Real time protection disabled

[NigelD1]

I had a problem with real time protection on MWB being turned off this afternoon and nothing within the programme would turn it back on. I re-booted and it turned back on but I but a message again from Winpatrol saying "rundll32 netman.dll,ProcessQueue" wanted to run and did I accept the change" as posted a while back. I rejected the change again because I didn't know what had caused it.

I also have a number of "red" events in my event viewer and wondered if someone could take a look at my logs to see if there is a problem somewhere. I have latest version of MWB and ran a scan which came back clean.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by Nigel (administrator) on ADMIN-PC on 18-04-2014 19:05:17
Running from C:\Users\Nigel\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nalpeiron Ltd.) C:\Windows\system32\nlsInterface.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516960 2013-02-15] (Acronis)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6366264 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103440 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-659262273-614998807-254128721-1004\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-659262273-614998807-254128721-1004\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [527936 2014-03-22] (BillP Studios)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86CAA214-65E8-4352-B03D-396AF9D236C8}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: Print pages to PDF - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\printPages2Pdf@reinhold.ripper [2013-10-29]
FF Extension: ReminderFox - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-04-18]
FF Extension: FoxClocks - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2014-01-23]
FF Extension: TinEye Reverse Image Search - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\tineye@ideeinc.com.xpi [2014-01-20]
FF Extension: FxIF - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2014-01-25]
FF Extension: NoScript - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-29]
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-29]
FF Extension: Tab Mix Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-29]
FF Extension: Greasemonkey - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-29]
FF Extension: Google Plus New Tab - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{f86ddff9-183b-4962-891c-b9183095a8fb}.xpi [2013-10-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-29]

Chrome:
=======


CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPSibelius.dll ()
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-03]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-03]
CHR Extension: (avast! WebRep) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-11-03]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-03]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-30]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-30] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 nlscc; C:\Windows\system32\nlsInterface.exe [72192 2010-11-01] (Nalpeiron Ltd.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-03-19] (Trusteer Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-30] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-30] ()
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\SysWOW64\DRIVERS\ENTECH64.sys [5632 2004-06-22] (EnTech Taiwan)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-28] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-03-19] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-03-19] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-03-19] (Trusteer Ltd.)
S3 SeqCal; C:\Windows\System32\DRIVERS\SeqCal.sys [7808 2006-05-18] (GretagMacbeth LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-15] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-15] (Acronis International GmbH)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2x.sys [560128 2009-01-13] (Atheros Communications, Inc.)
S4 tsusbhub; system32\drivers\tsusbhub.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-18 19:05 - 2014-04-18 19:05 - 00024008 _____ () C:\Users\Nigel\Desktop\FRST.txt
2014-04-18 18:58 - 2014-04-18 18:58 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Nigel\Desktop\mbam-check-2.1.0.0002.exe
2014-04-18 18:57 - 2014-04-18 18:57 - 02158592 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Sue\.android
2014-04-10 18:04 - 2014-04-10 18:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-04-10 15:10 - 2014-04-18 18:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 15:09 - 2014-04-10 15:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 15:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 09:29 - 2014-03-31 02:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 09:29 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 09:29 - 2014-03-31 01:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 09:29 - 2014-03-31 00:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 09:29 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:29 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 09:29 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 09:29 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 09:29 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 09:29 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 09:29 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 09:29 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 09:29 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 09:29 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 09:29 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 09:29 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 09:29 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 09:29 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 09:29 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 09:29 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 09:29 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-30 15:08 - 2014-03-30 15:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-20 17:28 - 2014-03-20 17:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 12:44 - 2014-03-20 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-18 19:05 - 2014-04-18 19:05 - 00024008 _____ () C:\Users\Nigel\Desktop\FRST.txt
2014-04-18 19:05 - 2013-11-15 11:57 - 00000000 ____D () C:\FRST
2014-04-18 19:05 - 2013-10-29 10:41 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 18:58 - 2014-04-18 18:58 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Nigel\Desktop\mbam-check-2.1.0.0002.exe
2014-04-18 18:57 - 2014-04-18 18:57 - 02158592 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2014-04-18 18:44 - 2009-07-14 05:45 - 00015344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 18:44 - 2009-07-14 05:45 - 00015344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 18:39 - 2014-04-10 15:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:39 - 2013-09-18 10:02 - 01151740 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 18:35 - 2013-10-29 10:41 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 18:35 - 2013-10-05 14:23 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-04-18 18:35 - 2012-12-07 18:25 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-04-18 18:35 - 2012-12-07 18:25 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-04-18 18:34 - 2013-10-05 14:21 - 00053929 _____ () C:\Windows\setupact.log
2014-04-18 18:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 18:07 - 2013-12-10 22:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 13:38 - 2012-12-23 15:53 - 00001456 _____ () C:\Users\Nigel\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-04-18 13:14 - 2009-07-14 06:13 - 00791118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-18 11:10 - 2013-11-12 21:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-18 09:41 - 2009-12-13 13:25 - 00000000 ____D () C:\Program Files\Adobe
2014-04-18 09:13 - 2013-06-24 10:57 - 00020585 _____ () C:\Users\Nigel\Documents\DropboxExport.log
2014-04-18 09:06 - 2009-12-12 19:16 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Adobe
2014-04-15 12:38 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Sue\.android
2014-04-14 16:11 - 2012-08-14 11:30 - 00000000 ____D () C:\Users\Sue\AppData\Roaming\WTablet
2014-04-14 16:11 - 2009-12-12 17:02 - 00000000 ____D () C:\Users\Sue
2014-04-11 16:43 - 2013-12-10 22:33 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-11 16:43 - 2013-12-10 22:33 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-11 16:43 - 2013-12-10 22:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-11 12:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 18:04 - 2014-04-10 18:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-04-10 18:04 - 2012-08-13 18:14 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-04-10 18:04 - 2012-08-13 18:14 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-04-10 18:04 - 2012-08-13 18:13 - 00000000 ____D () C:\Program Files\Tablet
2014-04-10 15:09 - 2014-04-10 15:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 15:09 - 2009-12-22 18:05 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Malwarebytes
2014-04-10 15:09 - 2009-12-12 13:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 15:09 - 2009-12-12 13:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-09 10:08 - 2013-08-14 17:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 10:08 - 2010-02-19 10:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 10:07 - 2009-10-29 17:48 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 09:43 - 2009-12-29 14:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-04 00:55 - 2012-08-13 18:14 - 01922328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2014-04-04 00:55 - 2012-08-13 18:14 - 01556760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01946904 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01929496 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01796888 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01563416 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01560344 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2014-04-04 00:55 - 2012-08-13 18:13 - 01443096 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2014-04-03 09:51 - 2014-04-10 15:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2013-10-27 10:20 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2012-03-26 15:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 12:07 - 2012-02-09 20:10 - 00000000 ___RD () C:\Users\Nigel\Dropbox
2014-04-01 15:15 - 2009-12-12 19:16 - 00000000 ____D () C:\Users\Nigel\AppData\Roaming\Adobe
2014-03-31 02:16 - 2014-04-09 09:29 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 02:13 - 2014-04-09 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:13 - 2014-04-09 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 00:57 - 2014-04-09 09:29 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 15:09 - 2013-10-09 15:01 - 00251580 _____ () C:\Windows\PFRO.log
2014-03-30 15:08 - 2014-03-30 15:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-30 15:08 - 2014-01-01 18:09 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-30 15:08 - 2013-10-29 10:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-30 15:08 - 2011-01-18 18:46 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-27 12:00 - 2013-10-29 10:41 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 12:00 - 2013-10-29 10:41 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 15:04 - 2010-03-03 19:54 - 00019801 _____ () C:\Users\Nigel\Documents\Pension projections v1.xlsx
2014-03-25 10:35 - 2009-12-20 16:43 - 00000000 ____D () C:\Users\Nigel\AppData\Local\Apple Computer
2014-03-23 11:12 - 2013-10-31 11:46 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-20 21:14 - 2012-05-07 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-20 17:28 - 2014-03-20 17:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 12:44 - 2014-03-20 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 22:27 - 2012-12-22 15:44 - 00316312 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-11 12:21

==================== End Of Log ============================

 

CheckResults.txt

[NigelD1]

Just an update here - I can see you're all busy!

 

I was just downloading some Windows updates and the real time protection warning triangle came up again and wouldn't go away until I rebooted. Has the new version of MWB got some problems? I also keep getting a white box flash quickly as I shut down my machine. That didn't used to be there before MWB v2.

 

Any comment on the above appreciated too please.

[AdvancedSetup]

Please try the following and let us know if this corrects your issue or not.  -  MBAM Clean Removal Process 2x

 

Please try installing the new beta which has corrected some previously reported issues:  -  Malwarebytes Anti-Malware 2.0.2 Public Beta

 

Let me know how that goes.

 

Thanks

[NigelD1]

corrected the "white box" issue and real time protection now enabled. Also, the MWB icon is loaded in the start tray when sometimes previously it didn't activate.

 

Thanks again Ron.

[AdvancedSetup]

Great, glad that resolved your issue.  I'll go ahead then and close your topic now but if you do have any other issues please post again and let us know.

 

Take care and stay safe out there.

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[AdvancedSetup]

Topic reopened per user request.

[AdvancedSetup]

Please visit this webpage and read the ComboFix User's Guide:

• Once you've read the article and are ready to use the program you can download it directly from the link below.
• Important! - Please make sure you save combofix to your desktop and do not run it from your browser
• Direct download link for: ComboFix.exe
• Please make sure you disable your security applications before running ComboFix.
• Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
• Please attach that log file to your next reply.
• If needed the file can be located here: C:\combofix.txt
• NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

[NigelD1]

Ran the programme Ron, text attached. MWB icon still not displaying properly - look forward to your reply thank you

 

 

Combofix log.txt

[AdvancedSetup]

Nothing nasty shown in that log. Let's run another rootkit scanner and then we'll run some general cleanup tools again just in case but it looks like MBAM may just need a clean reinstall but don't do that just yet.

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

[NigelD1]

Thanks Ron - text log below :-

 

18:33:18.0557 0x0740  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:33:18.0962 0x0740  ============================================================
18:33:18.0962 0x0740  Current date / time: 2014/09/05 18:33:18.0962
18:33:18.0962 0x0740  SystemInfo:
18:33:18.0962 0x0740  
18:33:18.0962 0x0740  OS Version: 6.1.7601 ServicePack: 1.0
18:33:18.0962 0x0740  Product type: Workstation
18:33:18.0962 0x0740  ComputerName: ADMIN-PC
18:33:18.0962 0x0740  UserName: Nigel
18:33:18.0962 0x0740  Windows directory: C:\Windows
18:33:18.0962 0x0740  System windows directory: C:\Windows
18:33:18.0962 0x0740  Running under WOW64
18:33:18.0962 0x0740  Processor architecture: Intel x64
18:33:18.0962 0x0740  Number of processors: 8
18:33:18.0962 0x0740  Page size: 0x1000
18:33:18.0962 0x0740  Boot type: Normal boot
18:33:18.0962 0x0740  ============================================================
18:33:18.0962 0x0740  BG loaded
18:33:21.0287 0x0740  System UUID: {48DB8BCA-1706-409F-50D4-277E14995994}
18:33:23.0408 0x0740  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:23.0424 0x0740  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:23.0486 0x0740  ============================================================
18:33:23.0486 0x0740  \Device\Harddisk0\DR0:
18:33:23.0486 0x0740  MBR partitions:
18:33:23.0486 0x0740  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
18:33:23.0486 0x0740  \Device\Harddisk1\DR1:
18:33:23.0517 0x0740  MBR partitions:
18:33:23.0517 0x0740  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:33:23.0517 0x0740  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:33:23.0517 0x0740  ============================================================
18:33:23.0751 0x0740  C: <-> \Device\Harddisk1\DR1\Partition2
18:33:23.0767 0x0740  E: <-> \Device\Harddisk0\DR0\Partition1
18:33:23.0767 0x0740  ============================================================
18:33:23.0767 0x0740  Initialize success
18:33:23.0767 0x0740  ============================================================
18:34:01.0728 0x0510  ============================================================
18:34:01.0728 0x0510  Scan started
18:34:01.0728 0x0510  Mode: Manual; SigCheck; TDLFS;
18:34:01.0728 0x0510  ============================================================
18:34:01.0728 0x0510  KSN ping started
18:34:02.0680 0x0510  KSN ping finished: false
18:35:14.0502 0x0510  ================ Scan system memory ========================
18:35:14.0502 0x0510  System memory - ok
18:35:14.0502 0x0510  ================ Scan services =============================
18:35:23.0488 0x0510  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:35:53.0096 0x0510  1394ohci - ok
18:35:54.0048 0x0510  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
18:35:54.0079 0x0510  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
18:35:54.0844 0x0510  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:35:55.0000 0x0510  ACPI - ok
18:35:55.0109 0x0510  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:35:55.0624 0x0510  AcpiPmi - ok
18:35:55.0983 0x0510  [ 05A14823307ACBBB549CC8EA9C54143E, 0244B0628B86DFBCD30B0B961C7E2BFFDCEABCB57C5DEB25A701832A97786004 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
18:35:56.0029 0x0510  AcrSch2Svc - ok
18:35:56.0170 0x0510  [ D44BCAF639E4E45307C2BC80715273D5, 1E1CDE13C39D835447096CBEC104A2EDDCE15D94288DB3FBB02421B8B8307989 ] adfs            C:\Windows\system32\drivers\adfs.sys
18:35:56.0388 0x0510  adfs - ok
18:35:56.0794 0x0510  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:35:56.0825 0x0510  AdobeARMservice - ok
18:36:01.0926 0x0510  [ F4BF3ADDDDC1AD372604F13C2B0C1F65, FA37ED5014336A72F778C485226B61BEFECEB861AB754862738795C167F0BAB7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:36:02.0301 0x0510  AdobeFlashPlayerUpdateSvc - ok
18:36:02.0503 0x0510  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:36:02.0566 0x0510  adp94xx - ok
18:36:02.0737 0x0510  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:36:02.0831 0x0510  adpahci - ok
18:36:02.0940 0x0510  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:36:03.0003 0x0510  adpu320 - ok
18:36:03.0096 0x0510  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:36:06.0871 0x0510  AeLookupSvc - ok
18:36:07.0339 0x0510  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
18:36:07.0371 0x0510  afcdp - ok
18:36:08.0541 0x0510  [ 587062408B495CFE12A4BBC6284F19D9, 5E78B8165BBA2BF82F2F1E66E95C4B354F2CF16A8DB6C933FA86A056B8439137 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
18:36:08.0634 0x0510  afcdpsrv - ok
18:36:09.0289 0x0510  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:36:09.0492 0x0510  AFD - ok
18:36:09.0601 0x0510  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:36:09.0711 0x0510  agp440 - ok
18:36:09.0835 0x0510  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:36:10.0038 0x0510  ALG - ok
18:36:10.0569 0x0510  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:36:10.0693 0x0510  aliide - ok
18:36:10.0834 0x0510  [ D45D3540C5AE2A48C6112DF03F06F374, FEEA22BC629D2F25321293763BBB690959B7DFA2573B922C9D7F462DFEE52647 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:36:11.0021 0x0510  AMD External Events Utility - ok
18:36:11.0239 0x0510  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:36:11.0349 0x0510  amdide - ok
18:36:11.0505 0x0510  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:36:11.0817 0x0510  AmdK8 - ok
18:36:15.0249 0x0510  [ 5B871F3E4A4A6C4693A413E3138B51D0, 3A1C4595F72DA0A852043624E52B3BE87BBC4D1AFDD09624E3EAD328D0B78310 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:36:15.0623 0x0510  amdkmdag - ok
18:36:16.0013 0x0510  [ 9BE1140CE8D2C5E878F136A7B85D41B3, DF3CABB90CC36ADCB71BF85CFE23BCD315D7DC301773E9856A6854B95740B2E2 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:36:16.0153 0x0510  amdkmdap - ok
18:36:16.0341 0x0510  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:36:16.0497 0x0510  AmdPPM - ok
18:36:16.0621 0x0510  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:36:16.0684 0x0510  amdsata - ok
18:36:16.0840 0x0510  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:36:16.0949 0x0510  amdsbs - ok
18:36:17.0043 0x0510  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:36:17.0167 0x0510  amdxata - ok
18:36:17.0277 0x0510  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:36:22.0269 0x0510  AppID - ok
18:36:22.0456 0x0510  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:36:22.0659 0x0510  AppIDSvc - ok
18:36:22.0752 0x0510  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:36:22.0908 0x0510  Appinfo - ok
18:36:23.0485 0x0510  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:36:23.0563 0x0510  Apple Mobile Device - ok
18:36:23.0751 0x0510  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:36:23.0891 0x0510  AppMgmt - ok
18:36:24.0000 0x0510  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:36:24.0047 0x0510  arc - ok
18:36:24.0094 0x0510  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:36:24.0125 0x0510  arcsas - ok
18:36:25.0919 0x0510  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:36:26.0543 0x0510  aspnet_state - ok
18:36:26.0793 0x0510  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:36:26.0824 0x0510  aswHwid - ok
18:36:27.0011 0x0510  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:36:27.0042 0x0510  aswMonFlt - ok
18:36:27.0167 0x0510  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:36:27.0198 0x0510  aswRdr - ok
18:36:27.0354 0x0510  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:36:27.0448 0x0510  aswRvrt - ok
18:36:27.0963 0x0510  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:36:28.0009 0x0510  aswSnx - ok
18:36:28.0259 0x0510  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:36:28.0306 0x0510  aswSP - ok
18:36:28.0540 0x0510  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:36:28.0571 0x0510  aswStm - ok
18:36:28.0945 0x0510  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:36:29.0008 0x0510  aswVmm - ok
18:36:29.0070 0x0510  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:36:29.0211 0x0510  AsyncMac - ok
18:36:29.0273 0x0510  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:36:29.0304 0x0510  atapi - ok
18:36:29.0476 0x0510  [ 24464B908E143D2561E9E452FEE97309, F5A24FEBAD1B1795A075130F7FFDD4EB76C8F1855FA1628A29CAFAF03C1C9183 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:36:29.0507 0x0510  AtiHDAudioService - ok
18:36:29.0803 0x0510  [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:36:29.0913 0x0510  AtiHdmiService - ok
18:36:32.0955 0x0510  [ 5B871F3E4A4A6C4693A413E3138B51D0, 3A1C4595F72DA0A852043624E52B3BE87BBC4D1AFDD09624E3EAD328D0B78310 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:36:33.0220 0x0510  atikmdag - ok
18:36:33.0532 0x0510  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:36:33.0657 0x0510  AudioEndpointBuilder - ok
18:36:33.0844 0x0510  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:36:33.0891 0x0510  AudioSrv - ok
18:36:34.0437 0x0510  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:36:34.0483 0x0510  avast! Antivirus - ok
18:36:34.0593 0x0510  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:36:34.0671 0x0510  AxInstSV - ok
18:36:34.0811 0x0510  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:36:34.0920 0x0510  b06bdrv - ok
18:36:35.0045 0x0510  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:36:35.0123 0x0510  b57nd60a - ok
18:36:35.0185 0x0510  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:36:35.0232 0x0510  BDESVC - ok
18:36:35.0341 0x0510  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:36:35.0404 0x0510  Beep - ok
18:36:35.0591 0x0510  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:36:35.0669 0x0510  BFE - ok
18:36:36.0059 0x0510  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
18:36:36.0153 0x0510  BITS - ok
18:36:36.0293 0x0510  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:36:36.0340 0x0510  blbdrive - ok
18:36:36.0480 0x0510  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:36:36.0511 0x0510  Bonjour Service - ok
18:36:36.0714 0x0510  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:36:36.0823 0x0510  bowser - ok
18:36:36.0855 0x0510  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:36:37.0479 0x0510  BrFiltLo - ok
18:36:37.0557 0x0510  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:36:37.0681 0x0510  BrFiltUp - ok
18:36:37.0900 0x0510  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:36:38.0009 0x0510  BridgeMP - ok
18:36:38.0103 0x0510  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:36:38.0149 0x0510  Browser - ok
18:36:38.0321 0x0510  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:36:38.0461 0x0510  Brserid - ok
18:36:38.0493 0x0510  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:36:38.0539 0x0510  BrSerWdm - ok
18:36:38.0664 0x0510  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:36:38.0820 0x0510  BrUsbMdm - ok
18:36:38.0867 0x0510  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:36:38.0976 0x0510  BrUsbSer - ok
18:36:38.0992 0x0510  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:36:39.0148 0x0510  BTHMODEM - ok
18:36:39.0273 0x0510  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:36:39.0351 0x0510  bthserv - ok
18:36:39.0507 0x0510  catchme - ok
18:36:39.0912 0x0510  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:36:40.0115 0x0510  cdfs - ok
18:36:40.0458 0x0510  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:36:40.0552 0x0510  cdrom - ok
18:36:40.0677 0x0510  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:36:40.0817 0x0510  CertPropSvc - ok
18:36:40.0911 0x0510  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:36:40.0989 0x0510  circlass - ok
18:36:41.0332 0x0510  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:36:41.0441 0x0510  CLFS - ok
18:36:42.0361 0x0510  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:36:42.0611 0x0510  clr_optimization_v2.0.50727_32 - ok
18:36:43.0797 0x0510  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:36:43.0906 0x0510  clr_optimization_v2.0.50727_64 - ok
18:36:44.0623 0x0510  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:36:46.0324 0x0510  clr_optimization_v4.0.30319_32 - ok
18:36:46.0371 0x0510  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:36:46.0901 0x0510  clr_optimization_v4.0.30319_64 - ok
18:36:46.0979 0x0510  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:36:47.0073 0x0510  CmBatt - ok
18:36:47.0182 0x0510  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:36:47.0400 0x0510  cmdide - ok
18:36:47.0681 0x0510  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:36:47.0743 0x0510  CNG - ok
18:36:47.0868 0x0510  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:36:47.0931 0x0510  Compbatt - ok
18:36:48.0087 0x0510  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:36:48.0196 0x0510  CompositeBus - ok
18:36:48.0196 0x0510  COMSysApp - ok
18:36:48.0274 0x0510  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:36:48.0305 0x0510  crcdisk - ok
18:36:48.0399 0x0510  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:36:48.0461 0x0510  CryptSvc - ok
18:36:48.0757 0x0510  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:36:48.0867 0x0510  CSC - ok
18:36:48.0991 0x0510  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:36:49.0054 0x0510  CscService - ok
18:36:49.0225 0x0510  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:36:49.0350 0x0510  DcomLaunch - ok
18:36:49.0459 0x0510  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:36:49.0553 0x0510  defragsvc - ok
18:36:49.0787 0x0510  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:36:49.0849 0x0510  DfsC - ok
18:36:49.0959 0x0510  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:36:50.0005 0x0510  Dhcp - ok
18:36:50.0068 0x0510  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:36:50.0130 0x0510  discache - ok
18:36:50.0193 0x0510  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:36:50.0224 0x0510  Disk - ok
18:36:50.0286 0x0510  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:36:50.0333 0x0510  Dnscache - ok
18:36:50.0380 0x0510  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:36:50.0473 0x0510  dot3svc - ok
18:36:50.0536 0x0510  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:36:50.0598 0x0510  DPS - ok
18:36:50.0739 0x0510  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:36:50.0817 0x0510  drmkaud - ok
18:36:50.0941 0x0510  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:36:50.0988 0x0510  DXGKrnl - ok
18:36:51.0051 0x0510  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:36:51.0113 0x0510  EapHost - ok
18:36:51.0519 0x0510  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:36:51.0721 0x0510  ebdrv - ok
18:36:51.0784 0x0510  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
18:36:51.0862 0x0510  EFS - ok
18:36:51.0987 0x0510  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:36:52.0049 0x0510  ehRecvr - ok
18:36:52.0158 0x0510  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:36:52.0221 0x0510  ehSched - ok
18:36:52.0361 0x0510  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:36:52.0611 0x0510  elxstor - ok
18:36:52.0751 0x0510  [ 12C061D9F9621BE916D58191872EC281, 5285C5AF9ECDAF9CBB7A5D0FC97D882EC06778CF5688E86890A617E2670C413B ] ENTECH64        C:\Windows\system32\DRIVERS\ENTECH64.sys
18:36:52.0798 0x0510  ENTECH64 - ok
18:36:53.0032 0x0510  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
18:36:53.0079 0x0510  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
18:36:53.0141 0x0510  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
18:36:53.0141 0x0510  Force sending object to P2P due to detect: EpsonBidirectionalService
18:36:53.0235 0x0510  Object send P2P result: false
18:36:53.0328 0x0510  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
18:36:53.0359 0x0510  EpsonScanSvc - ok
18:36:53.0422 0x0510  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:36:53.0515 0x0510  ErrDev - ok
18:36:53.0671 0x0510  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:36:53.0749 0x0510  EventSystem - ok
18:36:53.0781 0x0510  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:36:53.0859 0x0510  exfat - ok
18:36:54.0108 0x0510  [ A33E0921D0C256E348E0F6D66C77B7F7, FE5038835873159B0E86FDC4A8D7DB15072C7F0BA5B70837271C865E3F0F82F9 ] EyeOneDisplay   C:\Windows\system32\Drivers\i1display_x64.sys
18:36:54.0171 0x0510  EyeOneDisplay - ok
18:36:54.0327 0x0510  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:36:54.0420 0x0510  fastfat - ok
18:36:54.0576 0x0510  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:36:54.0685 0x0510  Fax - ok
18:36:54.0701 0x0510  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:36:54.0779 0x0510  fdc - ok
18:36:54.0888 0x0510  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:36:54.0997 0x0510  fdPHost - ok
18:36:54.0997 0x0510  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:36:55.0075 0x0510  FDResPub - ok
18:36:55.0356 0x0510  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:36:55.0403 0x0510  FileInfo - ok
18:36:55.0497 0x0510  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:36:55.0575 0x0510  Filetrace - ok
18:36:55.0590 0x0510  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:36:55.0621 0x0510  flpydisk - ok
18:36:55.0887 0x0510  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:36:55.0918 0x0510  FltMgr - ok
18:36:55.0980 0x0510  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
18:36:56.0027 0x0510  fltsrv - ok
18:36:56.0214 0x0510  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:36:56.0292 0x0510  FontCache - ok
18:36:56.0417 0x0510  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:36:56.0448 0x0510  FontCache3.0.0.0 - ok
18:36:56.0511 0x0510  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:36:56.0557 0x0510  FsDepends - ok
18:36:56.0698 0x0510  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:36:56.0729 0x0510  Fs_Rec - ok
18:36:56.0901 0x0510  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:36:56.0947 0x0510  fvevol - ok
18:36:56.0994 0x0510  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:36:57.0041 0x0510  gagp30kx - ok
18:36:57.0135 0x0510  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:36:57.0166 0x0510  GEARAspiWDM - ok
18:36:57.0447 0x0510  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:36:57.0525 0x0510  gpsvc - ok
18:36:57.0681 0x0510  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:36:57.0696 0x0510  gupdate - ok
18:36:57.0712 0x0510  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:36:57.0743 0x0510  gupdatem - ok
18:36:57.0805 0x0510  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:36:57.0852 0x0510  gusvc - ok
18:36:57.0915 0x0510  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:36:57.0977 0x0510  hcw85cir - ok
18:36:58.0211 0x0510  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:36:58.0242 0x0510  HdAudAddService - ok
18:36:58.0336 0x0510  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:36:58.0398 0x0510  HDAudBus - ok
18:36:58.0445 0x0510  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:36:58.0507 0x0510  HidBatt - ok
18:36:58.0523 0x0510  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:36:58.0585 0x0510  HidBth - ok
18:36:58.0663 0x0510  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:36:58.0804 0x0510  HidIr - ok
18:36:58.0866 0x0510  [ BB1F112964789EED537584C75CE8D355, 7668398A44662C368ADF9B6982C4B87BBD8D64071049FFCF87AB55BC834E97E8 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
18:36:58.0882 0x0510  hidkmdf - ok
18:36:58.0960 0x0510  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:36:59.0022 0x0510  hidserv - ok
18:36:59.0116 0x0510  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:36:59.0178 0x0510  HidUsb - ok
18:36:59.0225 0x0510  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:36:59.0334 0x0510  hkmsvc - ok
18:36:59.0475 0x0510  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:36:59.0537 0x0510  HomeGroupListener - ok
18:36:59.0568 0x0510  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:36:59.0615 0x0510  HomeGroupProvider - ok
18:36:59.0709 0x0510  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:36:59.0740 0x0510  HpSAMD - ok
18:36:59.0896 0x0510  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:36:59.0958 0x0510  HTTP - ok
18:37:00.0021 0x0510  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:37:00.0052 0x0510  hwpolicy - ok
18:37:00.0099 0x0510  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:37:00.0145 0x0510  i8042prt - ok
18:37:00.0333 0x0510  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:37:00.0395 0x0510  iaStorV - ok
18:37:00.0582 0x0510  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:37:00.0691 0x0510  idsvc - ok
18:37:00.0879 0x0510  IEEtwCollectorService - ok
18:37:00.0957 0x0510  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:37:01.0035 0x0510  iirsp - ok
18:37:01.0159 0x0510  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:37:01.0269 0x0510  IKEEXT - ok
18:37:01.0362 0x0510  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:37:01.0425 0x0510  intelide - ok
18:37:01.0534 0x0510  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:37:01.0596 0x0510  intelppm - ok
18:37:01.0659 0x0510  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:37:01.0752 0x0510  IPBusEnum - ok
18:37:01.0830 0x0510  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:37:01.0908 0x0510  IpFilterDriver - ok
18:37:02.0064 0x0510  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:37:02.0220 0x0510  iphlpsvc - ok
18:37:02.0314 0x0510  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:37:02.0392 0x0510  IPMIDRV - ok
18:37:02.0517 0x0510  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:37:02.0579 0x0510  IPNAT - ok
18:37:02.0797 0x0510  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:37:02.0829 0x0510  iPod Service - ok
18:37:02.0891 0x0510  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:37:03.0094 0x0510  IRENUM - ok
18:37:03.0156 0x0510  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:37:03.0203 0x0510  isapnp - ok
18:37:03.0297 0x0510  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:37:03.0343 0x0510  iScsiPrt - ok
18:37:03.0531 0x0510  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:37:03.0562 0x0510  kbdclass - ok
18:37:03.0609 0x0510  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:37:03.0671 0x0510  kbdhid - ok
18:37:03.0702 0x0510  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
18:37:03.0733 0x0510  KeyIso - ok
18:37:03.0827 0x0510  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:37:03.0874 0x0510  KSecDD - ok
18:37:03.0921 0x0510  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:37:03.0952 0x0510  KSecPkg - ok
18:37:04.0014 0x0510  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:37:04.0092 0x0510  ksthunk - ok
18:37:04.0186 0x0510  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:37:04.0279 0x0510  KtmRm - ok
18:37:04.0373 0x0510  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:37:04.0451 0x0510  LanmanServer - ok
18:37:04.0560 0x0510  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:37:04.0638 0x0510  LanmanWorkstation - ok
18:37:04.0857 0x0510  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:37:04.0919 0x0510  LBTServ - ok
18:37:05.0122 0x0510  [ ED7EC050CD6C20E1A93A4DAFB7EFD14D, 9B3B9FA23788680D13E3DC2EEA2F127591A368578AEAB70F03AC379BA7379184 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
18:37:05.0153 0x0510  LEqdUsb - ok
18:37:05.0247 0x0510  [ 3267BC698E29474A8381E68904EB0390, A653ED6364D4B7E02FB7087D364E33D029B15A92E0FAAB176877DE5F93B36B65 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
18:37:05.0278 0x0510  LHidEqd - ok
18:37:05.0371 0x0510  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:37:05.0403 0x0510  LHidFilt - ok
18:37:05.0496 0x0510  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:37:05.0574 0x0510  lltdio - ok
18:37:05.0730 0x0510  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:37:05.0808 0x0510  lltdsvc - ok
18:37:05.0824 0x0510  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:37:05.0871 0x0510  lmhosts - ok
18:37:05.0980 0x0510  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:37:06.0011 0x0510  LMouFilt - ok
18:37:06.0105 0x0510  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:37:06.0151 0x0510  LSI_FC - ok
18:37:06.0167 0x0510  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:37:06.0198 0x0510  LSI_SAS - ok
18:37:06.0214 0x0510  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:37:06.0261 0x0510  LSI_SAS2 - ok
18:37:06.0276 0x0510  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:37:06.0323 0x0510  LSI_SCSI - ok
18:37:06.0448 0x0510  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:37:06.0510 0x0510  luafv - ok
18:37:06.0604 0x0510  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:37:06.0635 0x0510  MBAMProtector - ok
18:37:06.0885 0x0510  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:37:06.0947 0x0510  MBAMScheduler - ok
18:37:07.0072 0x0510  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:37:07.0119 0x0510  MBAMService - ok
18:37:07.0150 0x0510  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:37:07.0243 0x0510  MBAMWebAccessControl - ok
18:37:07.0306 0x0510  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:37:07.0337 0x0510  Mcx2Svc - ok
18:37:07.0353 0x0510  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:37:07.0384 0x0510  megasas - ok
18:37:07.0462 0x0510  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:37:07.0493 0x0510  MegaSR - ok
18:37:07.0555 0x0510  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:37:07.0618 0x0510  MMCSS - ok
18:37:07.0649 0x0510  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:37:07.0727 0x0510  Modem - ok
18:37:07.0883 0x0510  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:37:07.0945 0x0510  monitor - ok
18:37:08.0055 0x0510  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:37:08.0086 0x0510  mouclass - ok
18:37:08.0211 0x0510  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:37:08.0273 0x0510  mouhid - ok
18:37:08.0335 0x0510  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:37:08.0367 0x0510  mountmgr - ok
18:37:08.0585 0x0510  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:37:08.0663 0x0510  MozillaMaintenance - ok
18:37:08.0741 0x0510  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:37:08.0772 0x0510  mpio - ok
18:37:08.0959 0x0510  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:37:09.0006 0x0510  mpsdrv - ok
18:37:09.0256 0x0510  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:37:09.0334 0x0510  MpsSvc - ok
18:37:09.0412 0x0510  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:37:09.0474 0x0510  MRxDAV - ok
18:37:09.0646 0x0510  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:37:09.0771 0x0510  mrxsmb - ok
18:37:10.0067 0x0510  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:37:10.0145 0x0510  mrxsmb10 - ok
18:37:10.0473 0x0510  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:37:10.0504 0x0510  mrxsmb20 - ok
18:37:10.0644 0x0510  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:37:10.0675 0x0510  msahci - ok
18:37:10.0722 0x0510  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:37:10.0800 0x0510  msdsm - ok
18:37:10.0941 0x0510  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:37:11.0050 0x0510  MSDTC - ok
18:37:11.0221 0x0510  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:37:11.0268 0x0510  Msfs - ok
18:37:11.0331 0x0510  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:37:11.0455 0x0510  mshidkmdf - ok
18:37:11.0549 0x0510  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:37:11.0643 0x0510  msisadrv - ok
18:37:11.0705 0x0510  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:37:11.0799 0x0510  MSiSCSI - ok
18:37:11.0814 0x0510  msiserver - ok
18:37:12.0001 0x0510  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:37:12.0079 0x0510  MSKSSRV - ok
18:37:12.0235 0x0510  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:37:12.0329 0x0510  MSPCLOCK - ok
18:37:12.0423 0x0510  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:37:12.0547 0x0510  MSPQM - ok
18:37:12.0657 0x0510  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:37:12.0688 0x0510  MsRPC - ok
18:37:12.0844 0x0510  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:37:12.0875 0x0510  mssmbios - ok
18:37:12.0969 0x0510  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:37:13.0062 0x0510  MSTEE - ok
18:37:13.0062 0x0510  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:37:13.0125 0x0510  MTConfig - ok
18:37:13.0296 0x0510  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
18:37:13.0374 0x0510  MTsensor - ok
18:37:13.0530 0x0510  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:37:13.0577 0x0510  Mup - ok
18:37:13.0717 0x0510  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:37:13.0795 0x0510  napagent - ok
18:37:13.0983 0x0510  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:37:14.0045 0x0510  NativeWifiP - ok
18:37:14.0232 0x0510  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:37:14.0310 0x0510  NDIS - ok
18:37:14.0357 0x0510  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:37:14.0435 0x0510  NdisCap - ok
18:37:14.0529 0x0510  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:37:14.0575 0x0510  NdisTapi - ok
18:37:14.0685 0x0510  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:37:14.0763 0x0510  Ndisuio - ok
18:37:14.0872 0x0510  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:37:14.0950 0x0510  NdisWan - ok
18:37:15.0153 0x0510  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:37:15.0231 0x0510  NDProxy - ok
18:37:15.0465 0x0510  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
18:37:15.0558 0x0510  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
18:37:15.0558 0x0510  Netaapl ( UnsignedFile.Multi.Generic ) - warning
18:37:15.0823 0x0510  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:37:15.0886 0x0510  NetBIOS - ok
18:37:16.0026 0x0510  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:37:16.0104 0x0510  NetBT - ok
18:37:16.0167 0x0510  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
18:37:16.0198 0x0510  Netlogon - ok
18:37:16.0323 0x0510  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:37:16.0432 0x0510  Netman - ok
18:37:16.0510 0x0510  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:37:16.0603 0x0510  NetMsmqActivator - ok
18:37:16.0603 0x0510  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:37:16.0635 0x0510  NetPipeActivator - ok
18:37:16.0775 0x0510  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:37:16.0869 0x0510  netprofm - ok
18:37:17.0165 0x0510  [ 883269C1CA478658F1334F3C39B0C7AC, 7673B6F84F49C86E609178B3C88CBA0749138C1E85170B5986E88508BBC6B086 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
18:37:17.0305 0x0510  netr28ux - ok
18:37:17.0539 0x0510  [ 93A240FD4C133D1ED7CCF829159C4B78, E749D88BA7824FE64BC0E08C74A48F06D225123B62E05F1D094CDA269048D3BA ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
18:37:17.0789 0x0510  netr7364 - ok
18:37:17.0898 0x0510  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:37:17.0945 0x0510  NetTcpActivator - ok
18:37:18.0007 0x0510  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:37:18.0039 0x0510  NetTcpPortSharing - ok
18:37:18.0163 0x0510  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:37:18.0257 0x0510  nfrd960 - ok
18:37:18.0397 0x0510  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:37:18.0631 0x0510  NlaSvc - ok
18:37:18.0725 0x0510  [ 40777BD92D73A8FF3B252E4F4881E672, 9CDC71D7E0502D5671A2201460ADC66B82CA042B2DFB33B6FBA84E0BAD01910E ] nlscc           C:\Windows\system32\nlsInterface.exe
18:37:18.0756 0x0510  nlscc - detected UnsignedFile.Multi.Generic ( 1 )
18:37:18.0756 0x0510  nlscc ( UnsignedFile.Multi.Generic ) - warning
18:37:18.0756 0x0510  Force sending object to P2P due to detect: nlscc
18:37:18.0787 0x0510  Object send P2P result: false
18:37:23.0109 0x0510  [ B1EF4686961986DFFB7FE8F18E6FCB5B, 562F144DAA8C2D6E4D55C7ABEF1DB52FC67F1A09E03CD700E27DFC3A4920E271 ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
18:37:23.0187 0x0510  nlsX86cc - detected UnsignedFile.Multi.Generic ( 1 )
18:37:23.0187 0x0510  nlsX86cc ( UnsignedFile.Multi.Generic ) - warning
18:37:23.0187 0x0510  Force sending object to P2P due to detect: nlsX86cc
18:37:23.0421 0x0510  Object send P2P result: false
18:37:23.0592 0x0510  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:37:23.0639 0x0510  Npfs - ok
18:37:23.0733 0x0510  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:37:23.0811 0x0510  nsi - ok
18:37:23.0951 0x0510  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:37:24.0029 0x0510  nsiproxy - ok
18:37:24.0466 0x0510  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:37:24.0575 0x0510  Ntfs - ok
18:37:24.0715 0x0510  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:37:24.0747 0x0510  Null - ok
18:37:24.0856 0x0510  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:37:24.0934 0x0510  nvraid - ok
18:37:25.0027 0x0510  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:37:25.0090 0x0510  nvstor - ok
18:37:25.0168 0x0510  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:37:25.0215 0x0510  nv_agp - ok
18:37:25.0620 0x0510  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:37:25.0698 0x0510  odserv - ok
18:37:25.0745 0x0510  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:37:25.0823 0x0510  ohci1394 - ok
18:37:25.0963 0x0510  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:37:26.0041 0x0510  ose - ok
18:37:26.0244 0x0510  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:37:26.0369 0x0510  p2pimsvc - ok
18:37:26.0712 0x0510  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:37:26.0821 0x0510  p2psvc - ok
18:37:26.0884 0x0510  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:37:26.0962 0x0510  Parport - ok
18:37:27.0040 0x0510  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:37:27.0087 0x0510  partmgr - ok
18:37:27.0196 0x0510  [ 304E6AC43613A9C43896C4300009442B, FA007363E62F156D74D324F5EFAE2DA79D0E53688FD122D34E0AA088677DDD37 ] PCAMp50a64      C:\Windows\system32\Drivers\PCAMp50a64.sys
18:37:27.0258 0x0510  PCAMp50a64 - ok
18:37:27.0321 0x0510  [ 18B6869E23937175144E6F1D3CB85FC2, CB04A3948951F2D7943DCDDD5A7894B50B1C1DC0F0629ECCA652F66E20D2015B ] PCASp50a64      C:\Windows\system32\Drivers\PCASp50a64.sys
18:37:27.0367 0x0510  PCASp50a64 - ok
18:37:27.0461 0x0510  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:37:27.0539 0x0510  PcaSvc - ok
18:37:27.0679 0x0510  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:37:27.0726 0x0510  pci - ok
18:37:27.0820 0x0510  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:37:27.0929 0x0510  pciide - ok
18:37:28.0085 0x0510  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:37:28.0163 0x0510  pcmcia - ok
18:37:28.0194 0x0510  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:37:28.0257 0x0510  pcw - ok
18:37:28.0662 0x0510  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:37:28.0771 0x0510  PEAUTH - ok
18:37:28.0943 0x0510  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:37:29.0068 0x0510  PeerDistSvc - ok
18:37:29.0115 0x0510  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:37:29.0208 0x0510  PerfHost - ok
18:37:29.0489 0x0510  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:37:29.0645 0x0510  pla - ok
18:37:29.0832 0x0510  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:37:29.0895 0x0510  PlugPlay - ok
18:37:29.0957 0x0510  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:37:30.0082 0x0510  PNRPAutoReg - ok
18:37:30.0222 0x0510  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:37:30.0269 0x0510  PNRPsvc - ok
18:37:30.0441 0x0510  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:37:30.0550 0x0510  PolicyAgent - ok
18:37:30.0643 0x0510  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:37:30.0721 0x0510  Power - ok
18:37:30.0846 0x0510  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:37:30.0955 0x0510  PptpMiniport - ok
18:37:31.0002 0x0510  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:37:31.0127 0x0510  Processor - ok
18:37:31.0579 0x0510  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:37:31.0642 0x0510  ProfSvc - ok
18:37:31.0704 0x0510  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:37:31.0751 0x0510  ProtectedStorage - ok
18:37:31.0845 0x0510  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:37:31.0969 0x0510  Psched - ok
18:37:32.0094 0x0510  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:37:32.0219 0x0510  PSI - ok
18:37:32.0827 0x0510  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:37:32.0952 0x0510  ql2300 - ok
18:37:32.0983 0x0510  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:37:33.0030 0x0510  ql40xx - ok
18:37:33.0108 0x0510  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:37:33.0217 0x0510  QWAVE - ok
18:37:33.0295 0x0510  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:37:33.0373 0x0510  QWAVEdrv - ok
18:37:35.0261 0x0510  [ AC26

[AdvancedSetup]

Please attach the file. It does not look like the board posted the entire log.

[NigelD1]

There you go Ron

 

 

Combofix log.txt

[AdvancedSetup]

No I'm looking to have you attach the "TDSS rootkit" log please.

 

Thank you

[NigelD1]

Sorry Ron - senior moment

 

 

TDSSKiller.3.0.0.40_05.09.2014_18.33.18_log.txt

[AdvancedSetup]

That log looks fine. So any further issues?

[NigelD1]

Thanks Ron - yes, although the MWB icon is now displaying correctly rather than just the shell, I can't start the programme up. Also, something is still disabling both Avast and Windows Defender on start up so I'm concerned that something is still there or that something else is amiss. Any suggestions?

[AdvancedSetup]

Let me have you run the following please and I'll review that.

 

Create an Autoruns Log:

• Please download Sysinternals Autoruns from here.
• Save Autoruns.exe to your desktop and double-click it to run it.
• Once it starts, please press the Esc key on your keyboard.
• Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures
• Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
• When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.
• Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
• Attach the Autoruns.zip folder you just created to your next reply
  

[NigelD1]

Here you go Ron. PM also sent

 

 

AutoRuns.zip

[AdvancedSetup]

That did not reveal any specific issues. Please uninstall avast and use their clean up tool and then reinstall. Review, monitor WinPatrol and make sure it's not somehow preventing the loading of avast

[NigelD1]

Thanks Ron, done that. For the firt time in a long time both Avast and MWB started up correctly. I have run Avast with nothing found. Hopefully that will be the end of it. Appreciate your patience and help thanks very much.

[AdvancedSetup]

You're quite welcome. I'll leave the post open for a couple days before we finish up. Post back in a day or two and let me know if all is still okay or not and then we'll finish up.

 

Cheers

 

Ron

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!