napagent - ok
15:43:16.0640 0x13ac [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:43:16.0640 0x13ac NativeWifiP - ok
15:43:16.0671 0x13ac [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
15:43:16.0687 0x13ac NcaSvc - ok
15:43:16.0687 0x13ac [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
15:43:16.0703 0x13ac NcdAutoSetup - ok
15:43:16.0749 0x13ac [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
15:43:16.0765 0x13ac NDIS - ok
15:43:16.0781 0x13ac [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:16.0781 0x13ac NdisCap - ok
15:43:16.0796 0x13ac [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:43:16.0796 0x13ac NdisImPlatform - ok
15:43:16.0812 0x13ac [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:16.0812 0x13ac NdisTapi - ok
15:43:16.0828 0x13ac [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:16.0828 0x13ac Ndisuio - ok
15:43:16.0843 0x13ac [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:16.0843 0x13ac NdisWan - ok
15:43:16.0843 0x13ac [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:16.0843 0x13ac NDISWANLEGACY - ok
15:43:16.0874 0x13ac [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:43:16.0874 0x13ac NDProxy - ok
15:43:16.0890 0x13ac [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
15:43:16.0890 0x13ac Ndu - ok
15:43:16.0906 0x13ac [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:43:16.0906 0x13ac NetBIOS - ok
15:43:16.0906 0x13ac [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:43:16.0921 0x13ac NetBT - ok
15:43:16.0937 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\Windows\system32\lsass.exe
15:43:16.0937 0x13ac Netlogon - ok
15:43:16.0968 0x13ac [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
15:43:16.0968 0x13ac Netman - ok
15:43:17.0000 0x13ac [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
15:43:17.0015 0x13ac netprofm - ok
15:43:17.0062 0x13ac [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:17.0062 0x13ac NetTcpPortSharing - ok
15:43:17.0296 0x13ac [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:43:17.0437 0x13ac NETwNs64 - ok
15:43:17.0453 0x13ac [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:43:17.0468 0x13ac nfrd960 - ok
15:43:17.0484 0x13ac [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:43:17.0500 0x13ac NlaSvc - ok
15:43:17.0515 0x13ac [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:43:17.0515 0x13ac Npfs - ok
15:43:17.0531 0x13ac [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
15:43:17.0531 0x13ac npsvctrig - ok

 

[GAWoods]

Part #3 (final)
15:43:17.0546 0x13ac [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
15:43:17.0546 0x13ac nsi - ok
15:43:17.0562 0x13ac [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:43:17.0562 0x13ac nsiproxy - ok
15:43:17.0640 0x13ac [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:43:17.0687 0x13ac Ntfs - ok
15:43:17.0703 0x13ac [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
15:43:17.0718 0x13ac Null - ok
15:43:17.0734 0x13ac [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:43:17.0734 0x13ac nvraid - ok
15:43:17.0734 0x13ac [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:43:17.0734 0x13ac nvstor - ok
15:43:17.0750 0x13ac [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:43:17.0750 0x13ac nv_agp - ok
15:43:17.0812 0x13ac [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:43:17.0812 0x13ac ose - ok
15:43:18.0000 0x13ac [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:43:18.0062 0x13ac osppsvc - ok
15:43:18.0093 0x13ac [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:43:18.0109 0x13ac p2pimsvc - ok
15:43:18.0140 0x13ac [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
15:43:18.0140 0x13ac p2psvc - ok
15:43:18.0171 0x13ac [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
15:43:18.0171 0x13ac Parport - ok
15:43:18.0203 0x13ac [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:43:18.0203 0x13ac partmgr - ok
15:43:18.0234 0x13ac [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:43:18.0250 0x13ac PcaSvc - ok
15:43:18.0265 0x13ac [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
15:43:18.0265 0x13ac pci - ok
15:43:18.0281 0x13ac [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
15:43:18.0281 0x13ac pciide - ok
15:43:18.0296 0x13ac [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:43:18.0312 0x13ac pcmcia - ok
15:43:18.0312 0x13ac [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
15:43:18.0312 0x13ac pcw - ok
15:43:18.0343 0x13ac [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
15:43:18.0343 0x13ac pdc - ok
15:43:18.0375 0x13ac [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:43:18.0390 0x13ac PEAUTH - ok
15:43:18.0468 0x13ac [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:43:18.0468 0x13ac PerfHost - ok
15:43:18.0546 0x13ac [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
15:43:18.0593 0x13ac pla - ok
15:43:18.0609 0x13ac [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:43:18.0609 0x13ac PlugPlay - ok
15:43:18.0625 0x13ac [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:43:18.0625 0x13ac PNRPAutoReg - ok
15:43:18.0640 0x13ac [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:43:18.0640 0x13ac PNRPsvc - ok
15:43:18.0671 0x13ac [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:43:18.0671 0x13ac PolicyAgent - ok
15:43:18.0703 0x13ac [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
15:43:18.0718 0x13ac Power - ok
15:43:18.0734 0x13ac [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:43:18.0734 0x13ac PptpMiniport - ok
15:43:18.0843 0x13ac [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:43:18.0937 0x13ac PrintNotify - ok
15:43:18.0953 0x13ac [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
15:43:18.0953 0x13ac Processor - ok
15:43:18.0984 0x13ac [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\Windows\system32\profsvc.dll
15:43:18.0984 0x13ac ProfSvc - ok
15:43:19.0015 0x13ac [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:43:19.0015 0x13ac Psched - ok
15:43:19.0031 0x13ac [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
15:43:19.0031 0x13ac QWAVE - ok
15:43:19.0062 0x13ac [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:43:19.0062 0x13ac QWAVEdrv - ok
15:43:19.0078 0x13ac [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:43:19.0078 0x13ac RasAcd - ok
15:43:19.0109 0x13ac [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:19.0109 0x13ac RasAgileVpn - ok
15:43:19.0125 0x13ac [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
15:43:19.0125 0x13ac RasAuto - ok
15:43:19.0140 0x13ac [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:19.0140 0x13ac Rasl2tp - ok
15:43:19.0156 0x13ac [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
15:43:19.0171 0x13ac RasMan - ok
15:43:19.0171 0x13ac [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:19.0171 0x13ac RasPppoe - ok
15:43:19.0187 0x13ac [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:43:19.0187 0x13ac RasSstp - ok
15:43:19.0218 0x13ac [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:43:19.0234 0x13ac rdbss - ok
15:43:19.0250 0x13ac [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
15:43:19.0250 0x13ac rdpbus - ok
15:43:19.0250 0x13ac [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:43:19.0250 0x13ac RDPDR - ok
15:43:19.0297 0x13ac [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:43:19.0297 0x13ac RdpVideoMiniport - ok
15:43:19.0312 0x13ac [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:43:19.0312 0x13ac RDPWD - ok
15:43:19.0328 0x13ac [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:43:19.0328 0x13ac rdyboost - ok
15:43:19.0390 0x13ac [ D458B9F0477A02D5C1605420EBB7CB7F, E6364228D0723A565572879EA2BF5333ABA78BA13DB5DEE825C34DE07456C133 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:43:19.0390 0x13ac RealNetworks Downloader Resolver Service - ok
15:43:19.0515 0x13ac [ 4267015F37D3438F2F3DDEB29A741A35, 1AC2F08004764608C8EBBE52C3B0F202DF5603F9F3D978788F2423D73683C823 ] RealPlayer Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
15:43:19.0531 0x13ac RealPlayer Desktop Service - ok
15:43:19.0562 0x13ac [ 4C33683C0EE5EE3368D81D5F1AE0E2DD, 4DDBA566B09368FFC82B08135A8344C2687A44D92AC2B793B00DBBB713BA0961 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
15:43:19.0562 0x13ac RealPlayerUpdateSvc - ok
15:43:19.0593 0x13ac [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:43:19.0593 0x13ac RemoteAccess - ok
15:43:19.0625 0x13ac [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:43:19.0625 0x13ac RemoteRegistry - ok
15:43:19.0656 0x13ac [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
15:43:19.0656 0x13ac RFCOMM - ok
15:43:19.0687 0x13ac [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:43:19.0687 0x13ac RpcEptMapper - ok
15:43:19.0718 0x13ac [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
15:43:19.0718 0x13ac RpcLocator - ok
15:43:19.0750 0x13ac [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
15:43:19.0750 0x13ac RpcSs - ok
15:43:19.0781 0x13ac [ CED82FC17230CAE5AE7DE24A19D31361, 47FAA0184C4035A39E767E42EE43716A638BA3FDA13448C01DDCB2D66B6B8D5C ] RSBASTOR C:\Windows\system32\DRIVERS\RtsBaStor.sys
15:43:19.0797 0x13ac RSBASTOR - ok
15:43:19.0812 0x13ac [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:43:19.0812 0x13ac rspndr - ok
15:43:19.0859 0x13ac [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
15:43:19.0875 0x13ac RTL8168 - ok
15:43:19.0890 0x13ac [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
15:43:19.0890 0x13ac s3cap - ok
15:43:19.0906 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\Windows\system32\lsass.exe
15:43:19.0906 0x13ac SamSs - ok
15:43:19.0922 0x13ac [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:43:19.0937 0x13ac sbp2port - ok
15:43:19.0937 0x13ac [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:43:19.0937 0x13ac SCardSvr - ok
15:43:19.0953 0x13ac [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:43:19.0968 0x13ac scfilter - ok
15:43:20.0015 0x13ac [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\Windows\system32\schedsvc.dll
15:43:20.0062 0x13ac Schedule - ok
15:43:20.0093 0x13ac [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:43:20.0093 0x13ac SCPolicySvc - ok
15:43:20.0125 0x13ac [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
15:43:20.0125 0x13ac sdbus - ok
15:43:20.0156 0x13ac [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:43:20.0156 0x13ac SDRSVC - ok
15:43:20.0187 0x13ac [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
15:43:20.0187 0x13ac sdstor - ok
15:43:20.0218 0x13ac [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:43:20.0218 0x13ac secdrv - ok
15:43:20.0234 0x13ac [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
15:43:20.0234 0x13ac seclogon - ok
15:43:20.0250 0x13ac [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
15:43:20.0250 0x13ac SENS - ok
15:43:20.0265 0x13ac [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:43:20.0281 0x13ac SensrSvc - ok
15:43:20.0297 0x13ac [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
15:43:20.0297 0x13ac SerCx - ok
15:43:20.0312 0x13ac [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
15:43:20.0312 0x13ac Serenum - ok
15:43:20.0328 0x13ac [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
15:43:20.0328 0x13ac Serial - ok
15:43:20.0343 0x13ac [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
15:43:20.0343 0x13ac sermouse - ok
15:43:20.0359 0x13ac [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
15:43:20.0359 0x13ac SessionEnv - ok
15:43:20.0375 0x13ac [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
15:43:20.0375 0x13ac sfloppy - ok
15:43:20.0422 0x13ac [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:43:20.0422 0x13ac SharedAccess - ok
15:43:20.0468 0x13ac [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:20.0468 0x13ac ShellHWDetection - ok
15:43:20.0500 0x13ac [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:43:20.0500 0x13ac SiSRaid2 - ok
15:43:20.0515 0x13ac [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:43:20.0515 0x13ac SiSRaid4 - ok
15:43:20.0547 0x13ac [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:43:20.0547 0x13ac SNMPTRAP - ok
15:43:20.0562 0x13ac [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
15:43:20.0578 0x13ac spaceport - ok
15:43:20.0593 0x13ac [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
15:43:20.0593 0x13ac SpbCx - ok
15:43:20.0625 0x13ac [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
15:43:20.0640 0x13ac Spooler - ok
15:43:20.0781 0x13ac [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\Windows\system32\sppsvc.exe
15:43:20.0937 0x13ac sppsvc - ok
15:43:20.0984 0x13ac [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
15:43:20.0984 0x13ac srv - ok
15:43:21.0031 0x13ac [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:43:21.0047 0x13ac srv2 - ok
15:43:21.0078 0x13ac [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:43:21.0078 0x13ac srvnet - ok
15:43:21.0109 0x13ac [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:43:21.0109 0x13ac SSDPSRV - ok
15:43:21.0125 0x13ac [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:43:21.0125 0x13ac SstpSvc - ok
15:43:21.0140 0x13ac [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:43:21.0140 0x13ac stexstor - ok
15:43:21.0187 0x13ac [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
15:43:21.0203 0x13ac stisvc - ok
15:43:21.0218 0x13ac [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
15:43:21.0218 0x13ac storahci - ok
15:43:21.0250 0x13ac [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:43:21.0250 0x13ac storflt - ok
15:43:21.0265 0x13ac [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
15:43:21.0265 0x13ac StorSvc - ok
15:43:21.0281 0x13ac [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:43:21.0281 0x13ac storvsc - ok
15:43:21.0297 0x13ac [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
15:43:21.0297 0x13ac svsvc - ok
15:43:21.0297 0x13ac [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
15:43:21.0297 0x13ac swenum - ok
15:43:21.0328 0x13ac [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
15:43:21.0343 0x13ac swprv - ok
15:43:21.0390 0x13ac [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
15:43:21.0437 0x13ac SysMain - ok
15:43:21.0453 0x13ac [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:43:21.0468 0x13ac SystemEventsBroker - ok
15:43:21.0468 0x13ac [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:21.0484 0x13ac TabletInputService - ok
15:43:21.0500 0x13ac [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:43:21.0500 0x13ac TapiSrv - ok
15:43:21.0578 0x13ac [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:43:21.0625 0x13ac Tcpip - ok
15:43:21.0672 0x13ac [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:43:21.0703 0x13ac TCPIP6 - ok
15:43:21.0734 0x13ac [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:43:21.0734 0x13ac tcpipreg - ok
15:43:21.0750 0x13ac [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:43:21.0750 0x13ac tdx - ok
15:43:21.0765 0x13ac [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
15:43:21.0765 0x13ac terminpt - ok
15:43:21.0812 0x13ac [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\Windows\System32\termsrv.dll
15:43:21.0812 0x13ac TermService - ok
15:43:21.0828 0x13ac [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
15:43:21.0843 0x13ac Themes - ok
15:43:21.0859 0x13ac [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
15:43:21.0859 0x13ac THREADORDER - ok
15:43:21.0890 0x13ac [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
15:43:21.0890 0x13ac TimeBroker - ok
15:43:21.0922 0x13ac [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
15:43:21.0922 0x13ac TPM - ok
15:43:21.0968 0x13ac [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
15:43:21.0968 0x13ac TrkWks - ok
15:43:22.0031 0x13ac [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:22.0031 0x13ac TrustedInstaller - ok
15:43:22.0062 0x13ac [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:43:22.0062 0x13ac TsUsbFlt - ok
15:43:22.0078 0x13ac [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
15:43:22.0078 0x13ac TsUsbGD - ok
15:43:22.0094 0x13ac [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:43:22.0094 0x13ac tunnel - ok
15:43:22.0109 0x13ac [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:43:22.0125 0x13ac uagp35 - ok
15:43:22.0140 0x13ac [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
15:43:22.0140 0x13ac UASPStor - ok
15:43:22.0172 0x13ac [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
15:43:22.0172 0x13ac UCX01000 - ok
15:43:22.0203 0x13ac [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:43:22.0203 0x13ac udfs - ok
15:43:22.0234 0x13ac [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:43:22.0250 0x13ac UI0Detect - ok
15:43:22.0265 0x13ac [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:43:22.0265 0x13ac uliagpkx - ok
15:43:22.0297 0x13ac [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
15:43:22.0297 0x13ac umbus - ok
15:43:22.0312 0x13ac [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
15:43:22.0312 0x13ac UmPass - ok
15:43:22.0328 0x13ac [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
15:43:22.0344 0x13ac UmRdpService - ok
15:43:22.0422 0x13ac [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:43:22.0422 0x13ac UNS - ok
15:43:22.0437 0x13ac [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
15:43:22.0453 0x13ac upnphost - ok
15:43:22.0469 0x13ac [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
15:43:22.0469 0x13ac usbccgp - ok
15:43:22.0500 0x13ac [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
15:43:22.0500 0x13ac usbcir - ok
15:43:22.0515 0x13ac [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
15:43:22.0515 0x13ac usbehci - ok
15:43:22.0547 0x13ac [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
15:43:22.0547 0x13ac usbhub - ok
15:43:22.0562 0x13ac [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
15:43:22.0578 0x13ac USBHUB3 - ok
15:43:22.0594 0x13ac [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
15:43:22.0594 0x13ac usbohci - ok
15:43:22.0609 0x13ac [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
15:43:22.0609 0x13ac usbprint - ok
15:43:22.0640 0x13ac [ A9858597B6DB695F78A37F6755A6FF98, 0EEB217E62105927657FCCF9DC557EFA6FA6AB2A44C1BC50E5C3A894800C1B27 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:43:22.0640 0x13ac usbscan - ok
15:43:22.0687 0x13ac [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
15:43:22.0687 0x13ac USBSTOR - ok
15:43:22.0703 0x13ac [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
15:43:22.0703 0x13ac usbuhci - ok
15:43:22.0719 0x13ac [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:43:22.0719 0x13ac usbvideo - ok
15:43:22.0765 0x13ac [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
15:43:22.0765 0x13ac USBXHCI - ok
15:43:22.0781 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\Windows\system32\lsass.exe
15:43:22.0781 0x13ac VaultSvc - ok
15:43:22.0812 0x13ac [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:43:22.0812 0x13ac vdrvroot - ok
15:43:22.0844 0x13ac [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
15:43:22.0875 0x13ac vds - ok
15:43:22.0890 0x13ac [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
15:43:22.0890 0x13ac VerifierExt - ok
15:43:22.0922 0x13ac [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
15:43:22.0937 0x13ac vhdmp - ok
15:43:22.0953 0x13ac [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
15:43:22.0953 0x13ac viaide - ok
15:43:22.0953 0x13ac [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:43:22.0969 0x13ac vmbus - ok
15:43:22.0984 0x13ac [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
15:43:22.0984 0x13ac VMBusHID - ok
15:43:23.0015 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
15:43:23.0015 0x13ac vmicheartbeat - ok
15:43:23.0031 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:43:23.0031 0x13ac vmickvpexchange - ok
15:43:23.0047 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
15:43:23.0047 0x13ac vmicrdv - ok
15:43:23.0062 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
15:43:23.0062 0x13ac vmicshutdown - ok
15:43:23.0078 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
15:43:23.0078 0x13ac vmictimesync - ok
15:43:23.0078 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
15:43:23.0094 0x13ac vmicvss - ok
15:43:23.0109 0x13ac [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:43:23.0109 0x13ac volmgr - ok
15:43:23.0125 0x13ac [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:43:23.0140 0x13ac volmgrx - ok
15:43:23.0156 0x13ac [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:43:23.0172 0x13ac volsnap - ok
15:43:23.0187 0x13ac [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
15:43:23.0187 0x13ac vpci - ok
15:43:23.0203 0x13ac [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:43:23.0219 0x13ac vsmraid - ok
15:43:23.0265 0x13ac [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\Windows\system32\vssvc.exe
15:43:23.0312 0x13ac VSS - ok
15:43:23.0328 0x13ac [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
15:43:23.0344 0x13ac VSTXRAID - ok
15:43:23.0359 0x13ac [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:43:23.0359 0x13ac vwifibus - ok
15:43:23.0375 0x13ac [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:23.0375 0x13ac vwififlt - ok
15:43:23.0390 0x13ac [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:43:23.0390 0x13ac vwifimp - ok
15:43:23.0422 0x13ac [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
15:43:23.0437 0x13ac W32Time - ok
15:43:23.0453 0x13ac [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
15:43:23.0453 0x13ac WacomPen - ok
15:43:23.0484 0x13ac [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0484 0x13ac Wanarp - ok
15:43:23.0484 0x13ac [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0484 0x13ac Wanarpv6 - ok
15:43:23.0531 0x13ac [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
15:43:23.0578 0x13ac wbengine - ok
15:43:23.0594 0x13ac [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:43:23.0594 0x13ac WbioSrvc - ok
15:43:23.0625 0x13ac [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
15:43:23.0640 0x13ac Wcmsvc - ok
15:43:23.0672 0x13ac [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:43:23.0687 0x13ac wcncsvc - ok
15:43:23.0687 0x13ac [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:23.0687 0x13ac WcsPlugInService - ok
15:43:23.0703 0x13ac [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
15:43:23.0703 0x13ac Wd - ok
15:43:23.0734 0x13ac [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
15:43:23.0734 0x13ac WdBoot - ok
15:43:23.0781 0x13ac [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:43:23.0797 0x13ac Wdf01000 - ok
15:43:23.0812 0x13ac [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
15:43:23.0828 0x13ac WdFilter - ok
15:43:23.0844 0x13ac [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:43:23.0844 0x13ac WdiServiceHost - ok
15:43:23.0844 0x13ac [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:43:23.0844 0x13ac WdiSystemHost - ok
15:43:23.0890 0x13ac [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
15:43:23.0890 0x13ac WebClient - ok
15:43:23.0906 0x13ac [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:43:23.0922 0x13ac Wecsvc - ok
15:43:23.0937 0x13ac [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:43:23.0937 0x13ac wercplsupport - ok
15:43:23.0969 0x13ac [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
15:43:23.0969 0x13ac WerSvc - ok
15:43:24.0000 0x13ac [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
15:43:24.0000 0x13ac WFPLWFS - ok
15:43:24.0015 0x13ac [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
15:43:24.0015 0x13ac WiaRpc - ok
15:43:24.0047 0x13ac [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:43:24.0047 0x13ac WIMMount - ok
15:43:24.0062 0x13ac WinDefend - ok
15:43:24.0125 0x13ac [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:43:24.0140 0x13ac WinHttpAutoProxySvc - ok
15:43:24.0203 0x13ac [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:43:24.0203 0x13ac Winmgmt - ok
15:43:24.0297 0x13ac [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\Windows\system32\WsmSvc.dll
15:43:24.0375 0x13ac WinRM - ok
15:43:24.0422 0x13ac [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
15:43:24.0422 0x13ac WinUsb - ok
15:43:24.0484 0x13ac [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
15:43:24.0531 0x13ac WlanSvc - ok
15:43:24.0625 0x13ac [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
15:43:24.0672 0x13ac wlidsvc - ok
15:43:24.0687 0x13ac [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
15:43:24.0687 0x13ac WmiAcpi - ok
15:43:24.0719 0x13ac [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:43:24.0719 0x13ac wmiApSrv - ok
15:43:24.0750 0x13ac WMPNetworkSvc - ok
15:43:24.0766 0x13ac [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
15:43:24.0766 0x13ac wpcfltr - ok
15:43:24.0797 0x13ac [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:43:24.0797 0x13ac WPCSvc - ok
15:43:24.0828 0x13ac [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:43:24.0828 0x13ac WPDBusEnum - ok
15:43:24.0844 0x13ac [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
15:43:24.0844 0x13ac WpdUpFltr - ok
15:43:24.0875 0x13ac [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:43:24.0875 0x13ac ws2ifsl - ok
15:43:24.0906 0x13ac [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
15:43:24.0906 0x13ac wscsvc - ok
15:43:24.0906 0x13ac WSearch - ok
15:43:24.0984 0x13ac [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
15:43:25.0062 0x13ac WSService - ok
15:43:25.0156 0x13ac [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\Windows\system32\wuaueng.dll
15:43:25.0250 0x13ac wuauserv - ok
15:43:25.0281 0x13ac [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:43:25.0281 0x13ac WudfPf - ok
15:43:25.0297 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
15:43:25.0297 0x13ac WUDFRd - ok
15:43:25.0328 0x13ac [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:43:25.0328 0x13ac wudfsvc - ok
15:43:25.0344 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:25.0344 0x13ac WUDFWpdFs - ok
15:43:25.0344 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:25.0359 0x13ac WUDFWpdMtp - ok
15:43:25.0375 0x13ac [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:43:25.0391 0x13ac WwanSvc - ok
15:43:25.0391 0x13ac ================ Scan global ===============================
15:43:25.0437 0x13ac [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
15:43:25.0453 0x13ac [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
15:43:25.0484 0x13ac [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
15:43:25.0531 0x13ac [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
15:43:25.0531 0x13ac [ Global ] - ok
15:43:25.0531 0x13ac ================ Scan MBR ==================================
15:43:25.0547 0x13ac [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:43:25.0547 0x13ac \Device\Harddisk0\DR0 - ok
15:43:25.0547 0x13ac ================ Scan VBR ==================================
15:43:25.0547 0x13ac [ 21E302E5364350BB74A2D2E9E0435AEA ] \Device\Harddisk0\DR0\Partition1
15:43:25.0562 0x13ac \Device\Harddisk0\DR0\Partition1 - ok
15:43:25.0562 0x13ac [ 4C3696F391B5E198D7481410B6D00980 ] \Device\Harddisk0\DR0\Partition2
15:43:25.0594 0x13ac \Device\Harddisk0\DR0\Partition2 - ok
15:43:25.0609 0x13ac [ 31652B88C8F2D39B472B13C63AB9E1CB ] \Device\Harddisk0\DR0\Partition3
15:43:25.0609 0x13ac \Device\Harddisk0\DR0\Partition3 - ok
15:43:25.0609 0x13ac [ B48EC58D8746A8B04CFF0231A97001A8 ] \Device\Harddisk0\DR0\Partition4
15:43:25.0625 0x13ac \Device\Harddisk0\DR0\Partition4 - ok
15:43:25.0641 0x13ac [ 07F4F71A06114D5F4B31474CE3FAA016 ] \Device\Harddisk0\DR0\Partition5
15:43:25.0672 0x13ac \Device\Harddisk0\DR0\Partition5 - ok
15:43:25.0687 0x13ac [ 0812E36BCA8BA2FC06FAE7E82C682949 ] \Device\Harddisk0\DR0\Partition6
15:43:25.0703 0x13ac \Device\Harddisk0\DR0\Partition6 - ok
15:43:25.0703 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:26.0719 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:27.0734 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:28.0750 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:29.0766 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:30.0781 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:31.0797 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:32.0813 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:33.0829 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:34.0844 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:35.0860 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:36.0876 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:37.0891 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:38.0907 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:39.0923 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:40.0938 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:41.0954 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:42.0970 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:43.0985 0x13ac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x61100 ( enabled : updated )
15:43:43.0985 0x13ac Win FW state via NFP2: enabled
15:43:46.0485 0x13ac ============================================================
15:43:46.0485 0x13ac Scan finished
15:43:46.0485 0x13ac ============================================================
15:43:46.0485 0x0ea8 Detected object count: 0
15:43:46.0485 0x0ea8 Actual detected object count: 0
15:44:26.0800 0x0a38 Deinitialize success

 

[GAWoods]

Part #3 (final)
15:43:17.0546 0x13ac [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
15:43:17.0546 0x13ac nsi - ok
15:43:17.0562 0x13ac [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:43:17.0562 0x13ac nsiproxy - ok
15:43:17.0640 0x13ac [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:43:17.0687 0x13ac Ntfs - ok
15:43:17.0703 0x13ac [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
15:43:17.0718 0x13ac Null - ok
15:43:17.0734 0x13ac [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:43:17.0734 0x13ac nvraid - ok
15:43:17.0734 0x13ac [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:43:17.0734 0x13ac nvstor - ok
15:43:17.0750 0x13ac [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:43:17.0750 0x13ac nv_agp - ok
15:43:17.0812 0x13ac [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:43:17.0812 0x13ac ose - ok
15:43:18.0000 0x13ac [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:43:18.0062 0x13ac osppsvc - ok
15:43:18.0093 0x13ac [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:43:18.0109 0x13ac p2pimsvc - ok
15:43:18.0140 0x13ac [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
15:43:18.0140 0x13ac p2psvc - ok
15:43:18.0171 0x13ac [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
15:43:18.0171 0x13ac Parport - ok
15:43:18.0203 0x13ac [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:43:18.0203 0x13ac partmgr - ok
15:43:18.0234 0x13ac [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:43:18.0250 0x13ac PcaSvc - ok
15:43:18.0265 0x13ac [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
15:43:18.0265 0x13ac pci - ok
15:43:18.0281 0x13ac [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
15:43:18.0281 0x13ac pciide - ok
15:43:18.0296 0x13ac [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:43:18.0312 0x13ac pcmcia - ok
15:43:18.0312 0x13ac [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
15:43:18.0312 0x13ac pcw - ok
15:43:18.0343 0x13ac [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
15:43:18.0343 0x13ac pdc - ok
15:43:18.0375 0x13ac [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:43:18.0390 0x13ac PEAUTH - ok
15:43:18.0468 0x13ac [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:43:18.0468 0x13ac PerfHost - ok
15:43:18.0546 0x13ac [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
15:43:18.0593 0x13ac pla - ok
15:43:18.0609 0x13ac [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:43:18.0609 0x13ac PlugPlay - ok
15:43:18.0625 0x13ac [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:43:18.0625 0x13ac PNRPAutoReg - ok
15:43:18.0640 0x13ac [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:43:18.0640 0x13ac PNRPsvc - ok
15:43:18.0671 0x13ac [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:43:18.0671 0x13ac PolicyAgent - ok
15:43:18.0703 0x13ac [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
15:43:18.0718 0x13ac Power - ok
15:43:18.0734 0x13ac [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:43:18.0734 0x13ac PptpMiniport - ok
15:43:18.0843 0x13ac [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:43:18.0937 0x13ac PrintNotify - ok
15:43:18.0953 0x13ac [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
15:43:18.0953 0x13ac Processor - ok
15:43:18.0984 0x13ac [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\Windows\system32\profsvc.dll
15:43:18.0984 0x13ac ProfSvc - ok
15:43:19.0015 0x13ac [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:43:19.0015 0x13ac Psched - ok
15:43:19.0031 0x13ac [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
15:43:19.0031 0x13ac QWAVE - ok
15:43:19.0062 0x13ac [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:43:19.0062 0x13ac QWAVEdrv - ok
15:43:19.0078 0x13ac [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:43:19.0078 0x13ac RasAcd - ok
15:43:19.0109 0x13ac [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:19.0109 0x13ac RasAgileVpn - ok
15:43:19.0125 0x13ac [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
15:43:19.0125 0x13ac RasAuto - ok
15:43:19.0140 0x13ac [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:19.0140 0x13ac Rasl2tp - ok
15:43:19.0156 0x13ac [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
15:43:19.0171 0x13ac RasMan - ok
15:43:19.0171 0x13ac [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:19.0171 0x13ac RasPppoe - ok
15:43:19.0187 0x13ac [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:43:19.0187 0x13ac RasSstp - ok
15:43:19.0218 0x13ac [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:43:19.0234 0x13ac rdbss - ok
15:43:19.0250 0x13ac [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
15:43:19.0250 0x13ac rdpbus - ok
15:43:19.0250 0x13ac [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:43:19.0250 0x13ac RDPDR - ok
15:43:19.0297 0x13ac [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:43:19.0297 0x13ac RdpVideoMiniport - ok
15:43:19.0312 0x13ac [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:43:19.0312 0x13ac RDPWD - ok
15:43:19.0328 0x13ac [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:43:19.0328 0x13ac rdyboost - ok
15:43:19.0390 0x13ac [ D458B9F0477A02D5C1605420EBB7CB7F, E6364228D0723A565572879EA2BF5333ABA78BA13DB5DEE825C34DE07456C133 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:43:19.0390 0x13ac RealNetworks Downloader Resolver Service - ok
15:43:19.0515 0x13ac [ 4267015F37D3438F2F3DDEB29A741A35, 1AC2F08004764608C8EBBE52C3B0F202DF5603F9F3D978788F2423D73683C823 ] RealPlayer Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
15:43:19.0531 0x13ac RealPlayer Desktop Service - ok
15:43:19.0562 0x13ac [ 4C33683C0EE5EE3368D81D5F1AE0E2DD, 4DDBA566B09368FFC82B08135A8344C2687A44D92AC2B793B00DBBB713BA0961 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
15:43:19.0562 0x13ac RealPlayerUpdateSvc - ok
15:43:19.0593 0x13ac [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:43:19.0593 0x13ac RemoteAccess - ok
15:43:19.0625 0x13ac [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:43:19.0625 0x13ac RemoteRegistry - ok
15:43:19.0656 0x13ac [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
15:43:19.0656 0x13ac RFCOMM - ok
15:43:19.0687 0x13ac [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:43:19.0687 0x13ac RpcEptMapper - ok
15:43:19.0718 0x13ac [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
15:43:19.0718 0x13ac RpcLocator - ok
15:43:19.0750 0x13ac [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
15:43:19.0750 0x13ac RpcSs - ok
15:43:19.0781 0x13ac [ CED82FC17230CAE5AE7DE24A19D31361, 47FAA0184C4035A39E767E42EE43716A638BA3FDA13448C01DDCB2D66B6B8D5C ] RSBASTOR C:\Windows\system32\DRIVERS\RtsBaStor.sys
15:43:19.0797 0x13ac RSBASTOR - ok
15:43:19.0812 0x13ac [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:43:19.0812 0x13ac rspndr - ok
15:43:19.0859 0x13ac [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
15:43:19.0875 0x13ac RTL8168 - ok
15:43:19.0890 0x13ac [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
15:43:19.0890 0x13ac s3cap - ok
15:43:19.0906 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\Windows\system32\lsass.exe
15:43:19.0906 0x13ac SamSs - ok
15:43:19.0922 0x13ac [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:43:19.0937 0x13ac sbp2port - ok
15:43:19.0937 0x13ac [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:43:19.0937 0x13ac SCardSvr - ok
15:43:19.0953 0x13ac [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:43:19.0968 0x13ac scfilter - ok
15:43:20.0015 0x13ac [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\Windows\system32\schedsvc.dll
15:43:20.0062 0x13ac Schedule - ok
15:43:20.0093 0x13ac [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:43:20.0093 0x13ac SCPolicySvc - ok
15:43:20.0125 0x13ac [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
15:43:20.0125 0x13ac sdbus - ok
15:43:20.0156 0x13ac [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:43:20.0156 0x13ac SDRSVC - ok
15:43:20.0187 0x13ac [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
15:43:20.0187 0x13ac sdstor - ok
15:43:20.0218 0x13ac [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:43:20.0218 0x13ac secdrv - ok
15:43:20.0234 0x13ac [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
15:43:20.0234 0x13ac seclogon - ok
15:43:20.0250 0x13ac [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
15:43:20.0250 0x13ac SENS - ok
15:43:20.0265 0x13ac [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:43:20.0281 0x13ac SensrSvc - ok
15:43:20.0297 0x13ac [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
15:43:20.0297 0x13ac SerCx - ok
15:43:20.0312 0x13ac [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
15:43:20.0312 0x13ac Serenum - ok
15:43:20.0328 0x13ac [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
15:43:20.0328 0x13ac Serial - ok
15:43:20.0343 0x13ac [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
15:43:20.0343 0x13ac sermouse - ok
15:43:20.0359 0x13ac [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
15:43:20.0359 0x13ac SessionEnv - ok
15:43:20.0375 0x13ac [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
15:43:20.0375 0x13ac sfloppy - ok
15:43:20.0422 0x13ac [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:43:20.0422 0x13ac SharedAccess - ok
15:43:20.0468 0x13ac [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:20.0468 0x13ac ShellHWDetection - ok
15:43:20.0500 0x13ac [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:43:20.0500 0x13ac SiSRaid2 - ok
15:43:20.0515 0x13ac [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:43:20.0515 0x13ac SiSRaid4 - ok
15:43:20.0547 0x13ac [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:43:20.0547 0x13ac SNMPTRAP - ok
15:43:20.0562 0x13ac [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
15:43:20.0578 0x13ac spaceport - ok
15:43:20.0593 0x13ac [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
15:43:20.0593 0x13ac SpbCx - ok
15:43:20.0625 0x13ac [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
15:43:20.0640 0x13ac Spooler - ok
15:43:20.0781 0x13ac [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\Windows\system32\sppsvc.exe
15:43:20.0937 0x13ac sppsvc - ok
15:43:20.0984 0x13ac [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
15:43:20.0984 0x13ac srv - ok
15:43:21.0031 0x13ac [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:43:21.0047 0x13ac srv2 - ok
15:43:21.0078 0x13ac [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:43:21.0078 0x13ac srvnet - ok
15:43:21.0109 0x13ac [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:43:21.0109 0x13ac SSDPSRV - ok
15:43:21.0125 0x13ac [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:43:21.0125 0x13ac SstpSvc - ok
15:43:21.0140 0x13ac [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:43:21.0140 0x13ac stexstor - ok
15:43:21.0187 0x13ac [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
15:43:21.0203 0x13ac stisvc - ok
15:43:21.0218 0x13ac [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
15:43:21.0218 0x13ac storahci - ok
15:43:21.0250 0x13ac [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:43:21.0250 0x13ac storflt - ok
15:43:21.0265 0x13ac [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
15:43:21.0265 0x13ac StorSvc - ok
15:43:21.0281 0x13ac [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:43:21.0281 0x13ac storvsc - ok
15:43:21.0297 0x13ac [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
15:43:21.0297 0x13ac svsvc - ok
15:43:21.0297 0x13ac [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
15:43:21.0297 0x13ac swenum - ok
15:43:21.0328 0x13ac [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
15:43:21.0343 0x13ac swprv - ok
15:43:21.0390 0x13ac [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
15:43:21.0437 0x13ac SysMain - ok
15:43:21.0453 0x13ac [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:43:21.0468 0x13ac SystemEventsBroker - ok
15:43:21.0468 0x13ac [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:21.0484 0x13ac TabletInputService - ok
15:43:21.0500 0x13ac [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:43:21.0500 0x13ac TapiSrv - ok
15:43:21.0578 0x13ac [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:43:21.0625 0x13ac Tcpip - ok
15:43:21.0672 0x13ac [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:43:21.0703 0x13ac TCPIP6 - ok
15:43:21.0734 0x13ac [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:43:21.0734 0x13ac tcpipreg - ok
15:43:21.0750 0x13ac [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:43:21.0750 0x13ac tdx - ok
15:43:21.0765 0x13ac [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
15:43:21.0765 0x13ac terminpt - ok
15:43:21.0812 0x13ac [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\Windows\System32\termsrv.dll
15:43:21.0812 0x13ac TermService - ok
15:43:21.0828 0x13ac [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
15:43:21.0843 0x13ac Themes - ok
15:43:21.0859 0x13ac [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
15:43:21.0859 0x13ac THREADORDER - ok
15:43:21.0890 0x13ac [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
15:43:21.0890 0x13ac TimeBroker - ok
15:43:21.0922 0x13ac [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
15:43:21.0922 0x13ac TPM - ok
15:43:21.0968 0x13ac [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
15:43:21.0968 0x13ac TrkWks - ok
15:43:22.0031 0x13ac [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:22.0031 0x13ac TrustedInstaller - ok
15:43:22.0062 0x13ac [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:43:22.0062 0x13ac TsUsbFlt - ok
15:43:22.0078 0x13ac [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
15:43:22.0078 0x13ac TsUsbGD - ok
15:43:22.0094 0x13ac [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:43:22.0094 0x13ac tunnel - ok
15:43:22.0109 0x13ac [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:43:22.0125 0x13ac uagp35 - ok
15:43:22.0140 0x13ac [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
15:43:22.0140 0x13ac UASPStor - ok
15:43:22.0172 0x13ac [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
15:43:22.0172 0x13ac UCX01000 - ok
15:43:22.0203 0x13ac [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:43:22.0203 0x13ac udfs - ok
15:43:22.0234 0x13ac [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:43:22.0250 0x13ac UI0Detect - ok
15:43:22.0265 0x13ac [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:43:22.0265 0x13ac uliagpkx - ok
15:43:22.0297 0x13ac [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
15:43:22.0297 0x13ac umbus - ok
15:43:22.0312 0x13ac [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
15:43:22.0312 0x13ac UmPass - ok
15:43:22.0328 0x13ac [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
15:43:22.0344 0x13ac UmRdpService - ok
15:43:22.0422 0x13ac [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:43:22.0422 0x13ac UNS - ok
15:43:22.0437 0x13ac [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
15:43:22.0453 0x13ac upnphost - ok
15:43:22.0469 0x13ac [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
15:43:22.0469 0x13ac usbccgp - ok
15:43:22.0500 0x13ac [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
15:43:22.0500 0x13ac usbcir - ok
15:43:22.0515 0x13ac [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
15:43:22.0515 0x13ac usbehci - ok
15:43:22.0547 0x13ac [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
15:43:22.0547 0x13ac usbhub - ok
15:43:22.0562 0x13ac [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
15:43:22.0578 0x13ac USBHUB3 - ok
15:43:22.0594 0x13ac [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
15:43:22.0594 0x13ac usbohci - ok
15:43:22.0609 0x13ac [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
15:43:22.0609 0x13ac usbprint - ok
15:43:22.0640 0x13ac [ A9858597B6DB695F78A37F6755A6FF98, 0EEB217E62105927657FCCF9DC557EFA6FA6AB2A44C1BC50E5C3A894800C1B27 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:43:22.0640 0x13ac usbscan - ok
15:43:22.0687 0x13ac [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
15:43:22.0687 0x13ac USBSTOR - ok
15:43:22.0703 0x13ac [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
15:43:22.0703 0x13ac usbuhci - ok
15:43:22.0719 0x13ac [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:43:22.0719 0x13ac usbvideo - ok
15:43:22.0765 0x13ac [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
15:43:22.0765 0x13ac USBXHCI - ok
15:43:22.0781 0x13ac [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\Windows\system32\lsass.exe
15:43:22.0781 0x13ac VaultSvc - ok
15:43:22.0812 0x13ac [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:43:22.0812 0x13ac vdrvroot - ok
15:43:22.0844 0x13ac [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
15:43:22.0875 0x13ac vds - ok
15:43:22.0890 0x13ac [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
15:43:22.0890 0x13ac VerifierExt - ok
15:43:22.0922 0x13ac [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
15:43:22.0937 0x13ac vhdmp - ok
15:43:22.0953 0x13ac [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
15:43:22.0953 0x13ac viaide - ok
15:43:22.0953 0x13ac [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:43:22.0969 0x13ac vmbus - ok
15:43:22.0984 0x13ac [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
15:43:22.0984 0x13ac VMBusHID - ok
15:43:23.0015 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
15:43:23.0015 0x13ac vmicheartbeat - ok
15:43:23.0031 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:43:23.0031 0x13ac vmickvpexchange - ok
15:43:23.0047 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
15:43:23.0047 0x13ac vmicrdv - ok
15:43:23.0062 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
15:43:23.0062 0x13ac vmicshutdown - ok
15:43:23.0078 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
15:43:23.0078 0x13ac vmictimesync - ok
15:43:23.0078 0x13ac [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
15:43:23.0094 0x13ac vmicvss - ok
15:43:23.0109 0x13ac [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:43:23.0109 0x13ac volmgr - ok
15:43:23.0125 0x13ac [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:43:23.0140 0x13ac volmgrx - ok
15:43:23.0156 0x13ac [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:43:23.0172 0x13ac volsnap - ok
15:43:23.0187 0x13ac [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
15:43:23.0187 0x13ac vpci - ok
15:43:23.0203 0x13ac [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:43:23.0219 0x13ac vsmraid - ok
15:43:23.0265 0x13ac [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\Windows\system32\vssvc.exe
15:43:23.0312 0x13ac VSS - ok
15:43:23.0328 0x13ac [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
15:43:23.0344 0x13ac VSTXRAID - ok
15:43:23.0359 0x13ac [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:43:23.0359 0x13ac vwifibus - ok
15:43:23.0375 0x13ac [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:23.0375 0x13ac vwififlt - ok
15:43:23.0390 0x13ac [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:43:23.0390 0x13ac vwifimp - ok
15:43:23.0422 0x13ac [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
15:43:23.0437 0x13ac W32Time - ok
15:43:23.0453 0x13ac [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
15:43:23.0453 0x13ac WacomPen - ok
15:43:23.0484 0x13ac [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0484 0x13ac Wanarp - ok
15:43:23.0484 0x13ac [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0484 0x13ac Wanarpv6 - ok
15:43:23.0531 0x13ac [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
15:43:23.0578 0x13ac wbengine - ok
15:43:23.0594 0x13ac [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:43:23.0594 0x13ac WbioSrvc - ok
15:43:23.0625 0x13ac [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
15:43:23.0640 0x13ac Wcmsvc - ok
15:43:23.0672 0x13ac [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:43:23.0687 0x13ac wcncsvc - ok
15:43:23.0687 0x13ac [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:23.0687 0x13ac WcsPlugInService - ok
15:43:23.0703 0x13ac [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
15:43:23.0703 0x13ac Wd - ok
15:43:23.0734 0x13ac [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
15:43:23.0734 0x13ac WdBoot - ok
15:43:23.0781 0x13ac [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:43:23.0797 0x13ac Wdf01000 - ok
15:43:23.0812 0x13ac [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
15:43:23.0828 0x13ac WdFilter - ok
15:43:23.0844 0x13ac [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:43:23.0844 0x13ac WdiServiceHost - ok
15:43:23.0844 0x13ac [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:43:23.0844 0x13ac WdiSystemHost - ok
15:43:23.0890 0x13ac [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
15:43:23.0890 0x13ac WebClient - ok
15:43:23.0906 0x13ac [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:43:23.0922 0x13ac Wecsvc - ok
15:43:23.0937 0x13ac [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:43:23.0937 0x13ac wercplsupport - ok
15:43:23.0969 0x13ac [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
15:43:23.0969 0x13ac WerSvc - ok
15:43:24.0000 0x13ac [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
15:43:24.0000 0x13ac WFPLWFS - ok
15:43:24.0015 0x13ac [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
15:43:24.0015 0x13ac WiaRpc - ok
15:43:24.0047 0x13ac [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:43:24.0047 0x13ac WIMMount - ok
15:43:24.0062 0x13ac WinDefend - ok
15:43:24.0125 0x13ac [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:43:24.0140 0x13ac WinHttpAutoProxySvc - ok
15:43:24.0203 0x13ac [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:43:24.0203 0x13ac Winmgmt - ok
15:43:24.0297 0x13ac [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\Windows\system32\WsmSvc.dll
15:43:24.0375 0x13ac WinRM - ok
15:43:24.0422 0x13ac [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
15:43:24.0422 0x13ac WinUsb - ok
15:43:24.0484 0x13ac [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
15:43:24.0531 0x13ac WlanSvc - ok
15:43:24.0625 0x13ac [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
15:43:24.0672 0x13ac wlidsvc - ok
15:43:24.0687 0x13ac [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
15:43:24.0687 0x13ac WmiAcpi - ok
15:43:24.0719 0x13ac [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:43:24.0719 0x13ac wmiApSrv - ok
15:43:24.0750 0x13ac WMPNetworkSvc - ok
15:43:24.0766 0x13ac [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
15:43:24.0766 0x13ac wpcfltr - ok
15:43:24.0797 0x13ac [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:43:24.0797 0x13ac WPCSvc - ok
15:43:24.0828 0x13ac [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:43:24.0828 0x13ac WPDBusEnum - ok
15:43:24.0844 0x13ac [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
15:43:24.0844 0x13ac WpdUpFltr - ok
15:43:24.0875 0x13ac [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:43:24.0875 0x13ac ws2ifsl - ok
15:43:24.0906 0x13ac [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
15:43:24.0906 0x13ac wscsvc - ok
15:43:24.0906 0x13ac WSearch - ok
15:43:24.0984 0x13ac [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
15:43:25.0062 0x13ac WSService - ok
15:43:25.0156 0x13ac [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\Windows\system32\wuaueng.dll
15:43:25.0250 0x13ac wuauserv - ok
15:43:25.0281 0x13ac [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:43:25.0281 0x13ac WudfPf - ok
15:43:25.0297 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
15:43:25.0297 0x13ac WUDFRd - ok
15:43:25.0328 0x13ac [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:43:25.0328 0x13ac wudfsvc - ok
15:43:25.0344 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:25.0344 0x13ac WUDFWpdFs - ok
15:43:25.0344 0x13ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:25.0359 0x13ac WUDFWpdMtp - ok
15:43:25.0375 0x13ac [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:43:25.0391 0x13ac WwanSvc - ok
15:43:25.0391 0x13ac ================ Scan global ===============================
15:43:25.0437 0x13ac [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
15:43:25.0453 0x13ac [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
15:43:25.0484 0x13ac [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
15:43:25.0531 0x13ac [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
15:43:25.0531 0x13ac [ Global ] - ok
15:43:25.0531 0x13ac ================ Scan MBR ==================================
15:43:25.0547 0x13ac [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:43:25.0547 0x13ac \Device\Harddisk0\DR0 - ok
15:43:25.0547 0x13ac ================ Scan VBR ==================================
15:43:25.0547 0x13ac [ 21E302E5364350BB74A2D2E9E0435AEA ] \Device\Harddisk0\DR0\Partition1
15:43:25.0562 0x13ac \Device\Harddisk0\DR0\Partition1 - ok
15:43:25.0562 0x13ac [ 4C3696F391B5E198D7481410B6D00980 ] \Device\Harddisk0\DR0\Partition2
15:43:25.0594 0x13ac \Device\Harddisk0\DR0\Partition2 - ok
15:43:25.0609 0x13ac [ 31652B88C8F2D39B472B13C63AB9E1CB ] \Device\Harddisk0\DR0\Partition3
15:43:25.0609 0x13ac \Device\Harddisk0\DR0\Partition3 - ok
15:43:25.0609 0x13ac [ B48EC58D8746A8B04CFF0231A97001A8 ] \Device\Harddisk0\DR0\Partition4
15:43:25.0625 0x13ac \Device\Harddisk0\DR0\Partition4 - ok
15:43:25.0641 0x13ac [ 07F4F71A06114D5F4B31474CE3FAA016 ] \Device\Harddisk0\DR0\Partition5
15:43:25.0672 0x13ac \Device\Harddisk0\DR0\Partition5 - ok
15:43:25.0687 0x13ac [ 0812E36BCA8BA2FC06FAE7E82C682949 ] \Device\Harddisk0\DR0\Partition6
15:43:25.0703 0x13ac \Device\Harddisk0\DR0\Partition6 - ok
15:43:25.0703 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:26.0719 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:27.0734 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:28.0750 0x13ac Waiting for KSN requests completion. In queue: 369
15:43:29.0766 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:30.0781 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:31.0797 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:32.0813 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:33.0829 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:34.0844 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:35.0860 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:36.0876 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:37.0891 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:38.0907 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:39.0923 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:40.0938 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:41.0954 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:42.0970 0x13ac Waiting for KSN requests completion. In queue: 307
15:43:43.0985 0x13ac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x61100 ( enabled : updated )
15:43:43.0985 0x13ac Win FW state via NFP2: enabled
15:43:46.0485 0x13ac ============================================================
15:43:46.0485 0x13ac Scan finished
15:43:46.0485 0x13ac ============================================================
15:43:46.0485 0x0ea8 Detected object count: 0
15:43:46.0485 0x0ea8 Actual detected object count: 0
15:44:26.0800 0x0a38 Deinitialize success

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[GAWoods]

I have only been using MalwareBytes on this computer. Used to have Avast but uninstalled it. Is there any other type of virus protection to disable? This is a Windows 8 machine. I didn't see any information about Windows 8.

 

[Broni]

You have Windows Defender running.
In Windows 8 this is renamed Microsoft Security Essentials (MSE) - your AV program.
Here is how to turn it off: http://www.eightforums.com/tutorials/21962-windows-defender-turn-off-windows-8-a.html
Turn it back on when done with Combofix.

 

[GAWoods]

ComboFix 14-02-24.02 - Beth 02/24/2014 16:45:15.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6030.4670 [GMT -5:00]
Running from: c:\users\Beth\Downloads\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SetStretch.exe
c:\users\Beth\AppData\Local\assembly\tmp
c:\users\Beth\Documents\~WRL1488.tmp
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-01-24 to 2014-02-24 )))))))))))))))))))))))))))))))
.
.
2014-02-24 20:11 . 2014-02-24 20:31 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-24 20:11 . 2014-02-24 20:11 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-24 20:10 . 2014-02-24 20:10 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-24 15:46 . 2014-02-06 06:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA6D6895-DE18-4A27-8F08-0564AE4E01B9}\mpengine.dll
2014-02-24 15:46 . 2014-01-19 07:33 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-02-24 15:41 . 2014-02-24 15:41 -------- d-----w- c:\windows\LastGood.Tmp
2014-02-16 15:35 . 2014-02-16 15:35 -------- d-----w- c:\program files\CCleaner
2014-02-16 15:28 . 2013-12-19 02:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-16 14:59 . 2014-02-16 14:59 -------- d-----w- c:\users\Beth\AppData\Roaming\Malwarebytes
2014-02-16 14:59 . 2014-02-16 14:59 -------- d-----w- c:\programdata\Malwarebytes
2014-02-16 14:59 . 2014-02-16 14:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-16 14:59 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-13 04:47 . 2014-01-12 23:30 2032640 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-13 04:47 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-13 04:47 . 2013-11-20 00:15 3842560 ----a-w- c:\windows\system32\d2d1.dll
2014-02-13 04:47 . 2013-11-19 23:57 3288576 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-24 18:26 . 2012-12-24 23:44 380 ----a-w- c:\users\Beth\AppData\Roaming\sp_data.sys
2014-02-17 22:03 . 2012-07-26 08:14 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03 . 2012-07-26 08:14 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 00:09 . 2012-12-31 23:22 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-04 01:23 . 2013-03-12 02:08 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-12-08 17:43 . 2012-09-03 03:06 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-12-08 17:43 . 2012-09-03 03:06 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-12-07 06:37 . 2014-01-18 00:03 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-12-07 06:37 . 2014-01-18 00:03 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15 . 2014-01-18 00:03 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-12-07 05:15 . 2014-01-18 00:03 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 19:46 . 2013-12-04 19:46 58256 ----a-w- c:\windows\system32\drivers\hlnfd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-12-18 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-08-05 3331312]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe" [2012-10-25 3574656]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2013-12-08 295512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2012-9-2 549040]
RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2013-12-8 1071712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
R4 RealPlayer Desktop Service;RealPlayer Desktop Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
R4 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 ATP;ASUS PS/2 Port Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 20:04 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-01 21:57]
.
2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08 17:42]
.
2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}]
2013-12-04 19:46 180840 ----a-w- c:\program files\Highlightly\IE\HighlightlyClientIE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-16 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-16 398656]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-06-07 90832]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\bme5wwmz.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
BHO-{11111111-1111-1111-1111-110311121157} - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2014-02-24 16:54:54
ComboFix-quarantined-files.txt 2014-02-24 21:54
.
Pre-Run: 244,108,701,696 bytes free
Post-Run: 246,298,394,624 bytes free
.
- - End Of File - - 090CF99DBF57C714B7B7F78E09824080

 

[Broni]

Looks good.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[GAWoods]

# AdwCleaner v3.019 - Report created 24/02/2014 at 17:11:56
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Beth - BETH
# Running from : C:\Users\Beth\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files\Highlightly
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Found C:\ProgramData\VisualBee
Folder Found C:\Users\Beth\AppData\Local\genienext
Folder Found C:\Users\Beth\AppData\Local\Mobogenie
Folder Found C:\Users\Beth\AppData\Local\SwvUpdater
Folder Found C:\Users\Beth\AppData\LocalLow\Inbox Toolbar
Folder Found C:\Users\Beth\AppData\Roaming\24x7 help
Folder Found C:\Users\Beth\Documents\Mobogenie
Folder Found C:\Users\Beth\Documents\optimizer pro

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Help.lnk ( /showurl hxxp://toolbar.inbox.com/faq.aspx )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Inbox.com.lnk ( /showurl hxxp://www.inbox.com/homepage.aspx?tbid=80274&iwk=247&lng=en )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Settings.lnk ( /showurl hxxp://toolbar.inbox.com/settings/settings.aspx?lng=en )

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\visualbee
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\visualbee
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\inbox.appserver
Key Found : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\Software\visualbee
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\bme5wwmz.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : suggest_url
Found : keyword
Found : homepage
Found : search_url
Found : homepage
Found : search_url
Found : suggest_url

*************************

AdwCleaner[R0].txt - [5728 octets] - [24/02/2014 17:11:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5788 octets] ##########

 

[GAWoods]

# AdwCleaner v3.019 - Report created 24/02/2014 at 17:13:45
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Beth - BETH
# Running from : C:\Users\Beth\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files\Highlightly
Folder Deleted : C:\Users\Beth\AppData\Local\genienext
Folder Deleted : C:\Users\Beth\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Beth\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Beth\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Beth\AppData\Roaming\24x7 help
Folder Deleted : C:\Users\Beth\Documents\Mobogenie
Folder Deleted : C:\Users\Beth\Documents\optimizer pro
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com

***** [ Shortcuts ] *****