Solved No program is running but something like radio is playing through my speakers

[Broni]

Good news

Couple more checks...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[Hoori]

Checkup.txt content:

Results of screen317's Security Check version 0.99.78
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
ESET Smart Security 6.0
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Winferno Registry Power Cleaner
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (26.0)
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````

 

[Hoori]

FSS.txt content:

Farbar Service Scanner Version: 05-12-2013
Ran by Fujitsu (administrator) on 03-01-2014 at 00:21:23
Running from "C:\Users\Fujitsu\Downloads"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 15:25] - [2009-07-13 17:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-07-13 16:00] - [2009-07-13 17:41] - 0509952 ____A (Microsoft Corporation) 3C6018A5BFDA89FB3BE0BBB2E0DD234A



**** End of log ****

 

[Hoori]

After performing Temp File Cleaner, I had to restart the computer and now the voices are back again!

 

[Broni]

Before you run Eset....

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Hoori]

No threats found, no reboot required, here's the content: (I haven't run the ESET scan yet).
More than 50000 characters so I split the content.
Part 1:
00:41:45.0478 0x18cc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
00:41:51.0141 0x18cc ============================================================
00:41:51.0141 0x18cc Current date / time: 2014/01/03 00:41:51.0141
00:41:51.0141 0x18cc SystemInfo:
00:41:51.0142 0x18cc
00:41:51.0142 0x18cc OS Version: 6.1.7600 ServicePack: 0.0
00:41:51.0142 0x18cc Product type: Workstation
00:41:51.0142 0x18cc ComputerName: FUJITSU-PC
00:41:51.0142 0x18cc UserName: Fujitsu
00:41:51.0142 0x18cc Windows directory: C:\Windows
00:41:51.0142 0x18cc System windows directory: C:\Windows
00:41:51.0142 0x18cc Running under WOW64
00:41:51.0142 0x18cc Processor architecture: Intel x64
00:41:51.0142 0x18cc Number of processors: 4
00:41:51.0142 0x18cc Page size: 0x1000
00:41:51.0142 0x18cc Boot type: Normal boot
00:41:51.0142 0x18cc ============================================================
00:41:51.0309 0x18cc KLMD registered as C:\Windows\system32\drivers\17180636.sys
00:41:51.0880 0x18cc System UUID: {C608264F-1D52-E7D2-338C-AF49D4999F8F}
00:41:52.0642 0x18cc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:41:52.0669 0x18cc ============================================================
00:41:52.0669 0x18cc \Device\Harddisk0\DR0:
00:41:52.0669 0x18cc MBR partitions:
00:41:52.0669 0x18cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
00:41:52.0669 0x18cc ============================================================
00:41:52.0726 0x18cc C: <-> \Device\Harddisk0\DR0\Partition1
00:41:52.0726 0x18cc ============================================================
00:41:52.0726 0x18cc Initialize success
00:41:52.0726 0x18cc ============================================================
00:41:55.0252 0x14d4 ============================================================
00:41:55.0252 0x14d4 Scan started
00:41:55.0252 0x14d4 Mode: Manual;
00:41:55.0253 0x14d4 ============================================================
00:41:55.0253 0x14d4 KSN ping started
00:42:08.0027 0x14d4 KSN ping finished: true
00:42:08.0407 0x14d4 ================ Scan system memory ========================
00:42:08.0407 0x14d4 System memory - ok
00:42:08.0408 0x14d4 ================ Scan services =============================
00:42:09.0099 0x14d4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:42:09.0133 0x14d4 1394ohci - ok
00:42:09.0312 0x14d4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] a6bb4a82 C:\Windows\system32\rundll32.exe
00:42:09.0355 0x14d4 a6bb4a82 - ok
00:42:09.0428 0x14d4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:42:09.0436 0x14d4 ACPI - ok
00:42:09.0478 0x14d4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:42:09.0489 0x14d4 AcpiPmi - ok
00:42:09.0610 0x14d4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:42:09.0612 0x14d4 AdobeARMservice - ok
00:42:09.0820 0x14d4 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:42:09.0845 0x14d4 AdobeFlashPlayerUpdateSvc - ok
00:42:09.0915 0x14d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:42:09.0929 0x14d4 adp94xx - ok
00:42:09.0998 0x14d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:42:10.0009 0x14d4 adpahci - ok
00:42:10.0032 0x14d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:42:10.0039 0x14d4 adpu320 - ok
00:42:10.0065 0x14d4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:42:10.0067 0x14d4 AeLookupSvc - ok
00:42:10.0112 0x14d4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
00:42:10.0128 0x14d4 AFD - ok
00:42:10.0162 0x14d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:42:10.0174 0x14d4 agp440 - ok
00:42:10.0193 0x14d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:42:10.0197 0x14d4 ALG - ok
00:42:10.0241 0x14d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:42:10.0242 0x14d4 aliide - ok
00:42:10.0247 0x14d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:42:10.0249 0x14d4 amdide - ok
00:42:10.0277 0x14d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:42:10.0279 0x14d4 AmdK8 - ok
00:42:10.0285 0x14d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:42:10.0287 0x14d4 AmdPPM - ok
00:42:10.0310 0x14d4 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
00:42:10.0315 0x14d4 amdsata - ok
00:42:10.0333 0x14d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:42:10.0338 0x14d4 amdsbs - ok
00:42:10.0360 0x14d4 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
00:42:10.0362 0x14d4 amdxata - ok
00:42:10.0389 0x14d4 ApfiltrService - ok
00:42:10.0416 0x14d4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
00:42:10.0419 0x14d4 AppID - ok
00:42:10.0448 0x14d4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:42:10.0449 0x14d4 AppIDSvc - ok
00:42:10.0470 0x14d4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
00:42:10.0473 0x14d4 Appinfo - ok
00:42:10.0505 0x14d4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
00:42:10.0511 0x14d4 AppMgmt - ok
00:42:10.0563 0x14d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:42:10.0566 0x14d4 arc - ok
00:42:10.0580 0x14d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:42:10.0584 0x14d4 arcsas - ok
00:42:10.0718 0x14d4 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:42:10.0721 0x14d4 aspnet_state - ok
00:42:10.0755 0x14d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:42:10.0757 0x14d4 AsyncMac - ok
00:42:10.0784 0x14d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:42:10.0785 0x14d4 atapi - ok
00:42:10.0844 0x14d4 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
00:42:10.0882 0x14d4 AthBTPort - ok
00:42:10.0916 0x14d4 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
00:42:10.0918 0x14d4 ATHDFU - ok
00:42:11.0010 0x14d4 [ FBBE79D7445AA4494E069A0B91F9417B, 5C5EB5C27324129702D040FE9C63D2D67853E12A6E19164A805A9EE0DC4C5463 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
00:42:11.0012 0x14d4 AtherosSvc - ok
00:42:11.0124 0x14d4 [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] athr C:\Windows\system32\DRIVERS\athrx.sys
00:42:11.0266 0x14d4 athr - ok
00:42:11.0315 0x14d4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:42:11.0348 0x14d4 AudioEndpointBuilder - ok
00:42:11.0380 0x14d4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:42:11.0398 0x14d4 AudioSrv - ok
00:42:11.0444 0x14d4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:42:11.0448 0x14d4 AxInstSV - ok
00:42:11.0512 0x14d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:42:11.0526 0x14d4 b06bdrv - ok
00:42:11.0566 0x14d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:42:11.0575 0x14d4 b57nd60a - ok
00:42:11.0634 0x14d4 [ 638AC077E7EF7D27D03062E486E8BF01, 613E1DB1BDF020B6AAA808CB3E2487E7505B8B954E69475026648C2D89751A70 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
00:42:11.0639 0x14d4 bcbtums - ok
00:42:11.0678 0x14d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:42:11.0682 0x14d4 BDESVC - ok
00:42:11.0760 0x14d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:42:11.0761 0x14d4 Beep - ok
00:42:11.0820 0x14d4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
00:42:11.0855 0x14d4 BFE - ok
00:42:11.0910 0x14d4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\system32\qmgr.dll
00:42:11.0945 0x14d4 BITS - ok
00:42:11.0970 0x14d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:42:11.0973 0x14d4 blbdrive - ok
00:42:12.0003 0x14d4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:42:12.0008 0x14d4 bowser - ok
00:42:12.0029 0x14d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:42:12.0031 0x14d4 BrFiltLo - ok
00:42:12.0052 0x14d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:42:12.0053 0x14d4 BrFiltUp - ok
00:42:12.0069 0x14d4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:42:12.0072 0x14d4 BridgeMP - ok
00:42:12.0093 0x14d4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
00:42:12.0098 0x14d4 Browser - ok
00:42:12.0120 0x14d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:42:12.0129 0x14d4 Brserid - ok
00:42:12.0135 0x14d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:42:12.0137 0x14d4 BrSerWdm - ok
00:42:12.0146 0x14d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:42:12.0147 0x14d4 BrUsbMdm - ok
00:42:12.0152 0x14d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:42:12.0154 0x14d4 BrUsbSer - ok
00:42:12.0218 0x14d4 [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
00:42:12.0226 0x14d4 BTATH_A2DP - ok
00:42:12.0286 0x14d4 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
00:42:12.0287 0x14d4 BTATH_BUS - ok
00:42:12.0309 0x14d4 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
00:42:12.0315 0x14d4 BTATH_HCRP - ok
00:42:12.0338 0x14d4 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
00:42:12.0340 0x14d4 BTATH_LWFLT - ok
00:42:12.0358 0x14d4 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
00:42:12.0365 0x14d4 BTATH_RCP - ok
00:42:12.0429 0x14d4 [ FF8B065F96E4D9525AA7227299FBD05C, 7F15424DCD3C2B907009883D1E80E0DF3E2F38A674C12BDBC748DB85D3DB74E6 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
00:42:12.0439 0x14d4 BtFilter - ok
00:42:12.0453 0x14d4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:42:12.0455 0x14d4 BthEnum - ok
00:42:12.0479 0x14d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:42:12.0483 0x14d4 BTHMODEM - ok
00:42:12.0509 0x14d4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:42:12.0513 0x14d4 BthPan - ok
00:42:12.0602 0x14d4 [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:42:12.0636 0x14d4 BTHPORT - ok
00:42:12.0697 0x14d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:42:12.0700 0x14d4 bthserv - ok
00:42:12.0759 0x14d4 [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:42:12.0762 0x14d4 BTHUSB - ok
00:42:12.0837 0x14d4 [ 0E78584D5FACA0509DFA97BD8B635075, 5362BF3A7237361C4ACA64946BBA61F7C79737FFC35CC8E042A45CB9BE15132F ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
00:42:12.0877 0x14d4 btwampfl - ok
00:42:12.0915 0x14d4 [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:42:12.0921 0x14d4 btwaudio - ok
00:42:12.0951 0x14d4 [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
00:42:12.0956 0x14d4 btwavdt - ok
00:42:13.0139 0x14d4 [ 5543DE88DD29EB538128003454BCB80A, 4FDABE4A4770A8D4AF2D6100A8A2709012AC41A6D3112C9D8B2C70A2EE7D67AD ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:42:13.0184 0x14d4 btwdins - ok
00:42:13.0217 0x14d4 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:42:13.0219 0x14d4 btwl2cap - ok
00:42:13.0241 0x14d4 [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:42:13.0243 0x14d4 btwrchid - ok
00:42:13.0402 0x14d4 catchme - ok
00:42:13.0443 0x14d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:42:13.0446 0x14d4 cdfs - ok
00:42:13.0487 0x14d4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:42:13.0492 0x14d4 cdrom - ok
00:42:13.0526 0x14d4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
00:42:13.0529 0x14d4 CertPropSvc - ok
00:42:13.0567 0x14d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:42:13.0569 0x14d4 circlass - ok
00:42:13.0595 0x14d4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:42:13.0607 0x14d4 CLFS - ok
00:42:13.0663 0x14d4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:13.0667 0x14d4 clr_optimization_v2.0.50727_32 - ok
00:42:13.0757 0x14d4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:42:13.0761 0x14d4 clr_optimization_v2.0.50727_64 - ok
00:42:13.0880 0x14d4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:13.0918 0x14d4 clr_optimization_v4.0.30319_32 - ok
00:42:13.0942 0x14d4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:42:13.0946 0x14d4 clr_optimization_v4.0.30319_64 - ok
00:42:13.0981 0x14d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:42:13.0983 0x14d4 CmBatt - ok
00:42:14.0000 0x14d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:42:14.0001 0x14d4 cmdide - ok
00:42:14.0026 0x14d4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
00:42:14.0049 0x14d4 CNG - ok
00:42:14.0077 0x14d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:42:14.0078 0x14d4 Compbatt - ok
00:42:14.0112 0x14d4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:42:14.0139 0x14d4 CompositeBus - ok
00:42:14.0160 0x14d4 COMSysApp - ok
00:42:14.0264 0x14d4 [ 42C38CD4A8146EB03855EF1371ACB3C0, A8FB80D2EA9A683FF97D0666CA06E9820E59A7C250C31F41AC97BEA8CAE37D03 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:42:14.0272 0x14d4 cphs - ok
00:42:14.0286 0x14d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:42:14.0287 0x14d4 crcdisk - ok
00:42:14.0324 0x14d4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:42:14.0329 0x14d4 CryptSvc - ok
00:42:14.0367 0x14d4 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
00:42:14.0390 0x14d4 CSC - ok
00:42:14.0427 0x14d4 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
00:42:14.0449 0x14d4 CscService - ok
00:42:14.0530 0x14d4 [ 3C6018A5BFDA89FB3BE0BBB2E0DD234A, 74F2C23B24348D80803F5D77D8C429DAF914B6CFC547DFF93E1C5A762F8469A8 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:42:14.0544 0x14d4 DcomLaunch - ok
00:42:14.0582 0x14d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:42:14.0591 0x14d4 defragsvc - ok
00:42:14.0667 0x14d4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:42:14.0670 0x14d4 DfsC - ok
00:42:14.0704 0x14d4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:42:14.0713 0x14d4 Dhcp - ok
00:42:14.0761 0x14d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:42:14.0763 0x14d4 discache - ok
00:42:14.0800 0x14d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:42:14.0803 0x14d4 Disk - ok
00:42:14.0848 0x14d4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:42:14.0853 0x14d4 Dnscache - ok
00:42:14.0876 0x14d4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
00:42:14.0884 0x14d4 dot3svc - ok
00:42:14.0894 0x14d4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
00:42:14.0901 0x14d4 DPS - ok
00:42:14.0939 0x14d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:42:14.0940 0x14d4 drmkaud - ok
00:42:15.0013 0x14d4 [ 2BF965A3B9A525587589EBB270B68263, 02863EFD20C097B198432A096864FFFF382B87603F4899ADDE091C5E08C5ED2C ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
00:42:15.0019 0x14d4 DTSAudioSvc - ok
00:42:15.0067 0x14d4 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:42:15.0100 0x14d4 DXGKrnl - ok
00:42:15.0169 0x14d4 [ 398904F1FBF13CEF0FCB822E9CA5F2D5, 7CC204FCC111C2098ECDBD0AA4EDA382091665ECAB1B50AD48E0A1766F589D82 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
00:42:15.0199 0x14d4 eamonm - ok
00:42:15.0258 0x14d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:42:15.0262 0x14d4 EapHost - ok
00:42:15.0387 0x14d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:42:15.0502 0x14d4 ebdrv - ok
00:42:15.0534 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
00:42:15.0536 0x14d4 EFS - ok
00:42:15.0612 0x14d4 [ 9E39134330C18CBAC0F24C1283701D7E, 6F6B2AB6CD1932216BA516F4DE8316BE9625CFAF602522A99F77351A538E5799 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
00:42:15.0616 0x14d4 ehdrv - ok
00:42:15.0687 0x14d4 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:42:15.0788 0x14d4 ehRecvr - ok
00:42:15.0812 0x14d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:42:15.0816 0x14d4 ehSched - ok
00:42:15.0978 0x14d4 [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
00:42:16.0035 0x14d4 ekrn - ok
00:42:16.0108 0x14d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:42:16.0127 0x14d4 elxstor - ok
00:42:16.0191 0x14d4 [ 392EC4EA0C265F5BC50D057BEAA593CD, 389B99607D4F50508BD96FADD0280AFB91C28D2F13C07668B78DBF780AC4127C ] epfw C:\Windows\system32\DRIVERS\epfw.sys
00:42:16.0198 0x14d4 epfw - ok
00:42:16.0211 0x14d4 [ 0C9EC63C5BAE9506161F14B8A5C10280, D767963D67D0B55CA6BF3F2011D70622C53C46B7AB174E976E3441B62D19C467 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
00:42:16.0213 0x14d4 EpfwLWF - ok
00:42:16.0245 0x14d4 [ AD03E0C95E750F3FBE84EDA87B2C4E08, E76094B88030037903F2A2E21A55CAADB3828693E1EE2D8219DD440A2CAE14D0 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
00:42:16.0247 0x14d4 epfwwfp - ok
00:42:16.0262 0x14d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:42:16.0263 0x14d4 ErrDev - ok
00:42:16.0312 0x14d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:42:16.0336 0x14d4 EventSystem - ok
00:42:16.0481 0x14d4 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:42:16.0524 0x14d4 EvtEng - ok
00:42:16.0555 0x14d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:42:16.0562 0x14d4 exfat - ok
00:42:16.0580 0x14d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:42:16.0586 0x14d4 fastfat - ok
00:42:16.0647 0x14d4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
00:42:16.0682 0x14d4 Fax - ok
00:42:16.0778 0x14d4 [ 9955BF48FD2FA8D481848CD3024EDD0B, 327E290141625C3E810D741CA106651C5A8EEF5DFA6477ACC5843D9D80DFC6FA ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
00:42:16.0780 0x14d4 FBIOSDRV - ok
00:42:16.0801 0x14d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:42:16.0803 0x14d4 fdc - ok
00:42:16.0837 0x14d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:42:16.0839 0x14d4 fdPHost - ok
00:42:16.0859 0x14d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:42:16.0861 0x14d4 FDResPub - ok
00:42:16.0877 0x14d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:42:16.0879 0x14d4 FileInfo - ok
00:42:16.0889 0x14d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:42:16.0892 0x14d4 Filetrace - ok
00:42:16.0914 0x14d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:42:16.0915 0x14d4 flpydisk - ok
00:42:16.0948 0x14d4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:42:16.0957 0x14d4 FltMgr - ok
00:42:17.0020 0x14d4 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll

 

[Hoori]

No threats found, no reboot required, here's the content: (I haven't run the ESET scan yet).
More than 50000 characters so I split the content.
Part 1:
00:41:45.0478 0x18cc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
00:41:51.0141 0x18cc ============================================================
00:41:51.0141 0x18cc Current date / time: 2014/01/03 00:41:51.0141
00:41:51.0141 0x18cc SystemInfo:
00:41:51.0142 0x18cc
00:41:51.0142 0x18cc OS Version: 6.1.7600 ServicePack: 0.0
00:41:51.0142 0x18cc Product type: Workstation
00:41:51.0142 0x18cc ComputerName: FUJITSU-PC
00:41:51.0142 0x18cc UserName: Fujitsu
00:41:51.0142 0x18cc Windows directory: C:\Windows
00:41:51.0142 0x18cc System windows directory: C:\Windows
00:41:51.0142 0x18cc Running under WOW64
00:41:51.0142 0x18cc Processor architecture: Intel x64
00:41:51.0142 0x18cc Number of processors: 4
00:41:51.0142 0x18cc Page size: 0x1000
00:41:51.0142 0x18cc Boot type: Normal boot
00:41:51.0142 0x18cc ============================================================
00:41:51.0309 0x18cc KLMD registered as C:\Windows\system32\drivers\17180636.sys
00:41:51.0880 0x18cc System UUID: {C608264F-1D52-E7D2-338C-AF49D4999F8F}
00:41:52.0642 0x18cc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:41:52.0669 0x18cc ============================================================
00:41:52.0669 0x18cc \Device\Harddisk0\DR0:
00:41:52.0669 0x18cc MBR partitions:
00:41:52.0669 0x18cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
00:41:52.0669 0x18cc ============================================================
00:41:52.0726 0x18cc C: <-> \Device\Harddisk0\DR0\Partition1
00:41:52.0726 0x18cc ============================================================
00:41:52.0726 0x18cc Initialize success
00:41:52.0726 0x18cc ============================================================
00:41:55.0252 0x14d4 ============================================================
00:41:55.0252 0x14d4 Scan started
00:41:55.0252 0x14d4 Mode: Manual;
00:41:55.0253 0x14d4 ============================================================
00:41:55.0253 0x14d4 KSN ping started
00:42:08.0027 0x14d4 KSN ping finished: true
00:42:08.0407 0x14d4 ================ Scan system memory ========================
00:42:08.0407 0x14d4 System memory - ok
00:42:08.0408 0x14d4 ================ Scan services =============================
00:42:09.0099 0x14d4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:42:09.0133 0x14d4 1394ohci - ok
00:42:09.0312 0x14d4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] a6bb4a82 C:\Windows\system32\rundll32.exe
00:42:09.0355 0x14d4 a6bb4a82 - ok
00:42:09.0428 0x14d4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:42:09.0436 0x14d4 ACPI - ok
00:42:09.0478 0x14d4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:42:09.0489 0x14d4 AcpiPmi - ok
00:42:09.0610 0x14d4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:42:09.0612 0x14d4 AdobeARMservice - ok
00:42:09.0820 0x14d4 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:42:09.0845 0x14d4 AdobeFlashPlayerUpdateSvc - ok
00:42:09.0915 0x14d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:42:09.0929 0x14d4 adp94xx - ok
00:42:09.0998 0x14d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:42:10.0009 0x14d4 adpahci - ok
00:42:10.0032 0x14d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:42:10.0039 0x14d4 adpu320 - ok
00:42:10.0065 0x14d4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:42:10.0067 0x14d4 AeLookupSvc - ok
00:42:10.0112 0x14d4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
00:42:10.0128 0x14d4 AFD - ok
00:42:10.0162 0x14d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:42:10.0174 0x14d4 agp440 - ok
00:42:10.0193 0x14d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:42:10.0197 0x14d4 ALG - ok
00:42:10.0241 0x14d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:42:10.0242 0x14d4 aliide - ok
00:42:10.0247 0x14d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:42:10.0249 0x14d4 amdide - ok
00:42:10.0277 0x14d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:42:10.0279 0x14d4 AmdK8 - ok
00:42:10.0285 0x14d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:42:10.0287 0x14d4 AmdPPM - ok
00:42:10.0310 0x14d4 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
00:42:10.0315 0x14d4 amdsata - ok
00:42:10.0333 0x14d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:42:10.0338 0x14d4 amdsbs - ok
00:42:10.0360 0x14d4 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
00:42:10.0362 0x14d4 amdxata - ok
00:42:10.0389 0x14d4 ApfiltrService - ok
00:42:10.0416 0x14d4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
00:42:10.0419 0x14d4 AppID - ok
00:42:10.0448 0x14d4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:42:10.0449 0x14d4 AppIDSvc - ok
00:42:10.0470 0x14d4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
00:42:10.0473 0x14d4 Appinfo - ok
00:42:10.0505 0x14d4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
00:42:10.0511 0x14d4 AppMgmt - ok
00:42:10.0563 0x14d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:42:10.0566 0x14d4 arc - ok
00:42:10.0580 0x14d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:42:10.0584 0x14d4 arcsas - ok
00:42:10.0718 0x14d4 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:42:10.0721 0x14d4 aspnet_state - ok
00:42:10.0755 0x14d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:42:10.0757 0x14d4 AsyncMac - ok
00:42:10.0784 0x14d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:42:10.0785 0x14d4 atapi - ok
00:42:10.0844 0x14d4 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
00:42:10.0882 0x14d4 AthBTPort - ok
00:42:10.0916 0x14d4 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
00:42:10.0918 0x14d4 ATHDFU - ok
00:42:11.0010 0x14d4 [ FBBE79D7445AA4494E069A0B91F9417B, 5C5EB5C27324129702D040FE9C63D2D67853E12A6E19164A805A9EE0DC4C5463 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
00:42:11.0012 0x14d4 AtherosSvc - ok
00:42:11.0124 0x14d4 [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] athr C:\Windows\system32\DRIVERS\athrx.sys
00:42:11.0266 0x14d4 athr - ok
00:42:11.0315 0x14d4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:42:11.0348 0x14d4 AudioEndpointBuilder - ok
00:42:11.0380 0x14d4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:42:11.0398 0x14d4 AudioSrv - ok
00:42:11.0444 0x14d4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:42:11.0448 0x14d4 AxInstSV - ok
00:42:11.0512 0x14d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:42:11.0526 0x14d4 b06bdrv - ok
00:42:11.0566 0x14d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:42:11.0575 0x14d4 b57nd60a - ok
00:42:11.0634 0x14d4 [ 638AC077E7EF7D27D03062E486E8BF01, 613E1DB1BDF020B6AAA808CB3E2487E7505B8B954E69475026648C2D89751A70 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
00:42:11.0639 0x14d4 bcbtums - ok
00:42:11.0678 0x14d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:42:11.0682 0x14d4 BDESVC - ok
00:42:11.0760 0x14d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:42:11.0761 0x14d4 Beep - ok
00:42:11.0820 0x14d4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
00:42:11.0855 0x14d4 BFE - ok
00:42:11.0910 0x14d4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\system32\qmgr.dll
00:42:11.0945 0x14d4 BITS - ok
00:42:11.0970 0x14d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:42:11.0973 0x14d4 blbdrive - ok
00:42:12.0003 0x14d4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:42:12.0008 0x14d4 bowser - ok
00:42:12.0029 0x14d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:42:12.0031 0x14d4 BrFiltLo - ok
00:42:12.0052 0x14d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:42:12.0053 0x14d4 BrFiltUp - ok
00:42:12.0069 0x14d4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:42:12.0072 0x14d4 BridgeMP - ok
00:42:12.0093 0x14d4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
00:42:12.0098 0x14d4 Browser - ok
00:42:12.0120 0x14d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:42:12.0129 0x14d4 Brserid - ok
00:42:12.0135 0x14d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:42:12.0137 0x14d4 BrSerWdm - ok
00:42:12.0146 0x14d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:42:12.0147 0x14d4 BrUsbMdm - ok
00:42:12.0152 0x14d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:42:12.0154 0x14d4 BrUsbSer - ok
00:42:12.0218 0x14d4 [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
00:42:12.0226 0x14d4 BTATH_A2DP - ok
00:42:12.0286 0x14d4 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
00:42:12.0287 0x14d4 BTATH_BUS - ok
00:42:12.0309 0x14d4 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
00:42:12.0315 0x14d4 BTATH_HCRP - ok
00:42:12.0338 0x14d4 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
00:42:12.0340 0x14d4 BTATH_LWFLT - ok
00:42:12.0358 0x14d4 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
00:42:12.0365 0x14d4 BTATH_RCP - ok
00:42:12.0429 0x14d4 [ FF8B065F96E4D9525AA7227299FBD05C, 7F15424DCD3C2B907009883D1E80E0DF3E2F38A674C12BDBC748DB85D3DB74E6 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
00:42:12.0439 0x14d4 BtFilter - ok
00:42:12.0453 0x14d4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:42:12.0455 0x14d4 BthEnum - ok
00:42:12.0479 0x14d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:42:12.0483 0x14d4 BTHMODEM - ok
00:42:12.0509 0x14d4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:42:12.0513 0x14d4 BthPan - ok
00:42:12.0602 0x14d4 [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:42:12.0636 0x14d4 BTHPORT - ok
00:42:12.0697 0x14d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:42:12.0700 0x14d4 bthserv - ok
00:42:12.0759 0x14d4 [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:42:12.0762 0x14d4 BTHUSB - ok
00:42:12.0837 0x14d4 [ 0E78584D5FACA0509DFA97BD8B635075, 5362BF3A7237361C4ACA64946BBA61F7C79737FFC35CC8E042A45CB9BE15132F ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
00:42:12.0877 0x14d4 btwampfl - ok
00:42:12.0915 0x14d4 [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:42:12.0921 0x14d4 btwaudio - ok
00:42:12.0951 0x14d4 [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
00:42:12.0956 0x14d4 btwavdt - ok
00:42:13.0139 0x14d4 [ 5543DE88DD29EB538128003454BCB80A, 4FDABE4A4770A8D4AF2D6100A8A2709012AC41A6D3112C9D8B2C70A2EE7D67AD ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:42:13.0184 0x14d4 btwdins - ok
00:42:13.0217 0x14d4 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:42:13.0219 0x14d4 btwl2cap - ok
00:42:13.0241 0x14d4 [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:42:13.0243 0x14d4 btwrchid - ok
00:42:13.0402 0x14d4 catchme - ok
00:42:13.0443 0x14d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:42:13.0446 0x14d4 cdfs - ok
00:42:13.0487 0x14d4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:42:13.0492 0x14d4 cdrom - ok
00:42:13.0526 0x14d4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
00:42:13.0529 0x14d4 CertPropSvc - ok
00:42:13.0567 0x14d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:42:13.0569 0x14d4 circlass - ok
00:42:13.0595 0x14d4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:42:13.0607 0x14d4 CLFS - ok
00:42:13.0663 0x14d4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:13.0667 0x14d4 clr_optimization_v2.0.50727_32 - ok
00:42:13.0757 0x14d4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:42:13.0761 0x14d4 clr_optimization_v2.0.50727_64 - ok
00:42:13.0880 0x14d4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:13.0918 0x14d4 clr_optimization_v4.0.30319_32 - ok
00:42:13.0942 0x14d4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:42:13.0946 0x14d4 clr_optimization_v4.0.30319_64 - ok
00:42:13.0981 0x14d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:42:13.0983 0x14d4 CmBatt - ok
00:42:14.0000 0x14d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:42:14.0001 0x14d4 cmdide - ok
00:42:14.0026 0x14d4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
00:42:14.0049 0x14d4 CNG - ok
00:42:14.0077 0x14d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:42:14.0078 0x14d4 Compbatt - ok
00:42:14.0112 0x14d4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:42:14.0139 0x14d4 CompositeBus - ok
00:42:14.0160 0x14d4 COMSysApp - ok
00:42:14.0264 0x14d4 [ 42C38CD4A8146EB03855EF1371ACB3C0, A8FB80D2EA9A683FF97D0666CA06E9820E59A7C250C31F41AC97BEA8CAE37D03 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:42:14.0272 0x14d4 cphs - ok
00:42:14.0286 0x14d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:42:14.0287 0x14d4 crcdisk - ok
00:42:14.0324 0x14d4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:42:14.0329 0x14d4 CryptSvc - ok
00:42:14.0367 0x14d4 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
00:42:14.0390 0x14d4 CSC - ok
00:42:14.0427 0x14d4 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
00:42:14.0449 0x14d4 CscService - ok
00:42:14.0530 0x14d4 [ 3C6018A5BFDA89FB3BE0BBB2E0DD234A, 74F2C23B24348D80803F5D77D8C429DAF914B6CFC547DFF93E1C5A762F8469A8 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:42:14.0544 0x14d4 DcomLaunch - ok
00:42:14.0582 0x14d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:42:14.0591 0x14d4 defragsvc - ok
00:42:14.0667 0x14d4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:42:14.0670 0x14d4 DfsC - ok
00:42:14.0704 0x14d4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:42:14.0713 0x14d4 Dhcp - ok
00:42:14.0761 0x14d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:42:14.0763 0x14d4 discache - ok
00:42:14.0800 0x14d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:42:14.0803 0x14d4 Disk - ok
00:42:14.0848 0x14d4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:42:14.0853 0x14d4 Dnscache - ok
00:42:14.0876 0x14d4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
00:42:14.0884 0x14d4 dot3svc - ok
00:42:14.0894 0x14d4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
00:42:14.0901 0x14d4 DPS - ok
00:42:14.0939 0x14d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:42:14.0940 0x14d4 drmkaud - ok
00:42:15.0013 0x14d4 [ 2BF965A3B9A525587589EBB270B68263, 02863EFD20C097B198432A096864FFFF382B87603F4899ADDE091C5E08C5ED2C ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
00:42:15.0019 0x14d4 DTSAudioSvc - ok
00:42:15.0067 0x14d4 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:42:15.0100 0x14d4 DXGKrnl - ok
00:42:15.0169 0x14d4 [ 398904F1FBF13CEF0FCB822E9CA5F2D5, 7CC204FCC111C2098ECDBD0AA4EDA382091665ECAB1B50AD48E0A1766F589D82 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
00:42:15.0199 0x14d4 eamonm - ok
00:42:15.0258 0x14d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:42:15.0262 0x14d4 EapHost - ok
00:42:15.0387 0x14d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:42:15.0502 0x14d4 ebdrv - ok
00:42:15.0534 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
00:42:15.0536 0x14d4 EFS - ok
00:42:15.0612 0x14d4 [ 9E39134330C18CBAC0F24C1283701D7E, 6F6B2AB6CD1932216BA516F4DE8316BE9625CFAF602522A99F77351A538E5799 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
00:42:15.0616 0x14d4 ehdrv - ok
00:42:15.0687 0x14d4 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:42:15.0788 0x14d4 ehRecvr - ok
00:42:15.0812 0x14d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:42:15.0816 0x14d4 ehSched - ok
00:42:15.0978 0x14d4 [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
00:42:16.0035 0x14d4 ekrn - ok
00:42:16.0108 0x14d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:42:16.0127 0x14d4 elxstor - ok
00:42:16.0191 0x14d4 [ 392EC4EA0C265F5BC50D057BEAA593CD, 389B99607D4F50508BD96FADD0280AFB91C28D2F13C07668B78DBF780AC4127C ] epfw C:\Windows\system32\DRIVERS\epfw.sys
00:42:16.0198 0x14d4 epfw - ok
00:42:16.0211 0x14d4 [ 0C9EC63C5BAE9506161F14B8A5C10280, D767963D67D0B55CA6BF3F2011D70622C53C46B7AB174E976E3441B62D19C467 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
00:42:16.0213 0x14d4 EpfwLWF - ok
00:42:16.0245 0x14d4 [ AD03E0C95E750F3FBE84EDA87B2C4E08, E76094B88030037903F2A2E21A55CAADB3828693E1EE2D8219DD440A2CAE14D0 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
00:42:16.0247 0x14d4 epfwwfp - ok
00:42:16.0262 0x14d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:42:16.0263 0x14d4 ErrDev - ok
00:42:16.0312 0x14d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:42:16.0336 0x14d4 EventSystem - ok
00:42:16.0481 0x14d4 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:42:16.0524 0x14d4 EvtEng - ok
00:42:16.0555 0x14d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:42:16.0562 0x14d4 exfat - ok
00:42:16.0580 0x14d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:42:16.0586 0x14d4 fastfat - ok
00:42:16.0647 0x14d4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
00:42:16.0682 0x14d4 Fax - ok
00:42:16.0778 0x14d4 [ 9955BF48FD2FA8D481848CD3024EDD0B, 327E290141625C3E810D741CA106651C5A8EEF5DFA6477ACC5843D9D80DFC6FA ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
00:42:16.0780 0x14d4 FBIOSDRV - ok
00:42:16.0801 0x14d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:42:16.0803 0x14d4 fdc - ok
00:42:16.0837 0x14d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:42:16.0839 0x14d4 fdPHost - ok
00:42:16.0859 0x14d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:42:16.0861 0x14d4 FDResPub - ok
00:42:16.0877 0x14d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:42:16.0879 0x14d4 FileInfo - ok
00:42:16.0889 0x14d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:42:16.0892 0x14d4 Filetrace - ok
00:42:16.0914 0x14d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:42:16.0915 0x14d4 flpydisk - ok
00:42:16.0948 0x14d4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:42:16.0957 0x14d4 FltMgr - ok
00:42:17.0020 0x14d4 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll

 

[Hoori]

Part 2:

00:42:17.0062 0x14d4 FontCache - ok

00:42:17.0116 0x14d4 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

00:42:17.0119 0x14d4 FontCache3.0.0.0 - ok

00:42:17.0136 0x14d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

00:42:17.0163 0x14d4 FsDepends - ok

00:42:17.0192 0x14d4 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

00:42:17.0193 0x14d4 Fs_Rec - ok

00:42:17.0220 0x14d4 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3, 28D37F07A58D5AFA48A18BB4A780A36A3F8D49E94DE8CA5071071CCF16C0C090 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys

00:42:17.0222 0x14d4 FUJ02B1 - ok

00:42:17.0236 0x14d4 [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3 C:\Windows\system32\DRIVERS\FUJ02E3.sys

00:42:17.0238 0x14d4 FUJ02E3 - ok

00:42:17.0326 0x14d4 [ C22CBEFB9CEDAD798F8EFB60D8E7D330, A353F56B8FCD83200A772FD9B33B3CA523AA7BC560AD2FB100EEA9838CC9E0F8 ] FUJ02E3Service C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

00:42:17.0328 0x14d4 FUJ02E3Service - ok

00:42:17.0365 0x14d4 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

00:42:17.0371 0x14d4 fvevol - ok

00:42:17.0406 0x14d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

00:42:17.0409 0x14d4 gagp30kx - ok

00:42:17.0457 0x14d4 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll

00:42:17.0488 0x14d4 gpsvc - ok

00:42:17.0599 0x14d4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

00:42:17.0604 0x14d4 gupdate - ok

00:42:17.0643 0x14d4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

00:42:17.0645 0x14d4 gupdatem - ok

00:42:17.0661 0x14d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

00:42:17.0663 0x14d4 hcw85cir - ok

00:42:17.0699 0x14d4 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

00:42:17.0709 0x14d4 HdAudAddService - ok

00:42:17.0791 0x14d4 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

00:42:17.0795 0x14d4 HDAudBus - ok

00:42:17.0808 0x14d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

00:42:17.0809 0x14d4 HidBatt - ok

00:42:17.0816 0x14d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

00:42:17.0819 0x14d4 HidBth - ok

00:42:17.0833 0x14d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

00:42:17.0835 0x14d4 HidIr - ok

00:42:17.0866 0x14d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll

00:42:17.0868 0x14d4 hidserv - ok

00:42:17.0906 0x14d4 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

00:42:17.0908 0x14d4 HidUsb - ok

00:42:17.0946 0x14d4 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll

00:42:17.0949 0x14d4 hkmsvc - ok

00:42:17.0969 0x14d4 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll

00:42:17.0976 0x14d4 HomeGroupListener - ok

00:42:18.0006 0x14d4 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

00:42:18.0012 0x14d4 HomeGroupProvider - ok

00:42:18.0034 0x14d4 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys

00:42:18.0036 0x14d4 HpSAMD - ok

00:42:18.0087 0x14d4 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys

00:42:18.0123 0x14d4 HTTP - ok

00:42:18.0145 0x14d4 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

00:42:18.0147 0x14d4 hwpolicy - ok

00:42:18.0181 0x14d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

00:42:18.0184 0x14d4 i8042prt - ok

00:42:18.0254 0x14d4 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

00:42:18.0268 0x14d4 iaStor - ok

00:42:18.0322 0x14d4 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys

00:42:18.0358 0x14d4 iaStorV - ok

00:42:18.0427 0x14d4 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

00:42:18.0469 0x14d4 idsvc - ok

00:42:19.0034 0x14d4 [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

00:42:19.0557 0x14d4 igfx - ok

00:42:19.0593 0x14d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

00:42:19.0596 0x14d4 iirsp - ok

00:42:19.0649 0x14d4 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll

00:42:19.0681 0x14d4 IKEEXT - ok

00:42:19.0939 0x14d4 [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

00:42:20.0156 0x14d4 IntcAzAudAddService - ok

00:42:20.0228 0x14d4 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

00:42:20.0239 0x14d4 IntcDAud - ok

00:42:20.0334 0x14d4 [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

00:42:20.0370 0x14d4 Intel(R) Capability Licensing Service Interface - ok

00:42:20.0407 0x14d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys

00:42:20.0426 0x14d4 intelide - ok

00:42:20.0464 0x14d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

00:42:20.0471 0x14d4 intelppm - ok

00:42:20.0522 0x14d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

00:42:20.0526 0x14d4 IPBusEnum - ok

00:42:20.0568 0x14d4 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

00:42:20.0572 0x14d4 IpFilterDriver - ok

00:42:20.0623 0x14d4 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

00:42:20.0653 0x14d4 iphlpsvc - ok

00:42:20.0660 0x14d4 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys

00:42:20.0663 0x14d4 IPMIDRV - ok

00:42:20.0671 0x14d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

00:42:20.0676 0x14d4 IPNAT - ok

00:42:20.0723 0x14d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

00:42:20.0724 0x14d4 IRENUM - ok

00:42:20.0737 0x14d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys

00:42:20.0739 0x14d4 isapnp - ok

00:42:20.0766 0x14d4 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

00:42:20.0774 0x14d4 iScsiPrt - ok

00:42:20.0838 0x14d4 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys

00:42:20.0839 0x14d4 iusb3hcs - ok

00:42:20.0858 0x14d4 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys

00:42:20.0868 0x14d4 iusb3hub - ok

00:42:20.0909 0x14d4 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys

00:42:20.0943 0x14d4 iusb3xhc - ok

00:42:20.0967 0x14d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

00:42:20.0970 0x14d4 kbdclass - ok

00:42:21.0003 0x14d4 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

00:42:21.0006 0x14d4 kbdhid - ok

00:42:21.0023 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe

00:42:21.0025 0x14d4 KeyIso - ok

00:42:21.0046 0x14d4 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

00:42:21.0050 0x14d4 KSecDD - ok

00:42:21.0071 0x14d4 [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

00:42:21.0076 0x14d4 KSecPkg - ok

00:42:21.0094 0x14d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

00:42:21.0096 0x14d4 ksthunk - ok

00:42:21.0129 0x14d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

00:42:21.0151 0x14d4 KtmRm - ok

00:42:21.0194 0x14d4 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\System32\srvsvc.dll

00:42:21.0201 0x14d4 LanmanServer - ok

00:42:21.0225 0x14d4 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

00:42:21.0230 0x14d4 LanmanWorkstation - ok

00:42:21.0302 0x14d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

00:42:21.0305 0x14d4 lltdio - ok

00:42:21.0337 0x14d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

00:42:21.0347 0x14d4 lltdsvc - ok

00:42:21.0372 0x14d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

00:42:21.0374 0x14d4 lmhosts - ok

00:42:21.0454 0x14d4 [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

00:42:21.0460 0x14d4 LMS - ok

00:42:21.0497 0x14d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

00:42:21.0501 0x14d4 LSI_FC - ok

00:42:21.0533 0x14d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

00:42:21.0538 0x14d4 LSI_SAS - ok

00:42:21.0555 0x14d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

00:42:21.0558 0x14d4 LSI_SAS2 - ok

00:42:21.0572 0x14d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

00:42:21.0576 0x14d4 LSI_SCSI - ok

00:42:21.0610 0x14d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

00:42:21.0614 0x14d4 luafv - ok

00:42:21.0680 0x14d4 [ 90AA9E273410AD7A41D2D06E0FB46022, DE8D57149D503F9D5B3B6D4133482C9A19F8BB1FF0FCCADBB0F5B4E64121F92C ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys

00:42:21.0683 0x14d4 mbamchameleon - ok

00:42:21.0759 0x14d4 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

00:42:21.0761 0x14d4 MBAMProtector - ok

00:42:21.0834 0x14d4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

00:42:21.0845 0x14d4 MBAMScheduler - ok

00:42:21.0934 0x14d4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

00:42:21.0968 0x14d4 MBAMService - ok

00:42:21.0990 0x14d4 MBAMSwissArmy - ok

00:42:22.0021 0x14d4 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

00:42:22.0025 0x14d4 Mcx2Svc - ok

00:42:22.0049 0x14d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

00:42:22.0051 0x14d4 megasas - ok

00:42:22.0068 0x14d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

00:42:22.0077 0x14d4 MegaSR - ok

00:42:22.0142 0x14d4 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

00:42:22.0145 0x14d4 MEIx64 - ok

00:42:22.0232 0x14d4 Microsoft SharePoint Workspace Audit Service - ok

00:42:22.0279 0x14d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

00:42:22.0283 0x14d4 MMCSS - ok

00:42:22.0307 0x14d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

00:42:22.0309 0x14d4 Modem - ok

00:42:22.0335 0x14d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

00:42:22.0337 0x14d4 monitor - ok

00:42:22.0364 0x14d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

00:42:22.0366 0x14d4 mouclass - ok

00:42:22.0383 0x14d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

00:42:22.0385 0x14d4 mouhid - ok

00:42:22.0420 0x14d4 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

00:42:22.0424 0x14d4 mountmgr - ok

00:42:22.0497 0x14d4 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

00:42:22.0503 0x14d4 MozillaMaintenance - ok

00:42:22.0546 0x14d4 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys

00:42:22.0551 0x14d4 mpio - ok

00:42:22.0603 0x14d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

00:42:22.0606 0x14d4 mpsdrv - ok

00:42:22.0662 0x14d4 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll

00:42:22.0717 0x14d4 MpsSvc - ok

00:42:22.0785 0x14d4 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

00:42:22.0790 0x14d4 MRxDAV - ok

00:42:22.0822 0x14d4 [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

00:42:22.0827 0x14d4 mrxsmb - ok

00:42:22.0851 0x14d4 [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

00:42:22.0859 0x14d4 mrxsmb10 - ok

00:42:22.0877 0x14d4 [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

00:42:22.0882 0x14d4 mrxsmb20 - ok

00:42:22.0893 0x14d4 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys

00:42:22.0896 0x14d4 msahci - ok

00:42:22.0910 0x14d4 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys

00:42:22.0915 0x14d4 msdsm - ok

00:42:22.0936 0x14d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

00:42:22.0943 0x14d4 MSDTC - ok

00:42:22.0989 0x14d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

00:42:22.0990 0x14d4 Msfs - ok

00:42:23.0006 0x14d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

00:42:23.0007 0x14d4 mshidkmdf - ok

00:42:23.0022 0x14d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys

00:42:23.0024 0x14d4 msisadrv - ok

00:42:23.0065 0x14d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

00:42:23.0071 0x14d4 MSiSCSI - ok

00:42:23.0075 0x14d4 msiserver - ok

00:42:23.0117 0x14d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

00:42:23.0118 0x14d4 MSKSSRV - ok

00:42:23.0145 0x14d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

00:42:23.0146 0x14d4 MSPCLOCK - ok

00:42:23.0157 0x14d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

00:42:23.0158 0x14d4 MSPQM - ok

00:42:23.0187 0x14d4 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

00:42:23.0198 0x14d4 MsRPC - ok

00:42:23.0220 0x14d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

00:42:23.0221 0x14d4 mssmbios - ok

00:42:23.0234 0x14d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

00:42:23.0236 0x14d4 MSTEE - ok

00:42:23.0248 0x14d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

00:42:23.0250 0x14d4 MTConfig - ok

00:42:23.0278 0x14d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

00:42:23.0281 0x14d4 Mup - ok

00:42:23.0342 0x14d4 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

00:42:23.0349 0x14d4 MyWiFiDHCPDNS - ok

00:42:23.0387 0x14d4 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll

00:42:23.0407 0x14d4 napagent - ok

00:42:23.0456 0x14d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

00:42:23.0465 0x14d4 NativeWifiP - ok

00:42:23.0533 0x14d4 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys

00:42:23.0578 0x14d4 NDIS - ok

00:42:23.0599 0x14d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

00:42:23.0600 0x14d4 NdisCap - ok

00:42:23.0623 0x14d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

00:42:23.0624 0x14d4 NdisTapi - ok

00:42:23.0645 0x14d4 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

00:42:23.0648 0x14d4 Ndisuio - ok

00:42:23.0676 0x14d4 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

00:42:23.0681 0x14d4 NdisWan - ok

00:42:23.0756 0x14d4 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

00:42:23.0759 0x14d4 NDProxy - ok

00:42:23.0783 0x14d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

00:42:23.0786 0x14d4 NetBIOS - ok

00:42:23.0806 0x14d4 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

00:42:23.0814 0x14d4 NetBT - ok

00:42:23.0834 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe

00:42:23.0836 0x14d4 Netlogon - ok

00:42:23.0883 0x14d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

00:42:23.0896 0x14d4 Netman - ok

00:42:23.0975 0x14d4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

00:42:23.0998 0x14d4 NetMsmqActivator - ok

00:42:24.0005 0x14d4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

00:42:24.0010 0x14d4 NetPipeActivator - ok

00:42:24.0054 0x14d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

00:42:24.0069 0x14d4 netprofm - ok

00:42:24.0077 0x14d4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

 

[Hoori]

Part 3:

00:42:24.0081 0x14d4 NetTcpActivator - ok

00:42:24.0087 0x14d4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

00:42:24.0092 0x14d4 NetTcpPortSharing - ok

00:42:24.0522 0x14d4 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB, 74E975F3BF39B360C466A0CEEEF545D1B814EE1AEFF6B2FCDD81A33FA276FBF3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys

00:42:24.0919 0x14d4 NETwNs64 - ok

00:42:24.0995 0x14d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

00:42:24.0998 0x14d4 nfrd960 - ok

00:42:25.0033 0x14d4 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll

00:42:25.0044 0x14d4 NlaSvc - ok

00:42:25.0054 0x14d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

00:42:25.0056 0x14d4 Npfs - ok

00:42:25.0067 0x14d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

00:42:25.0071 0x14d4 nsi - ok

00:42:25.0087 0x14d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

00:42:25.0089 0x14d4 nsiproxy - ok

00:42:25.0157 0x14d4 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

00:42:25.0212 0x14d4 Ntfs - ok

00:42:25.0223 0x14d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

00:42:25.0225 0x14d4 Null - ok

00:42:25.0777 0x14d4 [ A9E432EFDC609335840A9EC78B103958, 7D45F982BB2C0E3A36C061519C457E2890B515A99E08CF568DE8206A1C9AB7B3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

00:42:26.0244 0x14d4 nvlddmkm - ok

00:42:26.0285 0x14d4 [ 49A6B34E79449806AB34716E6A79B329, 65409B9445527E00AFF8E1EACF5BBB2B5BE31606A0AAB60312AF90553192416D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

00:42:26.0287 0x14d4 nvpciflt - ok

00:42:26.0324 0x14d4 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys

00:42:26.0329 0x14d4 nvraid - ok

00:42:26.0340 0x14d4 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys

00:42:26.0345 0x14d4 nvstor - ok

00:42:26.0426 0x14d4 [ CD5ED8876C53B4B255D18927BBF95D07, AF1467D9B8887C171099155B9090724D61FC260341A6D694F33EB88541C8DEEB ] nvsvc C:\Windows\system32\nvvsvc.exe

00:42:26.0460 0x14d4 nvsvc - ok

00:42:26.0599 0x14d4 [ 249810BF24866B52ED283773B97344A9, 59FB5E8F90154A7D70DACAE55758D28E796DBA161CBBC5D3740F5A2D5565E4BF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

00:42:26.0654 0x14d4 nvUpdatusService - ok

00:42:26.0721 0x14d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

00:42:26.0726 0x14d4 nv_agp - ok

00:42:26.0789 0x14d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

00:42:26.0795 0x14d4 ohci1394 - ok

00:42:26.0876 0x14d4 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

00:42:26.0882 0x14d4 ose64 - ok

00:42:27.0145 0x14d4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

00:42:27.0313 0x14d4 osppsvc - ok

00:42:27.0362 0x14d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

00:42:27.0385 0x14d4 p2pimsvc - ok

00:42:27.0428 0x14d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

00:42:27.0444 0x14d4 p2psvc - ok

00:42:27.0589 0x14d4 [ 836266D31F9B7920ED04C4775E401FBC, 422BF0F5CBCB45047C75741EE3D02D93BE3A7EC01C8E622079DC24893DF65DFC ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe

00:42:27.0652 0x14d4 PanService - ok

00:42:27.0718 0x14d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys

00:42:27.0722 0x14d4 Parport - ok

00:42:27.0736 0x14d4 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys

00:42:27.0739 0x14d4 partmgr - ok

00:42:27.0770 0x14d4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

00:42:27.0776 0x14d4 PcaSvc - ok

00:42:27.0859 0x14d4 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys

00:42:27.0865 0x14d4 pci - ok

00:42:27.0875 0x14d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys

00:42:27.0876 0x14d4 pciide - ok

00:42:27.0896 0x14d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

00:42:27.0904 0x14d4 pcmcia - ok

00:42:27.0925 0x14d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

00:42:27.0927 0x14d4 pcw - ok

00:42:27.0964 0x14d4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

00:42:27.0987 0x14d4 PEAUTH - ok

00:42:28.0055 0x14d4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

00:42:28.0113 0x14d4 PeerDistSvc - ok

00:42:28.0177 0x14d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

00:42:28.0179 0x14d4 PerfHost - ok

00:42:28.0329 0x14d4 [ BC7ED522BDAA0C635925B3E674B18F70, B6EC4A2888A1CBA1DCE8AAD5BF7776FCA3DE696EC09B19251DBC0FEBD8B1BD45 ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

00:42:28.0410 0x14d4 PFNService - ok

00:42:28.0483 0x14d4 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll

00:42:28.0547 0x14d4 pla - ok

00:42:28.0604 0x14d4 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll

00:42:28.0617 0x14d4 PlugPlay - ok

00:42:28.0653 0x14d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

00:42:28.0656 0x14d4 PNRPAutoReg - ok

00:42:28.0739 0x14d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

00:42:28.0748 0x14d4 PNRPsvc - ok

00:42:28.0814 0x14d4 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

00:42:28.0828 0x14d4 PolicyAgent - ok

00:42:28.0872 0x14d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll

00:42:28.0878 0x14d4 Power - ok

00:42:28.0923 0x14d4 [ C90FED91A08D7D1D71E52DBDCF4D1318, 7FFC9F25FC7ABA764A81CEA4E9ACDA9610A4270F57B5A7236ACF2F2D3C0E1431 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe

00:42:28.0926 0x14d4 PowerSavingUtilityService - ok

00:42:28.0970 0x14d4 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

00:42:28.0975 0x14d4 PptpMiniport - ok

00:42:29.0023 0x14d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys

00:42:29.0025 0x14d4 Processor - ok

00:42:29.0072 0x14d4 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll

00:42:29.0078 0x14d4 ProfSvc - ok

00:42:29.0124 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe

00:42:29.0128 0x14d4 ProtectedStorage - ok

00:42:29.0157 0x14d4 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

00:42:29.0162 0x14d4 Psched - ok

00:42:29.0239 0x14d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

00:42:29.0296 0x14d4 ql2300 - ok

00:42:29.0321 0x14d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

00:42:29.0326 0x14d4 ql40xx - ok

00:42:29.0357 0x14d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

00:42:29.0365 0x14d4 QWAVE - ok

00:42:29.0378 0x14d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

00:42:29.0381 0x14d4 QWAVEdrv - ok

00:42:29.0394 0x14d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

00:42:29.0395 0x14d4 RasAcd - ok

00:42:29.0428 0x14d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

00:42:29.0430 0x14d4 RasAgileVpn - ok

00:42:29.0452 0x14d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

00:42:29.0458 0x14d4 RasAuto - ok

00:42:29.0494 0x14d4 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

00:42:29.0499 0x14d4 Rasl2tp - ok

00:42:29.0527 0x14d4 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll

00:42:29.0540 0x14d4 RasMan - ok

00:42:29.0563 0x14d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

00:42:29.0566 0x14d4 RasPppoe - ok

00:42:29.0580 0x14d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

00:42:29.0583 0x14d4 RasSstp - ok

00:42:29.0606 0x14d4 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

00:42:29.0614 0x14d4 rdbss - ok

00:42:29.0646 0x14d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

00:42:29.0648 0x14d4 rdpbus - ok

00:42:29.0659 0x14d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

00:42:29.0661 0x14d4 RDPCDD - ok

00:42:29.0688 0x14d4 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

00:42:29.0693 0x14d4 RDPDR - ok

00:42:29.0735 0x14d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

00:42:29.0737 0x14d4 RDPENCDD - ok

00:42:29.0754 0x14d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

00:42:29.0756 0x14d4 RDPREFMP - ok

00:42:29.0780 0x14d4 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

00:42:29.0788 0x14d4 RDPWD - ok

00:42:29.0868 0x14d4 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

00:42:29.0876 0x14d4 rdyboost - ok

00:42:29.0980 0x14d4 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

00:42:29.0986 0x14d4 RegSrvc - ok

00:42:30.0009 0x14d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

00:42:30.0013 0x14d4 RemoteAccess - ok

00:42:30.0043 0x14d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

00:42:30.0049 0x14d4 RemoteRegistry - ok

00:42:30.0110 0x14d4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

00:42:30.0115 0x14d4 RFCOMM - ok

00:42:30.0149 0x14d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

00:42:30.0153 0x14d4 RpcEptMapper - ok

00:42:30.0174 0x14d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

00:42:30.0176 0x14d4 RpcLocator - ok

00:42:30.0231 0x14d4 [ 3C6018A5BFDA89FB3BE0BBB2E0DD234A, 74F2C23B24348D80803F5D77D8C429DAF914B6CFC547DFF93E1C5A762F8469A8 ] RpcSs C:\Windows\system32\rpcss.dll

00:42:30.0246 0x14d4 RpcSs - ok

00:42:30.0288 0x14d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

00:42:30.0292 0x14d4 rspndr - ok

00:42:30.0339 0x14d4 [ 4A25DC970C58104602ED274DACAFD784, 38377570346385E9035568694638719475607B62968C5E3D0D9CBCDD04A5BD52 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

00:42:30.0345 0x14d4 RSUSBSTOR - ok

00:42:30.0428 0x14d4 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

00:42:30.0462 0x14d4 RTL8167 - ok

00:42:30.0468 0x14d4 RtsUIR - ok

00:42:30.0505 0x14d4 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys

00:42:30.0548 0x14d4 s3cap - ok

00:42:30.0569 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe

00:42:30.0570 0x14d4 SamSs - ok

00:42:30.0593 0x14d4 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

00:42:30.0597 0x14d4 sbp2port - ok

00:42:30.0667 0x14d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

00:42:30.0674 0x14d4 SCardSvr - ok

00:42:30.0769 0x14d4 scbhmon - ok

00:42:30.0794 0x14d4 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

00:42:30.0796 0x14d4 scfilter - ok

00:42:30.0889 0x14d4 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll

00:42:30.0934 0x14d4 Schedule - ok

00:42:30.0961 0x14d4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll

00:42:30.0963 0x14d4 SCPolicySvc - ok

00:42:30.0980 0x14d4 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll

00:42:30.0986 0x14d4 SDRSVC - ok

00:42:31.0016 0x14d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

00:42:31.0018 0x14d4 secdrv - ok

00:42:31.0036 0x14d4 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll

00:42:31.0039 0x14d4 seclogon - ok

00:42:31.0058 0x14d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll

00:42:31.0062 0x14d4 SENS - ok

00:42:31.0074 0x14d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

00:42:31.0077 0x14d4 SensrSvc - ok

00:42:31.0100 0x14d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

00:42:31.0102 0x14d4 Serenum - ok

00:42:31.0137 0x14d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

00:42:31.0141 0x14d4 Serial - ok

00:42:31.0156 0x14d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

00:42:31.0158 0x14d4 sermouse - ok

00:42:31.0194 0x14d4 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll

00:42:31.0198 0x14d4 SessionEnv - ok

00:42:31.0203 0x14d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

00:42:31.0205 0x14d4 sffdisk - ok

00:42:31.0212 0x14d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

00:42:31.0213 0x14d4 sffp_mmc - ok

00:42:31.0218 0x14d4 [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

00:42:31.0219 0x14d4 sffp_sd - ok

00:42:31.0225 0x14d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

00:42:31.0228 0x14d4 sfloppy - ok

00:42:31.0278 0x14d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

00:42:31.0290 0x14d4 SharedAccess - ok

00:42:31.0313 0x14d4 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

00:42:31.0325 0x14d4 ShellHWDetection - ok

00:42:31.0354 0x14d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

00:42:31.0356 0x14d4 SiSRaid2 - ok

00:42:31.0378 0x14d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

00:42:31.0381 0x14d4 SiSRaid4 - ok

00:42:31.0610 0x14d4 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

00:42:31.0724 0x14d4 Skype C2C Service - ok

00:42:31.0852 0x14d4 [ 5E065268F31F5CBEFE37FE24D7A3ABF0, E226B9F32124C67B88F637A31C0AE120E86D8B1A5826D5F046ADBD0DDC5151C5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

00:42:31.0858 0x14d4 SkypeUpdate - ok

00:42:31.0886 0x14d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

00:42:31.0890 0x14d4 Smb - ok

00:42:31.0931 0x14d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

00:42:31.0934 0x14d4 SNMPTRAP - ok

00:42:32.0026 0x14d4 [ 3B39BC0A15CB630A3CE2F6B732EA8B8E, 39B5C1CDD698B3043BE10264CB23A6324A8DF0E5FDFA26DCF9410A2BFFFC9B07 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys

00:42:32.0092 0x14d4 SNP2UVC - ok

00:42:32.0107 0x14d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

00:42:32.0109 0x14d4 spldr - ok

00:42:32.0136 0x14d4 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe

00:42:32.0157 0x14d4 Spooler - ok

00:42:32.0292 0x14d4 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe

00:42:32.0429 0x14d4 sppsvc - ok

00:42:32.0456 0x14d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

00:42:32.0459 0x14d4 sppuinotify - ok

00:42:32.0483 0x14d4 [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys

00:42:32.0516 0x14d4 srv - ok

00:42:32.0565 0x14d4 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

00:42:32.0587 0x14d4 srv2 - ok

00:42:32.0605 0x14d4 [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

00:42:32.0610 0x14d4 srvnet - ok

00:42:32.0640 0x14d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

00:42:32.0648 0x14d4 SSDPSRV - ok

00:42:32.0659 0x14d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

00:42:32.0663 0x14d4 SstpSvc - ok

00:42:32.0728 0x14d4 [ ED2880C5DF230F8EF4401A13AE83E713, B42406B13C5D6E040AE4757071575AD6E80C95EC2AD10CC24F9C9DB07DD8EFDC ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

00:42:32.0741 0x14d4 Stereo Service - ok

00:42:32.0800 0x14d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

00:42:32.0802 0x14d4 stexstor - ok

00:42:32.0856 0x14d4 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll

00:42:32.0889 0x14d4 stisvc - ok

00:42:32.0904 0x14d4 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys

00:42:32.0907 0x14d4 storflt - ok

00:42:32.0940 0x14d4 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys

00:42:32.0942 0x14d4 storvsc - ok

00:42:32.0957 0x14d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

00:42:32.0959 0x14d4 swenum - ok

00:42:33.0005 0x14d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

00:42:33.0031 0x14d4 swprv - ok

00:42:33.0088 0x14d4 [ 2F827BB08CC7F1A17DF2EAD7B424D731, A4F58318A3439A734425C95A2ABC6D7A8B816BD8563DF272EBB5B7420A7D99BE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

00:42:33.0098 0x14d4 SynTP - ok

00:42:33.0188 0x14d4 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll

00:42:33.0259 0x14d4 SysMain - ok

00:42:33.0282 0x14d4 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll

00:42:33.0287 0x14d4 TabletInputService - ok

00:42:33.0313 0x14d4 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll

00:42:33.0335 0x14d4 TapiSrv - ok

00:42:33.0350 0x14d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

00:42:33.0355 0x14d4 TBS - ok

00:42:33.0442 0x14d4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

00:42:33.0515 0x14d4 Tcpip - ok

00:42:33.0650 0x14d4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

00:42:33.0701 0x14d4 TCPIP6 - ok

00:42:33.0713 0x14d4 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

00:42:33.0716 0x14d4 tcpipreg - ok

00:42:33.0748 0x14d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

00:42:33.0750 0x14d4 TDPIPE - ok

00:42:33.0771 0x14d4 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

00:42:33.0773 0x14d4 TDTCP - ok

00:42:33.0812 0x14d4 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

00:42:33.0816 0x14d4 tdx - ok

00:42:33.0837 0x14d4 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

00:42:33.0840 0x14d4 TermDD - ok

00:42:33.0884 0x14d4 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll

00:42:33.0964 0x14d4 TermService - ok

00:42:34.0120 0x14d4 [ CBA4FA2089AA7A5A52EEF55B8376F144, 8F720043004F533BA359416732690BC0A84B76EE1FEA5C1FAE485CF1532E6D69 ] TestHandler C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe

00:42:34.0131 0x14d4 TestHandler - ok

00:42:34.0182 0x14d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

00:42:34.0184 0x14d4 Themes - ok

00:42:34.0213 0x14d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

00:42:34.0215 0x14d4 THREADORDER - ok

 

[Hoori]

Part 4:

00:42:34.0244 0x14d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

00:42:34.0249 0x14d4 TrkWks - ok

00:42:34.0292 0x14d4 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

00:42:34.0297 0x14d4 TrustedInstaller - ok

00:42:34.0320 0x14d4 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

00:42:34.0322 0x14d4 tssecsrv - ok

00:42:34.0356 0x14d4 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

00:42:34.0360 0x14d4 tunnel - ok

00:42:34.0377 0x14d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

00:42:34.0380 0x14d4 uagp35 - ok

00:42:34.0399 0x14d4 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

00:42:34.0409 0x14d4 udfs - ok

00:42:34.0439 0x14d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

00:42:34.0443 0x14d4 UI0Detect - ok

00:42:34.0496 0x14d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

00:42:34.0500 0x14d4 uliagpkx - ok

00:42:34.0569 0x14d4 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

00:42:34.0572 0x14d4 umbus - ok

00:42:34.0577 0x14d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

00:42:34.0579 0x14d4 UmPass - ok

00:42:34.0607 0x14d4 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll

00:42:34.0614 0x14d4 UmRdpService - ok

00:42:34.0702 0x14d4 [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

00:42:34.0711 0x14d4 UNS - ok

00:42:34.0763 0x14d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

00:42:34.0775 0x14d4 upnphost - ok

00:42:34.0842 0x14d4 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

00:42:34.0846 0x14d4 usbccgp - ok

00:42:34.0850 0x14d4 USBCCID - ok

00:42:34.0879 0x14d4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

00:42:34.0883 0x14d4 usbcir - ok

00:42:34.0898 0x14d4 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

00:42:34.0900 0x14d4 usbehci - ok

00:42:34.0934 0x14d4 [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

00:42:34.0945 0x14d4 usbhub - ok

00:42:34.0963 0x14d4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

00:42:34.0965 0x14d4 usbohci - ok

00:42:34.0979 0x14d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

00:42:34.0981 0x14d4 usbprint - ok

00:42:34.0992 0x14d4 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

00:42:34.0996 0x14d4 USBSTOR - ok

00:42:35.0014 0x14d4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

00:42:35.0016 0x14d4 usbuhci - ok

00:42:35.0058 0x14d4 [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

00:42:35.0064 0x14d4 usbvideo - ok

00:42:35.0107 0x14d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

00:42:35.0110 0x14d4 UxSms - ok

00:42:35.0136 0x14d4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe

00:42:35.0138 0x14d4 VaultSvc - ok

00:42:35.0233 0x14d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

00:42:35.0236 0x14d4 vdrvroot - ok

00:42:35.0264 0x14d4 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe

00:42:35.0298 0x14d4 vds - ok

00:42:35.0340 0x14d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

00:42:35.0342 0x14d4 vga - ok

00:42:35.0357 0x14d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

00:42:35.0359 0x14d4 VgaSave - ok

00:42:35.0369 0x14d4 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

00:42:35.0377 0x14d4 vhdmp - ok

00:42:35.0385 0x14d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys

00:42:35.0387 0x14d4 viaide - ok

00:42:35.0410 0x14d4 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys

00:42:35.0416 0x14d4 vmbus - ok

00:42:35.0422 0x14d4 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys

00:42:35.0425 0x14d4 VMBusHID - ok

00:42:35.0438 0x14d4 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

00:42:35.0441 0x14d4 volmgr - ok

00:42:35.0466 0x14d4 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

00:42:35.0488 0x14d4 volmgrx - ok

00:42:35.0516 0x14d4 [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

00:42:35.0527 0x14d4 volsnap - ok

00:42:35.0558 0x14d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

00:42:35.0564 0x14d4 vsmraid - ok

00:42:35.0639 0x14d4 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe

00:42:35.0693 0x14d4 VSS - ok

00:42:35.0740 0x14d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

00:42:35.0761 0x14d4 vwifibus - ok

00:42:35.0796 0x14d4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

00:42:35.0798 0x14d4 vwififlt - ok

00:42:35.0825 0x14d4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

00:42:35.0827 0x14d4 vwifimp - ok

00:42:35.0861 0x14d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

00:42:35.0885 0x14d4 W32Time - ok

00:42:35.0913 0x14d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

00:42:35.0915 0x14d4 WacomPen - ok

00:42:35.0943 0x14d4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

00:42:35.0946 0x14d4 WANARP - ok

00:42:35.0952 0x14d4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

00:42:35.0954 0x14d4 Wanarpv6 - ok

00:42:36.0021 0x14d4 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe

00:42:36.0080 0x14d4 wbengine - ok

00:42:36.0096 0x14d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

00:42:36.0105 0x14d4 WbioSrvc - ok

00:42:36.0127 0x14d4 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll

00:42:36.0139 0x14d4 wcncsvc - ok

00:42:36.0149 0x14d4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

00:42:36.0153 0x14d4 WcsPlugInService - ok

00:42:36.0173 0x14d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys

00:42:36.0175 0x14d4 Wd - ok

00:42:36.0211 0x14d4 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

00:42:36.0234 0x14d4 Wdf01000 - ok

00:42:36.0260 0x14d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

00:42:36.0265 0x14d4 WdiServiceHost - ok

00:42:36.0270 0x14d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

00:42:36.0274 0x14d4 WdiSystemHost - ok

00:42:36.0317 0x14d4 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll

00:42:36.0327 0x14d4 WebClient - ok

00:42:36.0337 0x14d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

00:42:36.0345 0x14d4 Wecsvc - ok

00:42:36.0366 0x14d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

00:42:36.0371 0x14d4 wercplsupport - ok

00:42:36.0404 0x14d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

00:42:36.0408 0x14d4 WerSvc - ok

00:42:36.0447 0x14d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

00:42:36.0449 0x14d4 WfpLwf - ok

00:42:36.0465 0x14d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

00:42:36.0467 0x14d4 WIMMount - ok

00:42:36.0484 0x14d4 WinDefend - ok

00:42:36.0492 0x14d4 WinHttpAutoProxySvc - ok

00:42:36.0586 0x14d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

00:42:36.0593 0x14d4 Winmgmt - ok

00:42:36.0751 0x14d4 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll

00:42:36.0871 0x14d4 WinRM - ok

00:42:36.0947 0x14d4 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

00:42:36.0950 0x14d4 WinUsb - ok

00:42:37.0005 0x14d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

00:42:37.0038 0x14d4 Wlansvc - ok

00:42:37.0068 0x14d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

00:42:37.0070 0x14d4 WmiAcpi - ok

00:42:37.0110 0x14d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

00:42:37.0115 0x14d4 wmiApSrv - ok

00:42:37.0145 0x14d4 WMPNetworkSvc - ok

00:42:37.0166 0x14d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

00:42:37.0169 0x14d4 WPCSvc - ok

00:42:37.0191 0x14d4 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

00:42:37.0196 0x14d4 WPDBusEnum - ok

00:42:37.0218 0x14d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

00:42:37.0220 0x14d4 ws2ifsl - ok

00:42:37.0243 0x14d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll

00:42:37.0247 0x14d4 wscsvc - ok

00:42:37.0252 0x14d4 WSearch - ok

00:42:37.0353 0x14d4 [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv C:\Windows\system32\wuaueng.dll

00:42:37.0436 0x14d4 wuauserv - ok

00:42:37.0463 0x14d4 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

00:42:37.0468 0x14d4 WudfPf - ok

00:42:37.0494 0x14d4 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

00:42:37.0501 0x14d4 WUDFRd - ok

00:42:37.0539 0x14d4 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

00:42:37.0543 0x14d4 wudfsvc - ok

00:42:37.0563 0x14d4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll

00:42:37.0572 0x14d4 WwanSvc - ok

00:42:37.0691 0x14d4 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

00:42:37.0708 0x14d4 YahooAUService - ok

00:42:37.0815 0x14d4 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

00:42:37.0838 0x14d4 ZeroConfigService - ok

00:42:37.0869 0x14d4 ================ Scan global ===============================

00:42:37.0895 0x14d4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

00:42:37.0933 0x14d4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll

00:42:37.0949 0x14d4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll

00:42:37.0976 0x14d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

00:42:38.0012 0x14d4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

00:42:38.0022 0x14d4 [ Global ] - ok

00:42:38.0022 0x14d4 ================ Scan MBR ==================================

00:42:38.0034 0x14d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

00:42:38.0535 0x14d4 \Device\Harddisk0\DR0 - ok

00:42:38.0535 0x14d4 ================ Scan VBR ==================================

00:42:38.0538 0x14d4 [ 2D354230F2D9B6B764AEE4C01B565922 ] \Device\Harddisk0\DR0\Partition1

00:42:38.0539 0x14d4 \Device\Harddisk0\DR0\Partition1 - ok

00:42:38.0540 0x14d4 Waiting for KSN requests completion. In queue: 93

00:42:39.0540 0x14d4 Waiting for KSN requests completion. In queue: 93

00:42:40.0540 0x14d4 Waiting for KSN requests completion. In queue: 93

00:42:41.0673 0x14d4 AV detected via SS2: ESET Smart Security 6.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x42010 ( disabled : outofdate )

00:42:41.0675 0x14d4 FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x41010 ( enabled )

00:42:44.0293 0x14d4 ============================================================

00:42:44.0293 0x14d4 Scan finished

00:42:44.0293 0x14d4 ============================================================

00:42:44.0303 0x1bd8 Detected object count: 0

00:42:44.0303 0x1bd8 Actual detected object count: 0

 

[Broni]

and now the voices are back again

Does it happen when using certain program like some browser?

 

[Hoori]

No. It happens exactly when I start the system.

Edit: but not when I'm disconnected from the internet.

 

[Broni]

OK we may be dealing here with some brand new bug.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

• Double-click SystemLook.exe to run it.
• Vista users:: Right click on SystemLook.exe, click Run As Administrator
• Copy the content of the following box and paste it into the main textfield:

:filefind
rpcss.dll

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[Hoori]

Here's the content:

SystemLook 30.07.11 by jpshortstuff
Log created at 19:08 on 03/01/2014 by Fujitsu
Administrator - Elevation successful

========== filefind ==========

Searching for "rpcss.dll"
C:\Windows\System32\rpcss.dll --a---- 509952 bytes [00:00 14/07/2009] [01:41 14/07/2009] 3C6018A5BFDA89FB3BE0BBB2E0DD234A
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll --a---- 509440 bytes [00:00 14/07/2009] [01:41 14/07/2009] 7266972E86890E2B30C0C322E906B027

-= EOF =-

 

[Broni]

It looks like our issue.

We'll use Combofix to replace patched file.

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

FCopy::
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll | C:\Windows\System32\rpcss.dll

ClearJavaCache::

3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt

P. S. When done let me know if audio is still there.

 

[Hoori]

I ran combofix. First time it was stopped at stage four, I waited for half an hour and I restarted the system. The audio was not here. I disabled the anti-virus and ran combofix (dragging the CFScript into it) again, the scan was completed this time but it was stopped at "preparing log report". Shall I restart the system and rerun combofix?

 

[Hoori]

Finally! This is the log content:

ComboFix 14-01-04.03 - Fujitsu 01/03/2014 20:40:19.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3952.2256 [GMT -8:00]
Running from: c:\users\Fujitsu\Desktop\ComboFix.exe
Command switches used :: c:\users\Fujitsu\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Fujitsu\Documents\~WRL0128.tmp
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll --> c:\windows\System32\rpcss.dll
.
((((((((((((((((((((((((( Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))
.
.
2014-01-04 04:48 . 2014-01-04 04:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-04 04:48 . 2014-01-04 04:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-02 08:10 . 2014-01-03 04:45 -------- d-----w- C:\FRST
2014-01-02 07:32 . 2014-01-03 04:40 -------- d-----w- c:\programdata\Fighters
2014-01-02 06:45 . 2014-01-02 06:45 -------- d-----w- c:\windows\ERUNT
2014-01-02 06:35 . 2014-01-02 06:38 -------- d-----w- C:\AdwCleaner
2014-01-02 01:42 . 2014-01-02 01:58 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-02 01:38 . 2014-01-02 01:38 1898576 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-02 01:37 . 2014-01-02 01:37 6144 ----a-w- c:\windows\system32\drivers\null.sys.bak
2014-01-02 01:36 . 2014-01-02 01:36 55456 ----a-w- c:\windows\system32\drivers\btath_lwflt.sys.bak
2014-01-02 01:25 . 2014-01-02 01:25 -------- d-----w- C:\found.000
2014-01-01 10:02 . 2014-01-01 10:02 -------- d-----w- c:\users\Fujitsu\AppData\Local\ElevatedDiagnostics
2014-01-01 00:49 . 2014-01-01 00:49 -------- d-----w- c:\programdata\Winferno
2014-01-01 00:44 . 2014-01-01 00:44 -------- d-----w- c:\program files (x86)\FileAssociationManager
2014-01-01 00:44 . 2014-01-01 00:44 -------- d-----w- c:\users\Fujitsu\AppData\Roaming\FileAssociationManager
2014-01-01 00:44 . 2010-10-26 19:07 499785 ----a-w- c:\windows\SysWow64\WINUTIL8.DLL
2014-01-01 00:44 . 2010-09-01 23:59 835656 ----a-w- c:\windows\SysWow64\WINCTL5.OCX
2014-01-01 00:44 . 2010-01-14 18:31 425984 ----a-w- c:\windows\SysWow64\WinCMR.dll
2014-01-01 00:44 . 2009-06-05 19:04 393216 ----a-w- c:\windows\SysWow64\WINLCTL6.DLL
2014-01-01 00:44 . 2014-01-02 06:51 -------- d-----w- c:\program files (x86)\Winferno
2014-01-01 00:44 . 2014-01-01 00:44 -------- d-----w- c:\programdata\Yahoo! Companion
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\programdata\Yahoo!
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\users\Fujitsu\AppData\Roaming\Yahoo!
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\program files (x86)\Yahoo!
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\windows\SysWow64\modules
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\windows\SysWow64\js
2014-01-01 00:43 . 2014-01-01 00:43 -------- d-----w- c:\windows\SysWow64\css
2013-12-31 21:18 . 2013-12-31 21:18 -------- d-----w- c:\users\Fujitsu\AppData\Roaming\LavasoftStatistics
2013-12-31 20:45 . 2013-12-31 20:45 -------- d-----w- c:\programdata\BitDefender
2013-12-31 20:29 . 2013-12-31 20:29 -------- d-----w- c:\program files\Lavasoft
2013-12-31 20:28 . 2013-12-31 20:28 -------- d-----w- c:\program files (x86)\Lavasoft
2013-12-31 20:26 . 2013-12-31 20:26 -------- d-----w- c:\programdata\Lavasoft
2013-12-29 16:56 . 2013-12-29 16:56 -------- d-----w- c:\users\Fujitsu\AppData\Roaming\Malwarebytes
2013-12-29 16:56 . 2013-12-29 16:56 -------- d-----w- c:\programdata\Malwarebytes
2013-12-29 16:45 . 2013-12-29 16:45 -------- d-----w- c:\program files (x86)\Google
2013-12-28 20:07 . 2013-12-28 20:07 -------- d-----w- c:\programdata\KeepnBrowse
2013-12-10 07:35 . 2013-12-15 13:18 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA5F6B96-B861-4CDA-81BA-574814BF4546}\offreg.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 06:59 . 2013-08-17 15:40 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 06:59 . 2013-08-04 21:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20686704]
"ooVoo.exe"="c:\program files (x86)\ooVoo\ooVoo.exe" [2013-08-05 35253824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DeskUpdateNotifier"="c:\program files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 97560]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [BU]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
.
c:\users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-11-22 1338656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 a6bb4a82;KeepnBrowse;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 scbhmon;Extension Security Monitor Service;c:\program files (x86)\Surf Canyon\scbhmon.exe;c:\program files (x86)\Surf Canyon\scbhmon.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys;c:\windows\SYSNATIVE\DRIVERS\FUJ02E3.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-29 16:45 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-21 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-21 379552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-25 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-25 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-25 439064]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-23 76104]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-09-30 158024]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-09-30 23368]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 71.242.0.12
FF - ProfilePath - c:\users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20131253,20030,0,85,0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-11-14 00:30; xz123@ya456.com; c:\program files (x86)\BetterSurf\ff
FF - ExtSQL: 2013-11-25 09:18; 12x3q@3244516.com; c:\program files (x86)\Better-Surf\ff
FF - ExtSQL: 2013-12-09 19:42; ext@bettersurfplus.com; c:\program files (x86)\BetterSurf\BetterSurfPlus\ff
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-SurfCanyonDesktop - c:\program files (x86)\Surf Canyon\SurfCanyonDesktop.exe
AddRemove-RegPowerClean_is1 - c:\program files (x86)\Winferno\RegistryPowerCleaner\unins000.exe
AddRemove-Search Protection - c:\users\Fujitsu\AppData\Roaming\Search Protection\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-03 23:59:00
ComboFix-quarantined-files.txt 2014-01-04 07:58
.
Pre-Run: 167,846,682,624 bytes free
Post-Run: 173,190,852,608 bytes free
.
- - End Of File - - 0B4D9112A833DD75F760FE8321C9DA5C

 

[Broni]

You did fine.
The file in question has been replaced and as you say no more audio.

Please proceed with Eset scan.

 

[Hoori]

Done. No threats found. The audio is gone. I love you!

 

[Broni]

Excellent!

Uninstall Winferno Registry Power Cleaner.

Registry cleaners/optimizers are not recommended for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
  
  The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  
• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  
• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  
• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  
• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

• Ed Bott's Webog: Why I don't use registry cleaners
• Do I need a Registry Cleaner?

========================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

 

[Hoori]

1. OTL log content:

All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Fujitsu
->Temp folder emptied: 7697 bytes
->Temporary Internet Files folder emptied: 1410840 bytes
->FireFox cache emptied: 95184332 bytes
->Google Chrome cache emptied: 32330580 bytes
->Flash cache emptied: 10838 bytes
User: Public
->Temp folder emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1107580805 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1,179.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Fujitsu
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Fujitsu
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01042014_190505

Files\Folders moved on Reboot...
C:\Users\Fujitsu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Fujitsu\AppData\Local\Mozilla\Firefox\Profiles\d4gsali1.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Fujitsu\AppData\Local\Mozilla\Firefox\Profiles\d4gsali1.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Fujitsu\AppData\Local\Mozilla\Firefox\Profiles\d4gsali1.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Fujitsu\AppData\Local\Mozilla\Firefox\Profiles\d4gsali1.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Fujitsu\AppData\Local\Mozilla\Firefox\Profiles\d4gsali1.default\_CACHE_CLEAN_ moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

[Hoori]

Thank you.

I did everything you said. The last two links are specifically interesting. My laptop is as good as it was before the problem. I can't stress enough how much I'm thankful.

 

[Broni]

Way to go!!
Good luck and stay safe

 

[Hoori]

Thank you.

Good luck and stay awesome

 

[Broni]