Spyeyes

fredddy · March 20, 2014

I have McAfee antivirus which says my system is fine. Malawarebytes shows the following (sample).

When trying to delete files Malawarebytes crashes. I have tried chamelon using windows and DOS without any luck.

Any help appreciated.

C:\Program Files (x86)\lucky leap\luckyleapUninstall.exe (PUP.Optional.LuckyLeap.A) -> No action taken.
C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> No action taken.
C:\Recycle.Bin\S-1-5-20\desktop.ini (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I00QO83.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I03UE94.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I0DDYFX.pdf (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I0DPR3R.apk (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I17MDTC.bak (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I1D54AG.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I1F3V6W.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I1OPJ2Q.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I1PGQUN.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I1V6YEM.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I2FU7VK.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I2N3YXQ.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I2QD9Y4.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I2TXIPC.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I2XANP9.log (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I30UF9K.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I37QELQ.dwg (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I3AWU6I.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I3C4REP.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I40K3RP.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I42PBQ0.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I4715SA.pptx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I4NEHNV.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I570UWR.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I5BI3GH.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I5IFUQP.rdp (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I5SFIGL (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I60SVRE.doc (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I6HMLUJ.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I6X2QHO.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I70881H.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I75IEHQ.pdf (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I7KTWOT.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I7YNHGX.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I8G9FE6.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I97Y0F6.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9JGVYR.dwg (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9Q1T3D.JPG (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9TEWVK.search-ms (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9U6UH5.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9YQTNI.bak (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$I9ZCB52.doc (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$IA7VJCR.ppt (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$IAAM2O2.mp4 (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$IAH1M9N.docx (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-35656154-1057518639-1000\$IAUO5PZ.exe (Trojan.Spyeyes) -> No action taken.
C:\Recycle.Bin\S-1-5-21-3244461245-3565

Psychotic · March 20, 2014

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

Run FRST.
Don´t change one of the checkboxes and hit Scan.
Logfiles are created on your desktop.
Poste the FRST.txt and (after the first scan only!) the Addition.txt.

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

fredddy · March 20, 2014

Hi Marious, thanks for the help. First log posted below. Additional and TDSSkiller logs to follow.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by Ron (administrator) on 390-W7BASE-PC on 20-03-2014 15:33:47

Running from C:\Users\390-w7base\Documents\Downloads

Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Windows\system32\mfevtps.exe

() C:\Windows\SysWOW64\WinService.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtwTracePktWpp.exe

(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

() C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-20] (Microsoft Corporation)

HKU\S-1-5-21-3244461245-35656154-1057518639-1000\...\Run: [VoipCheap] - C:\Program Files (x86)\VoipCheap.co.uk\VoipCheap\VoipCheap.exe [19411264 2013-04-18] (VoipCheap)

HKU\S-1-5-21-3244461245-35656154-1057518639-1000\...\MountPoints2: {dd760033-3401-11e3-a2a0-001aa02e92ba} - J:\setup.exe -a

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD996B12F8CA3CB01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

URLSearchHook: HKCU - (No Name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File

URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File

URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File

URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File

URLSearchHook: HKCU - (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File

SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

SearchScopes: HKLM-x32 - {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}

SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

SearchScopes: HKCU - DefaultScope {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {8F1DDD6A-C4EC-447B-A7EB-C967AB6BE506} URL = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: No Name - {82B16A3D-F03E-4565-A532-666B219C9A53} - C:\Users\390-w7base\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll No File

BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKCU - No Name - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No File

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\390-w7base\AppData\Roaming\Mozilla\Firefox\Profiles\h54id85q.default-1376850454484

FF NewTab: www.google.com

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: www.google.com

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\390-w7base\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Extension: Adblock Plus - C:\Users\390-w7base\AppData\Roaming\Mozilla\Firefox\Profiles\h54id85q.default-1376850454484\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-25]

FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-19]

Chrome:

=======

CHR DefaultSearchKeyword: bing.com

CHR DefaultSearchProvider: Bing

CHR DefaultSearchURL: http://www.bing.com/search?setmkt=en-GB&q={searchTerms}

CHR DefaultNewTabURL:

CHR Extension: (Google Docs) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-20]

CHR Extension: (Google Drive) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-20]

CHR Extension: (YouTube) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-20]

CHR Extension: (Google Search) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-20]

CHR Extension: (BitTorrentControl_v12) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf [2012-09-11]

CHR Extension: (SiteAdvisor) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-03-20]

CHR Extension: (Coolyou) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\haohhpneajlabdmpaohibadjmcpihpeh [2013-10-07]

CHR Extension: (Google Wallet) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]

CHR Extension: (Gmail) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-17]

CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\390-w7base\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-08-26]

CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\390-w7base\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito\ext_offermosquito.crx [2012-08-26]

CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\390-W7~1\AppData\Local\Temp\crx5BAC.tmp [2012-08-26]

CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\390-w7base\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-08-26]

CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-26]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-03-19]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-19]

CHR HKLM-x32\...\Chrome\Extension: [haohhpneajlabdmpaohibadjmcpihpeh] - C:\ProgramData\Coolyou\haohhpneajlabdmpaohibadjmcpihpeh.crx [2012-09-10]

CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\390-W7~1\AppData\Local\Temp\crx2FBA.tmp [2012-09-10]

CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\390-W7~1\AppData\Local\Temp\tbch.crx [2012-09-10]

CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx [2012-09-10]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2013-04-23] (SUPERAntiSpyware.com)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)

R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2013-10-25] (Trusteer Ltd.)

R2 SCM_Service; C:\Windows\SysWOW64\WinService.exe [186848 2010-05-10] ()

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)

S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows ® Win 7 DDK provider)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\48230029.sys [119000 2014-03-18] (Malwarebytes Corporation)

R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)

R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)

R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)

R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)

R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2014-03-03] ()

R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [284176 2013-10-25] (Trusteer Ltd.)

R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [317808 2013-10-25] (Trusteer Ltd.)

R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [399312 2013-10-25] (Trusteer Ltd.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]

S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

S0 TfFsMon; system32\drivers\TfFsMon.sys [X]

S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]

S0 TfSysMon; system32\drivers\TfSysMon.sys [X]

U3 awtyyaoc; \??\C:\Users\390-W7~1\AppData\Local\Temp\awtyyaoc.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-20 15:33 - 2014-03-20 15:33 - 00000000 ____D () C:\FRST

2014-03-20 15:14 - 2014-03-20 15:14 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-20 15:12 - 2014-03-20 15:12 - 00847856 _____ (Google Inc.) C:\Users\390-w7base\Desktop\ChromeSetup.exe

2014-03-20 13:26 - 2014-03-20 13:26 - 00380416 _____ () C:\Users\390-w7base\Documents\fs5y5h06.exe

2014-03-20 12:35 - 2014-03-20 12:35 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-20 12:35 - 2014-03-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-20 12:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-03-20 12:34 - 2014-03-20 12:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\390-w7base\Documents\mbam-setup-1.75.0.1300.exe

2014-03-20 09:34 - 2013-12-21 09:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-03-20 09:34 - 2013-12-21 07:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-03-20 09:13 - 2014-02-23 08:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-20 09:13 - 2014-02-23 08:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-20 09:13 - 2014-02-23 08:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-20 09:13 - 2014-02-23 08:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-20 09:13 - 2014-02-23 08:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-03-20 09:13 - 2014-02-23 08:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-20 09:13 - 2014-02-23 08:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-20 09:13 - 2014-02-23 06:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-20 09:13 - 2014-02-23 06:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-20 09:13 - 2014-02-23 06:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-20 09:13 - 2014-02-23 05:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-03-20 09:13 - 2014-02-23 05:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-03-20 09:12 - 2014-02-23 08:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-20 09:12 - 2014-02-23 08:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-20 09:12 - 2014-02-23 08:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-20 09:12 - 2014-02-23 08:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-20 09:12 - 2014-02-23 08:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-20 09:12 - 2014-02-23 08:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-20 09:12 - 2014-02-23 08:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-03-20 09:12 - 2014-02-23 08:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-20 09:12 - 2014-02-23 06:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-20 09:12 - 2014-02-23 06:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-20 09:12 - 2014-02-23 06:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-20 08:51 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-03-20 08:51 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-03-20 08:51 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-03-20 08:51 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-03-20 08:50 - 2014-02-07 01:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-20 08:50 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-03-20 08:50 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-03-20 08:50 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-03-20 08:50 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-03-20 08:50 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-03-20 08:50 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-03-20 08:49 - 2014-02-04 02:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-20 08:49 - 2014-02-04 02:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-20 08:49 - 2014-01-29 02:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-20 08:49 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-19 10:13 - 2014-03-20 10:43 - 00001844 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk

2014-03-19 10:12 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2014-03-19 10:11 - 2014-03-19 10:11 - 00000000 ____D () C:\Program Files (x86)\McAfee.com

2014-03-19 10:10 - 2014-03-20 08:28 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-03-19 10:10 - 2014-03-19 10:12 - 00000000 ____D () C:\Program Files\McAfee

2014-03-19 10:10 - 2014-03-19 10:10 - 00000000 ____D () C:\Program Files\McAfee.com

2014-03-19 09:52 - 2014-03-19 10:12 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2014-03-19 09:52 - 2014-01-27 08:37 - 00185792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe

2014-03-18 16:24 - 2014-03-18 16:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-03-18 16:22 - 2014-03-18 16:22 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-03-18 16:21 - 2014-03-18 16:21 - 00000000 ____D () C:\Users\390-w7base\Desktop\mbar

2014-03-18 15:32 - 2014-03-18 15:37 - 00000794 _____ () C:\Users\390-w7base\Desktop\unhide.txt

2014-03-18 14:52 - 2014-03-20 10:03 - 00001242 _____ () C:\Windows\setupact.log

2014-03-18 14:52 - 2014-03-18 14:52 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-18 14:51 - 2014-03-20 10:01 - 00029344 _____ () C:\Windows\PFRO.log

2014-03-18 14:34 - 2014-03-18 14:48 - 00000000 ____D () C:\ProgramData\SparkTrust

2014-03-18 14:34 - 2014-03-18 14:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\SparkTrust

2014-03-18 14:34 - 2014-03-18 14:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\DriverCure

2014-03-18 14:26 - 2014-03-18 14:26 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

2014-03-18 14:14 - 2014-03-18 14:14 - 00153200 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll

2014-03-18 14:14 - 2014-03-18 14:14 - 00139256 _____ (BullGuard Ltd.) C:\Windows\SysWOW64\BgGamingMonitor.dll

2014-03-18 14:02 - 2014-03-18 14:04 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-18 14:01 - 2014-03-18 14:01 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\QuickScan

2014-03-14 16:22 - 2014-03-17 20:17 - 00090624 _____ () C:\Users\390-w7base\Documents\R11 B120 student list glasgow CAMPBELL group 14D - 20 students-5.xls

2014-03-14 16:15 - 2014-03-14 16:15 - 00000000 ____D () C:\Users\390-w7base\Documents\New folder (2)

2014-03-10 17:22 - 2014-03-10 17:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\Blackboard

2014-03-03 15:49 - 2014-03-03 15:49 - 00000256 _____ () C:\lxcz.log

2014-03-02 15:10 - 2014-03-02 15:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Trusteer

2014-03-02 15:10 - 2014-03-02 15:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Trusteer

==================== One Month Modified Files and Folders =======

2014-03-20 15:33 - 2014-03-20 15:33 - 00000000 ____D () C:\FRST

2014-03-20 15:16 - 2013-08-17 16:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-20 15:14 - 2014-03-20 15:14 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-20 15:14 - 2011-01-01 13:36 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-20 15:12 - 2014-03-20 15:12 - 00847856 _____ (Google Inc.) C:\Users\390-w7base\Desktop\ChromeSetup.exe

2014-03-20 15:09 - 2013-06-03 15:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-20 15:06 - 2011-01-01 13:36 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-20 14:06 - 2011-01-01 13:36 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-20 13:29 - 2011-01-09 11:50 - 00000000 ____D () C:\Users\390-w7base\AppData\Local\CrashDumps

2014-03-20 13:26 - 2014-03-20 13:26 - 00380416 _____ () C:\Users\390-w7base\Documents\fs5y5h06.exe

2014-03-20 13:05 - 2010-12-11 11:07 - 00000000 ____D () C:\Users\390-w7base

2014-03-20 13:02 - 2013-11-08 17:41 - 00000000 ____D () C:\Program Files (x86)\lucky leap

2014-03-20 13:00 - 2013-11-10 09:44 - 00000000 ____D () C:\Users\390-w7base\AppData\Local\ext_offermosquito

2014-03-20 12:35 - 2014-03-20 12:35 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-20 12:35 - 2014-03-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-20 12:34 - 2014-03-20 12:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\390-w7base\Documents\mbam-setup-1.75.0.1300.exe

2014-03-20 12:00 - 2011-08-29 13:37 - 00000000 ____D () C:\CV

2014-03-20 11:35 - 2013-04-04 08:29 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\EssentialPIM

2014-03-20 10:43 - 2014-03-19 10:13 - 00001844 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk

2014-03-20 10:40 - 2010-12-11 11:58 - 01151827 _____ () C:\Windows\WindowsUpdate.log

2014-03-20 10:39 - 2011-05-28 14:15 - 00000440 _____ () C:\Windows\Tasks\PCConfidential.job

2014-03-20 10:11 - 2009-07-14 04:45 - 00017792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-20 10:11 - 2009-07-14 04:45 - 00017792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-20 10:05 - 2010-12-11 19:55 - 00000000 ____D () C:\Windows\Panther

2014-03-20 10:03 - 2014-03-18 14:52 - 00001242 _____ () C:\Windows\setupact.log

2014-03-20 10:03 - 2011-04-16 13:35 - 00000302 _____ () C:\Windows\Tasks\BearShareNAG.job

2014-03-20 10:03 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-20 10:03 - 2009-07-14 04:45 - 00490376 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-03-20 10:01 - 2014-03-18 14:51 - 00029344 _____ () C:\Windows\PFRO.log

2014-03-20 10:01 - 2012-05-05 15:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-20 10:01 - 2012-05-05 15:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-20 09:55 - 2011-02-27 13:10 - 00768926 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-20 09:54 - 2009-07-14 05:13 - 00768926 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-20 09:47 - 2010-12-12 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-20 09:25 - 2013-08-20 12:18 - 00000000 ____D () C:\Windows\system32\MRT

2014-03-20 09:12 - 2009-07-14 02:34 - 00000478 _____ () C:\Windows\win.ini

2014-03-20 08:28 - 2014-03-19 10:10 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-03-19 16:11 - 2012-09-09 12:07 - 00000000 ____D () C:\ProgramData\McAfee

2014-03-19 10:19 - 2013-11-08 13:53 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Password Key Professional

2014-03-19 10:12 - 2014-03-19 10:10 - 00000000 ____D () C:\Program Files\McAfee

2014-03-19 10:12 - 2014-03-19 09:52 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2014-03-19 10:11 - 2014-03-19 10:11 - 00000000 ____D () C:\Program Files (x86)\McAfee.com

2014-03-19 10:10 - 2014-03-19 10:10 - 00000000 ____D () C:\Program Files\McAfee.com

2014-03-19 10:01 - 2012-04-06 14:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-03-19 10:01 - 2012-04-06 14:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy

2014-03-19 09:56 - 2011-02-27 13:10 - 00001945 _____ () C:\Windows\epplauncher.mif

2014-03-18 16:26 - 2014-03-18 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-03-18 16:22 - 2014-03-18 16:22 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-03-18 16:21 - 2014-03-18 16:21 - 00000000 ____D () C:\Users\390-w7base\Desktop\mbar

2014-03-18 15:37 - 2014-03-18 15:32 - 00000794 _____ () C:\Users\390-w7base\Desktop\unhide.txt

2014-03-18 14:52 - 2014-03-18 14:52 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-18 14:48 - 2014-03-18 14:34 - 00000000 ____D () C:\ProgramData\SparkTrust

2014-03-18 14:34 - 2014-03-18 14:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\SparkTrust

2014-03-18 14:34 - 2014-03-18 14:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\DriverCure

2014-03-18 14:26 - 2014-03-18 14:26 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

2014-03-18 14:14 - 2014-03-18 14:14 - 00153200 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll

2014-03-18 14:14 - 2014-03-18 14:14 - 00139256 _____ (BullGuard Ltd.) C:\Windows\SysWOW64\BgGamingMonitor.dll

2014-03-18 14:04 - 2014-03-18 14:02 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-18 14:01 - 2014-03-18 14:01 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\QuickScan

2014-03-18 13:56 - 2011-10-31 16:34 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\BitTorrent

2014-03-17 20:17 - 2014-03-14 16:22 - 00090624 _____ () C:\Users\390-w7base\Documents\R11 B120 student list glasgow CAMPBELL group 14D - 20 students-5.xls

2014-03-16 15:14 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-03-16 14:36 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-03-15 20:09 - 2014-02-04 10:30 - 00000000 ____D () C:\1Video

2014-03-14 16:20 - 2011-11-30 15:56 - 00000000 ____D () C:\Users\390-w7base\Documents\OTHER DOCUMENTS HERE

2014-03-14 16:20 - 2011-09-09 15:06 - 00311296 ___SH () C:\Users\390-w7base\Documents\Thumbs.db

2014-03-14 16:15 - 2014-03-14 16:15 - 00000000 ____D () C:\Users\390-w7base\Documents\New folder (2)

2014-03-12 17:10 - 2013-06-03 15:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-12 17:10 - 2012-09-09 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-12 17:10 - 2011-07-09 15:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-10 17:34 - 2014-03-10 17:22 - 00000000 ____D () C:\Users\390-w7base\AppData\Roaming\Blackboard

2014-03-10 12:31 - 2008-10-31 16:17 - 00000000 ____D () C:\B121

2014-03-08 17:28 - 2012-07-23 09:50 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla

2014-03-04 13:19 - 2013-05-09 19:14 - 00000000 ____D () C:\Program Files (x86)\Motorola

2014-03-03 15:57 - 2012-10-16 10:02 - 00000000 ____D () C:\Program Files (x86)\Nokia

2014-03-03 15:51 - 2012-10-16 10:03 - 00000000 ____D () C:\ProgramData\Nokia

2014-03-03 15:49 - 2014-03-03 15:49 - 00000256 _____ () C:\lxcz.log

2014-03-03 15:47 - 2012-11-12 13:18 - 00000000 ____D () C:\Users\390-w7base\AppData\Local\Downloaded Installations

2014-03-03 15:43 - 2013-12-27 19:43 - 00000000 ____D () C:\Motorola

2014-03-03 15:41 - 2013-10-13 18:25 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp

2014-03-02 15:10 - 2014-03-02 15:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Trusteer

2014-03-02 15:10 - 2014-03-02 15:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Trusteer

2014-03-02 14:05 - 2010-12-25 11:52 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-02-27 16:51 - 2011-08-29 13:30 - 00000000 ____D () C:\OPen University

2014-02-25 10:40 - 2008-10-08 13:04 - 00000000 ____D () C:\Gleddoch

2014-02-23 08:13 - 2014-03-20 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-23 08:13 - 2014-03-20 09:12 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-23 08:13 - 2014-03-20 09:12 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-23 08:12 - 2014-03-20 09:13 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-23 08:12 - 2014-03-20 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-23 08:12 - 2014-03-20 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-23 08:11 - 2014-03-20 09:13 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-23 08:11 - 2014-03-20 09:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-23 08:11 - 2014-03-20 09:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-02-23 08:11 - 2014-03-20 09:13 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-23 08:11 - 2014-03-20 09:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-23 08:11 - 2014-03-20 09:12 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-23 08:11 - 2014-03-20 09:12 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-23 08:11 - 2014-03-20 09:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-23 08:11 - 2014-03-20 09:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-23 06:54 - 2014-03-20 09:12 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-23 06:54 - 2014-03-20 09:12 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-23 06:53 - 2014-03-20 09:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-23 06:53 - 2014-03-20 09:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-23 06:35 - 2014-03-20 09:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-23 06:31 - 2014-03-20 09:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-23 05:39 - 2014-03-20 09:13 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-02-23 05:35 - 2014-03-20 09:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Files to move or delete:

====================

C:\Users\390-w7base\SafariSetup.exe

Some content of TEMP:

====================

C:\Users\Guest\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-20 14:47

==================== End Of Log ==================

fredddy · March 20, 2014

Hi Marius. 2nd Post. Ron

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by Ron at 2014-03-20 15:34:54

Running from C:\Users\390-w7base\Documents\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

1ClickDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.7 Build 26473 - 1ClickDownload) <==== ATTENTION

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)

AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden

AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden

Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)

Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)

Belkin F5D8053 N Wireless USB Adapter (HKLM-x32\...\InstallShield_{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}) (Version: 2.0.0.10 - Belkin)

Belkin F5D8053 N Wireless USB Adapter (x32 Version: 2.0.0.10 - Belkin) Hidden

Belkin N Wireless USB Adapter Setup (HKLM-x32\...\{4EE9A620-46A0-4BCF-82AC-950D2BBED982}) (Version: 2.20 - Belkin)

Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.322.0 - Microsoft Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)

Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)

Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)

Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft)

Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )

EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version: - SEIKO EPSON Corporation)

EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 5.52 - Astonsoft Ltd)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.3.0 - LIGHTNING UK!)

inSSIDer (HKLM-x32\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek)

Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)

Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden

Java 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)

Java 6 Update 3 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)

Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)

K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)

Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden

Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden

Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)

MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden

Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden

MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

NETGEAR WG111v2 wireless USB 2.0 adapter (HKLM-x32\...\{4102037D-E8E0-48E0-B203-E521D194FB71}) (Version: 1.0.0.133 - NETGEAR)

OU eTMA File Handler (C:\Program Files (x86)\OUeTMAFileHandler\) (HKLM-x32\...\ST6UNST #2) (Version: - )

OU eTMA File Handler (HKLM-x32\...\ST6UNST #1) (Version: - )

PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version: - CPUID)

QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Rapport (x32 Version: 3.5.1304.15 - Trusteer) Hidden

Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)

Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.)

Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1304.15 - Trusteer)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)

Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)

VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)

VoipCheap (HKLM-x32\...\VoipCheap_is1) (Version: 4.08 build 645 - Finarea S.A. Switzerland)

What's Running 3.0 (HKLM-x32\...\What's Running_is1) (Version: 3.0 - WhatsRunning.net)

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)

Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

Windows Password Key Professional (HKLM-x32\...\Windows Password Key Professional) (Version: - PasswordSeeker, Inc.)

WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )

XBMC (HKCU\...\XBMC) (Version: - Team XBMC)

==================== Restore Points =========================

12-03-2014 16:05:32 Windows Update

16-03-2014 15:25:37 Windows Update

18-03-2014 14:01:58 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

18-03-2014 14:03:17 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

18-03-2014 16:50:30 Malwarebytes Anti-Rootkit Restore Point

20-03-2014 08:59:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 02:34 - 2012-04-10 16:56 - 00442124 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 www.10sek.com

127.0.0.1 10sek.com

127.0.0.1 www.1-2005-search.com

127.0.0.1 1-2005-search.com

127.0.0.1 www.123fporn.info

127.0.0.1 123fporn.info

127.0.0.1 123haustiereundmehr.com

127.0.0.1 www.123haustiereundmehr.com

127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {04120334-33C6-414C-B4D1-7C019A659673} - System32\Tasks\{424E878F-BA0C-46D2-BDA2-17A367EC43E2} => C:\Program Files (x86)\NETGEAR\WG111 Configuration Utility\WG111CFG.exe

Task: {065D7E25-9665-46E0-ABCD-2216BAC6E1DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {2E3988C6-9EE0-4DE6-A9C5-D2016DAA01BA} - System32\Tasks\{743CB57D-3C19-4981-A87F-B41497B1A8D0} => C:\Program Files (x86)\AutoCAD 2005\acad.exe

Task: {3A9014F1-6751-4858-BEFF-81FF8E8DD7AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01] (Google Inc.)

Task: {3C0A549A-031B-4956-8CD3-B7A678836E01} - System32\Tasks\{7D8CD93F-C9F2-4AA8-B380-DE3475E433D0} => Firefox.exe

Task: {3D0E61C4-7D6D-4308-B2DD-E0A96569F910} - System32\Tasks\{1AC7CECA-76DF-4003-BAB1-966B23E3A787} => C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe

Task: {3F434507-8698-4307-AA31-4FEF95F00F9E} - System32\Tasks\{441300D3-268C-4005-BBFF-F7098EA77520} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {41BA92FD-9306-42BF-8818-4D2D65B36B77} - System32\Tasks\{0047F762-0382-4299-A3A0-FACC51D319A3} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {42691501-EA4D-49E7-8F07-CB18A8BEA2CE} - System32\Tasks\{5A847458-530B-40F2-913A-4E824BDAFD6B} => C:\Program Files (x86)\AutoCAD 2005\acad.exe

Task: {4304F1E7-E489-4A55-8DE6-A6D45E547139} - System32\Tasks\BearShareNAG => C:\Users\390-W7~1\AppData\Local\Temp\BearShare_setup.exe <==== ATTENTION

Task: {4760981A-2B7F-4205-97E1-C59DD8789CBB} - System32\Tasks\{26F05862-444C-41AE-B45D-05B48874EF14} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsProgressBar

Task: {51FCD51E-3538-4086-9AFA-6A672ED84554} - System32\Tasks\{2DD7B107-DC1E-496D-866D-20DB9EED49A6} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {526EAF26-EEB8-430B-90F9-979F15935476} - System32\Tasks\{4DC4B2B6-8C24-4FB2-9251-638773A542FE} => C:\Program Files (x86)\iLivid\ilivid.exe

Task: {64453A12-1B89-4B36-B95A-E090E17396E3} - System32\Tasks\{201C39C2-E061-4506-8866-AA2709A167A8} => C:\Program Files (x86)\NETGEAR\WG111 Configuration Utility\WG111CFG.exe

Task: {64D3F98F-2234-484E-95D7-E179341C44C6} - System32\Tasks\{546935F9-5306-4C62-8FBA-1A4A00EC0C54} => C:\Program Files (x86)\NETGEAR\WG111 Configuration Utility\WG111CFG.exe

Task: {67A06428-065B-434C-907C-B25FF84C8EC0} - System32\Tasks\{5F7AE1BD-A9D7-490C-851A-1C3A746451EF} => C:\Program Files (x86)\AutoCAD 2005\acad.exe

Task: {78390061-35E4-47BA-90EC-95E438EE42EC} - System32\Tasks\{1990D060-D45D-4BF5-8134-BCA6EC789CCC} => C:\Program Files (x86)\Autodesk\Autodesk DWF Viewer\ExpressViewer.exe

Task: {92B96472-104D-4753-A481-48A100E92381} - System32\Tasks\{53CAC5DF-A9E1-4124-8F7B-9AE78840E066} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {956311A4-8E64-4F46-8B19-87654E089629} - System32\Tasks\{580452BE-F71C-4620-B41C-48D03B3BACF3} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {A044231D-C654-49AD-8B98-30D2012256E5} - System32\Tasks\{40794014-4FF3-48D7-BA7B-84C797D8410D} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {B5D9CF1F-ABE9-4E72-A11F-B14DF2D0567F} - System32\Tasks\PCConfidential => C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe

Task: {B8CA4B08-655E-41AD-9EEB-548F273ED8C3} - System32\Tasks\{25227021-D4BD-4CB9-87CE-751840250F7F} => Firefox.exe http://ui.skype.com/ui/0/6.1.59.129/en/abandoninstall?page=tsProgressBar

Task: {BF7077B5-0D00-46B2-8C14-ED9D65ECBC4D} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

Task: {CD3C0FBF-4D64-47EC-AA07-78F0608BE07E} - System32\Tasks\{D493E868-6BBC-4EE3-8014-F34E506FA560} => C:\Program Files (x86)\iLivid\ilivid.exe

Task: {D1249603-43DA-4135-BEED-9E416A4434E2} - System32\Tasks\{53D0837F-B18B-4A61-BA9B-F4779EB7807A} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: {D4CCE0B5-0F4E-4C1F-B877-712B38091E06} - System32\Tasks\{0D96423F-54BE-4228-AAA0-46A22F4BC185} => C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe

Task: {E5D53327-EA6F-4E54-BAB7-4D24A40EB53B} - System32\Tasks\{13336E05-CEE6-4C8C-9288-1EA244701542} => C:\Program Files (x86)\NETGEAR\WG111 Configuration Utility\WG111CFG.exe

Task: {E8508903-0114-4C64-8050-DDE85FCDF736} - System32\Tasks\{EC8F24DC-6EDB-46E4-BE9A-DFC6BC2B3A36} => C:\Program Files (x86)\NETGEAR\WG111 Configuration Utility\WG111CFG.exe

Task: {ED21E0BE-0540-44EF-8FBC-35918643BB96} - System32\Tasks\{AF6C891C-F379-458F-B020-6BEE4E7F5AC2} => Firefox.exe

Task: {EF6F0BF4-AE1D-492C-A3CA-A1CE9A16F441} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01] (Google Inc.)

Task: {FEC9D603-8B9B-4898-8D64-24616F1EA218} - System32\Tasks\{09C3B5DB-5A04-4C31-A93E-371CB165F3D8} => C:\Program Files (x86)\Autodesk\MDT 2004\acad.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\BearShareNAG.job => C:\Users\390-W7~1\AppData\Local\Temp\BearShare_setup.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\PCConfidential.job => C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe

==================== Loaded Modules (whitelisted) =============

2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-07-18 17:07 - 2010-05-10 11:14 - 00186848 _____ () C:\Windows\SysWOW64\WinService.exe

2013-03-22 08:00 - 2013-03-22 08:00 - 13919224 _____ () C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe

2011-09-25 19:03 - 2014-03-03 15:37 - 01127152 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll

2011-09-19 15:57 - 2011-09-19 15:57 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll

2011-09-19 15:57 - 2011-09-19 15:57 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll

2011-09-19 15:59 - 2011-09-19 15:59 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll

2011-09-19 15:57 - 2011-09-19 15:57 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll

2011-09-19 15:57 - 2011-09-19 15:57 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll

2014-03-20 15:14 - 2014-03-15 00:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:B4AF47A7

AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

MSCONFIG\startupreg: VDownloader => C:\Program Files\VDownloader\VDownloader.exe /silent

MSCONFIG\startupreg: VoipCheap => "C:\Program Files (x86)\VoipCheap.co.uk\VoipCheap\voipcheap.exe" -nosplash -minimized

==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk

Description: McAfee Inc. mfeapfk

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: mfeapfk

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:

==================

Error: (03/20/2014 02:50:29 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"1".

Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (03/20/2014 01:29:36 PM) (Source: Application Error) (User: )

Description: Faulting application name: fs5y5h06.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83

Faulting module name: fs5y5h06.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83

Exception code: 0xc0000005

Fault offset: 0x0008d93e

Faulting process id: 0x27c

Faulting application start time: 0xfs5y5h06.exe0

Faulting application path: fs5y5h06.exe1

Faulting module path: fs5y5h06.exe2

Report Id: fs5y5h06.exe3

Error: (03/20/2014 01:07:28 PM) (Source: Application Error) (User: )

Description: Faulting application name: mbam.exe, version: 1.75.0.1, time stamp: 0x511f8eb2

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe06d7363

Fault offset: 0x0000c41f

Faulting process id: 0xd98

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

Error: (03/19/2014 09:40:38 AM) (Source: Application Error) (User: )

Description: Faulting application name: mbam.exe, version: 1.75.0.1, time stamp: 0x511f8eb2

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe06d7363

Fault offset: 0x0000c41f

Faulting process id: 0x3b4

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

Error: (03/19/2014 09:30:19 AM) (Source: Application Error) (User: )

Description: Faulting application name: mbam.exe, version: 1.75.0.1, time stamp: 0x511f8eb2

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe06d7363

Fault offset: 0x0000c41f

Faulting process id: 0x5e0

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

Error: (03/19/2014 00:38:39 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/19/2014 00:33:46 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"1".

Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2014 05:31:47 PM) (Source: Application Error) (User: )

Description: Faulting application name: mbam.exe, version: 1.75.0.1, time stamp: 0x511f8eb2

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe06d7363

Fault offset: 0x0000c41f

Faulting process id: 0x79c

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

Error: (03/18/2014 04:57:15 PM) (Source: Application Error) (User: )

Description: Faulting application name: mbar.exe, version: 1.7.0.1009, time stamp: 0x52cc996f

Faulting module name: mbar.exe, version: 1.7.0.1009, time stamp: 0x52cc996f

Exception code: 0x40000015

Fault offset: 0x00032d88

Faulting process id: 0x930

Faulting application start time: 0xmbar.exe0

Faulting application path: mbar.exe1

Faulting module path: mbar.exe2

Report Id: mbar.exe3

Error: (03/18/2014 03:27:57 PM) (Source: Application Error) (User: )

Description: Faulting application name: mbam.exe, version: 1.75.0.1, time stamp: 0x511f8eb2

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe06d7363

Fault offset: 0x0000c41f

Faulting process id: 0x4ac

Faulting application start time: 0xmbam.exe0

Faulting application path: mbam.exe1

Faulting module path: mbam.exe2

Report Id: mbam.exe3

System errors:

=============

Error: (03/20/2014 10:04:20 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

SABKUTIL

TfFsMon

TfSysMon

Error: (03/20/2014 10:03:19 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Inc. mfeapfk service failed to start due to the following error:

%%1243

Error: (03/20/2014 08:30:00 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

SABKUTIL

TfFsMon

TfSysMon

Error: (03/20/2014 08:28:39 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Inc. mfeapfk service failed to start due to the following error:

%%1243

Error: (03/19/2014 10:10:27 AM) (Source: Service Control Manager) (User: )

Description: The McAfee Proxy Service service depends the following service: MfeFire. This service might not be installed.

Error: (03/19/2014 09:58:45 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

SABKUTIL

TfFsMon

TfSysMon

Error: (03/19/2014 09:42:06 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

SABKUTIL

TfFsMon

TfSysMon

Error: (03/19/2014 09:33:21 AM) (Source: Service Control Manager) (User: )

Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

Error: (03/19/2014 09:29:00 AM) (Source: Service Control Manager) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068

Error: (03/19/2014 09:29:00 AM) (Source: DCOM) (User: )

Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Microsoft Office Sessions:

=========================

Error: (03/20/2014 02:50:29 PM) (Source: SideBySide)(User: )

Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"C:\Program Files\Autodesk\AutoCAD 2012 - English\FaroImporter.exe

Error: (03/20/2014 01:29:36 PM) (Source: Application Error)(User: )

Description: fs5y5h06.exe2.1.19357.052e7ea83fs5y5h06.exe2.1.19357.052e7ea83c00000050008d93e27c01cf4440169d1203C:\Users\390-w7base\Documents\fs5y5h06.exeC:\Users\390-w7base\Documents\fs5y5h06.exead8933e7-b033-11e3-b741-001aa02e92ba

Error: (03/20/2014 01:07:28 PM) (Source: Application Error)(User: )

Description: mbam.exe1.75.0.1511f8eb2KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41fd9801cf4438f3450760C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\KERNELBASE.dll9625b10d-b030-11e3-b741-001aa02e92ba

Error: (03/19/2014 09:40:38 AM) (Source: Application Error)(User: )

Description: mbam.exe1.75.0.1511f8eb2KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f3b401cf435618432692C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\KERNELBASE.dll87089111-af4a-11e3-bca2-fe07afc3bc87

Error: (03/19/2014 09:30:19 AM) (Source: Application Error)(User: )

Description: mbam.exe1.75.0.1511f8eb2KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f5e001cf4354b48b83a0C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\KERNELBASE.dll15b1ae2e-af49-11e3-bca2-fe07afc3bc87

Error: (03/19/2014 00:38:39 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (03/19/2014 00:33:46 AM) (Source: SideBySide)(User: )

Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"C:\Program Files\Autodesk\AutoCAD 2012 - English\FaroImporter.exe

Error: (03/18/2014 05:31:47 PM) (Source: Application Error)(User: )

Description: mbam.exe1.75.0.1511f8eb2KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f79c01cf42cd2610d87eC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\KERNELBASE.dll2dd119dc-aec3-11e3-b24e-001aa02e92ba

Error: (03/18/2014 04:57:15 PM) (Source: Application Error)(User: )

Description: mbar.exe1.7.0.100952cc996fmbar.exe1.7.0.100952cc996f4000001500032d8893001cf42c68cc0618cC:\Users\390-w7base\Desktop\mbar\mbar.exeC:\Users\390-w7base\Desktop\mbar\mbar.exe5add42cc-aebe-11e3-b24e-001aa02e92ba

Error: (03/18/2014 03:27:57 PM) (Source: Application Error)(User: )

Description: mbam.exe1.75.0.1511f8eb2KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f4ac01cf42bd96df7231C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\KERNELBASE.dlle1a11124-aeb1-11e3-a7e7-001aa02e92ba

CodeIntegrity Errors:

===================================

Date: 2012-03-25 17:30:55.032

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-25 17:30:54.985

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-25 17:30:54.938

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-25 17:30:54.892

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-22 18:16:36.235

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-22 18:16:36.172

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-22 18:16:36.094

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-22 18:16:36.032

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-21 20:39:22.285

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-21 20:39:22.222

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 52%

Total physical RAM: 4029.66 MB

Available physical RAM: 1924.16 MB

Total Pagefile: 8057.5 MB

Available Pagefile: 5487.1 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.73 GB) (Free:22.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 389B458A)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================

fredddy · March 20, 2014

Hi Marius, 3rd Post in two parts. Part 1. Ron

16:13:57.0456 0x0bc4 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

16:14:05.0319 0x0bc4 ============================================================

16:14:05.0319 0x0bc4 Current date / time: 2014/03/18 16:14:05.0319

16:14:05.0319 0x0bc4 SystemInfo:

16:14:05.0319 0x0bc4

16:14:05.0319 0x0bc4 OS Version: 6.1.7601 ServicePack: 1.0

16:14:05.0319 0x0bc4 Product type: Workstation

16:14:05.0319 0x0bc4 ComputerName: 390-W7BASE-PC

16:14:05.0319 0x0bc4 UserName: Ron

16:14:05.0319 0x0bc4 Windows directory: C:\Windows

16:14:05.0319 0x0bc4 System windows directory: C:\Windows

16:14:05.0319 0x0bc4 Running under WOW64

16:14:05.0319 0x0bc4 Processor architecture: Intel x64

16:14:05.0319 0x0bc4 Number of processors: 2

16:14:05.0319 0x0bc4 Page size: 0x1000

16:14:05.0319 0x0bc4 Boot type: Normal boot

16:14:05.0319 0x0bc4 ============================================================

16:14:06.0161 0x0bc4 KLMD registered as C:\Windows\system32\drivers\77642260.sys

16:14:06.0707 0x0bc4 System UUID: {92524994-6214-3195-CAEE-D9226DBC58E7}

16:14:07.0378 0x0bc4 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:14:07.0503 0x0bc4 ============================================================

16:14:07.0503 0x0bc4 \Device\Harddisk0\DR0:

16:14:07.0518 0x0bc4 MBR partitions:

16:14:07.0518 0x0bc4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

16:14:07.0518 0x0bc4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D176000

16:14:07.0518 0x0bc4 ============================================================

16:14:07.0550 0x0bc4 C: <-> \Device\Harddisk0\DR0\Partition2

16:14:07.0550 0x0bc4 ============================================================

16:14:07.0550 0x0bc4 Initialize success

16:14:07.0550 0x0bc4 ============================================================

16:14:09.0172 0x0f20 ============================================================

16:14:09.0172 0x0f20 Scan started

16:14:09.0172 0x0f20 Mode: Manual;

16:14:09.0172 0x0f20 ============================================================

16:14:09.0172 0x0f20 KSN ping started

16:14:12.0011 0x0f20 KSN ping finished: true

16:14:12.0448 0x0f20 ================ Scan system memory ========================

16:14:12.0448 0x0f20 System memory - ok

16:14:12.0448 0x0f20 ================ Scan services =============================

16:14:12.0666 0x0f20 [ 581D88B25C4D4121824FED2CA38E562F, 838FFC4270ED32858A4AC14B389DEA1ECCCAAFC94BEAF683F8976B5F5A91DD15 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

16:14:12.0698 0x0f20 !SASCORE - ok

16:14:12.0932 0x0f20 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

16:14:12.0947 0x0f20 1394ohci - ok

16:14:13.0010 0x0f20 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

16:14:13.0025 0x0f20 ACPI - ok

16:14:13.0072 0x0f20 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

16:14:13.0072 0x0f20 AcpiPmi - ok

16:14:13.0166 0x0f20 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:14:13.0166 0x0f20 AdobeARMservice - ok

16:14:13.0337 0x0f20 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:14:13.0337 0x0f20 AdobeFlashPlayerUpdateSvc - ok

16:14:13.0446 0x0f20 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

16:14:13.0462 0x0f20 adp94xx - ok

16:14:13.0524 0x0f20 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

16:14:13.0524 0x0f20 adpahci - ok

16:14:13.0556 0x0f20 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

16:14:13.0556 0x0f20 adpu320 - ok

16:14:13.0587 0x0f20 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:14:13.0587 0x0f20 AeLookupSvc - ok

16:14:13.0634 0x0f20 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys

16:14:13.0649 0x0f20 AFD - ok

16:14:13.0680 0x0f20 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

16:14:13.0696 0x0f20 agp440 - ok

16:14:13.0712 0x0f20 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

16:14:13.0712 0x0f20 ALG - ok

16:14:13.0727 0x0f20 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

16:14:13.0727 0x0f20 aliide - ok

16:14:13.0790 0x0f20 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

16:14:13.0790 0x0f20 amdide - ok

16:14:13.0821 0x0f20 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

16:14:13.0821 0x0f20 AmdK8 - ok

16:14:13.0836 0x0f20 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

16:14:13.0836 0x0f20 AmdPPM - ok

16:14:13.0899 0x0f20 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

16:14:13.0899 0x0f20 amdsata - ok

16:14:13.0930 0x0f20 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

16:14:13.0930 0x0f20 amdsbs - ok

16:14:13.0946 0x0f20 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

16:14:13.0946 0x0f20 amdxata - ok

16:14:14.0008 0x0f20 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

16:14:14.0008 0x0f20 AppID - ok

16:14:14.0039 0x0f20 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

16:14:14.0039 0x0f20 AppIDSvc - ok

16:14:14.0086 0x0f20 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

16:14:14.0086 0x0f20 Appinfo - ok

16:14:14.0117 0x0f20 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll

16:14:14.0133 0x0f20 AppMgmt - ok

16:14:14.0164 0x0f20 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys

16:14:14.0180 0x0f20 arc - ok

16:14:14.0195 0x0f20 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

16:14:14.0195 0x0f20 arcsas - ok

16:14:14.0336 0x0f20 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

16:14:14.0336 0x0f20 aspnet_state - ok

16:14:14.0367 0x0f20 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:14:14.0367 0x0f20 AsyncMac - ok

16:14:14.0429 0x0f20 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

16:14:14.0429 0x0f20 atapi - ok

16:14:14.0507 0x0f20 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:14:14.0523 0x0f20 AudioEndpointBuilder - ok

16:14:14.0538 0x0f20 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:14:14.0554 0x0f20 AudioSrv - ok

16:14:14.0710 0x0f20 [ 1992C2A1867D95AA3A0802539358D162, 795E62858A103A6213B314832032A0E7B45B62919CA67115549069C8C7D52B3F ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

16:14:14.0710 0x0f20 Autodesk Content Service - ok

16:14:14.0772 0x0f20 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

16:14:14.0772 0x0f20 AxInstSV - ok

16:14:14.0819 0x0f20 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

16:14:14.0835 0x0f20 b06bdrv - ok

16:14:14.0882 0x0f20 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

16:14:14.0882 0x0f20 b57nd60a - ok

16:14:14.0944 0x0f20 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

16:14:14.0944 0x0f20 BDESVC - ok

16:14:14.0960 0x0f20 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

16:14:14.0960 0x0f20 Beep - ok

16:14:15.0038 0x0f20 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

16:14:15.0069 0x0f20 BFE - ok

16:14:15.0147 0x0f20 [ 2126CCA1F93D7BCDF6F37CB8A7BFC004, 6D4BE257BDBF281E15AADF93AE8E3B0B25B993EC59601A24CF04C477E6286412 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

16:14:15.0162 0x0f20 BingDesktopUpdate - ok

16:14:15.0209 0x0f20 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll

16:14:15.0225 0x0f20 BITS - ok

16:14:15.0256 0x0f20 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

16:14:15.0256 0x0f20 blbdrive - ok

16:14:15.0318 0x0f20 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:14:15.0318 0x0f20 bowser - ok

16:14:15.0365 0x0f20 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:14:15.0381 0x0f20 BrFiltLo - ok

16:14:15.0396 0x0f20 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:14:15.0396 0x0f20 BrFiltUp - ok

16:14:15.0443 0x0f20 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

16:14:15.0443 0x0f20 Browser - ok

16:14:15.0474 0x0f20 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

16:14:15.0474 0x0f20 Brserid - ok

16:14:15.0506 0x0f20 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

16:14:15.0506 0x0f20 BrSerWdm - ok

16:14:15.0521 0x0f20 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

16:14:15.0521 0x0f20 BrUsbMdm - ok

16:14:15.0537 0x0f20 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

16:14:15.0537 0x0f20 BrUsbSer - ok

16:14:15.0568 0x0f20 [ FF7C57973EEAD140062238C5A0B7D455, 71055CAA7A7072F88E9218F2DCBD3122FAB3DFEE042F8D4D0D90AAC922C736E2 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys

16:14:15.0568 0x0f20 BTCFilterService - ok

16:14:15.0630 0x0f20 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

16:14:15.0630 0x0f20 BthEnum - ok

16:14:15.0646 0x0f20 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

16:14:15.0646 0x0f20 BTHMODEM - ok

16:14:15.0677 0x0f20 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

16:14:15.0693 0x0f20 BthPan - ok

16:14:15.0740 0x0f20 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

16:14:15.0771 0x0f20 BTHPORT - ok

16:14:15.0802 0x0f20 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

16:14:15.0802 0x0f20 bthserv - ok

16:14:15.0833 0x0f20 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

16:14:15.0833 0x0f20 BTHUSB - ok

16:14:15.0911 0x0f20 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

16:14:15.0942 0x0f20 btwampfl - ok

16:14:15.0989 0x0f20 [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

16:14:15.0989 0x0f20 btwaudio - ok

16:14:16.0020 0x0f20 [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

16:14:16.0020 0x0f20 btwavdt - ok

16:14:16.0176 0x0f20 [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

16:14:16.0192 0x0f20 btwdins - ok

16:14:16.0254 0x0f20 [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

16:14:16.0254 0x0f20 btwl2cap - ok

16:14:16.0317 0x0f20 [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

16:14:16.0317 0x0f20 btwrchid - ok

16:14:16.0348 0x0f20 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:14:16.0348 0x0f20 cdfs - ok

16:14:16.0426 0x0f20 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

16:14:16.0426 0x0f20 cdrom - ok

16:14:16.0473 0x0f20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

16:14:16.0488 0x0f20 CertPropSvc - ok

16:14:16.0520 0x0f20 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

16:14:16.0520 0x0f20 circlass - ok

16:14:16.0551 0x0f20 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

16:14:16.0566 0x0f20 CLFS - ok

16:14:16.0629 0x0f20 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:14:16.0629 0x0f20 clr_optimization_v2.0.50727_32 - ok

16:14:16.0660 0x0f20 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:14:16.0660 0x0f20 clr_optimization_v2.0.50727_64 - ok

16:14:16.0769 0x0f20 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:14:16.0769 0x0f20 clr_optimization_v4.0.30319_32 - ok

16:14:16.0785 0x0f20 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:14:16.0785 0x0f20 clr_optimization_v4.0.30319_64 - ok

16:14:16.0816 0x0f20 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

16:14:16.0816 0x0f20 CmBatt - ok

16:14:16.0832 0x0f20 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

16:14:16.0832 0x0f20 cmdide - ok

16:14:16.0878 0x0f20 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

16:14:16.0894 0x0f20 CNG - ok

16:14:16.0910 0x0f20 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

16:14:16.0910 0x0f20 Compbatt - ok

16:14:16.0972 0x0f20 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

16:14:16.0972 0x0f20 CompositeBus - ok

16:14:16.0988 0x0f20 COMSysApp - ok

16:14:17.0097 0x0f20 [ 17719A7F571D4CD08223F0B30F71B8B8, 1F4D4DB4ABE26E765A33AFB2501AC134D14CADEAA74AE8A0FAE420E4ECF58E0C ] cpuz134 C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys

16:14:17.0097 0x0f20 cpuz134 - ok

16:14:17.0112 0x0f20 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

16:14:17.0128 0x0f20 crcdisk - ok

16:14:17.0206 0x0f20 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

16:14:17.0315 0x0f20 Creative Audio Engine Licensing Service - ok

16:14:17.0378 0x0f20 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:14:17.0393 0x0f20 CryptSvc - ok

16:14:17.0440 0x0f20 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys

16:14:17.0456 0x0f20 CSC - ok

16:14:17.0534 0x0f20 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll

16:14:17.0549 0x0f20 CscService - ok

16:14:17.0612 0x0f20 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS

16:14:17.0612 0x0f20 CT20XUT - ok

16:14:17.0643 0x0f20 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS

16:14:17.0643 0x0f20 CT20XUT.SYS - ok

16:14:17.0690 0x0f20 [ EB3843A91A10150C9E05607CBCB44090, DCFA097E089A3710AD352373C3CC3484F2461D86AB53561618406815928C0227 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys

16:14:17.0705 0x0f20 ctac32k - ok

16:14:17.0752 0x0f20 [ BC06EFB59A2316537765462DFE40F764, EE4D439D659C4D12195202841F5CBD0C4F1529FBCD2DA73BE90D2F24300478C3 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys

16:14:17.0768 0x0f20 ctaud2k - ok

16:14:17.0861 0x0f20 [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

16:14:17.0908 0x0f20 CTAudSvcService - ok

16:14:17.0970 0x0f20 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS

16:14:18.0033 0x0f20 CTEXFIFX - ok

16:14:18.0080 0x0f20 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS

16:14:18.0111 0x0f20 CTEXFIFX.SYS - ok

16:14:18.0158 0x0f20 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS

16:14:18.0158 0x0f20 CTHWIUT - ok

16:14:18.0173 0x0f20 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS

16:14:18.0173 0x0f20 CTHWIUT.SYS - ok

16:14:18.0189 0x0f20 [ EBC9548EF5838CB5AA8F18B3AC28AF12, BD7B6E203D03D44A1A5BCE79A8857B48E46EBF58320D7056AAB2186A88DE7E2D ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys

16:14:18.0189 0x0f20 ctprxy2k - ok

16:14:18.0251 0x0f20 [ 459BEE1682121842285C162E2D98D81A, 6F7A8286B9F5A752487A54F37F5AA21757D0A4BDB7494E319E19C43C2D45A582 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys

16:14:18.0267 0x0f20 ctsfm2k - ok

16:14:18.0329 0x0f20 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll

16:14:18.0329 0x0f20 DcomLaunch - ok

16:14:18.0376 0x0f20 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

16:14:18.0376 0x0f20 defragsvc - ok

16:14:18.0470 0x0f20 [ 74C1305F6F784A725B0A40D693FF4A09, 2ACD94B136C7AE7515A8AC9420819D400F5C1EB38EEC79F9C41E21187195D7DD ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

16:14:18.0501 0x0f20 DeviceMonitorService - ok

16:14:18.0626 0x0f20 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:14:18.0641 0x0f20 DfsC - ok

16:14:18.0719 0x0f20 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

16:14:18.0735 0x0f20 Dhcp - ok

16:14:18.0750 0x0f20 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

16:14:18.0750 0x0f20 discache - ok

16:14:18.0782 0x0f20 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys

16:14:18.0797 0x0f20 Disk - ok

16:14:18.0860 0x0f20 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:14:18.0860 0x0f20 Dnscache - ok

16:14:18.0938 0x0f20 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

16:14:18.0938 0x0f20 dot3svc - ok

16:14:19.0031 0x0f20 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

16:14:19.0031 0x0f20 DPS - ok

16:14:19.0125 0x0f20 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:14:19.0125 0x0f20 drmkaud - ok

16:14:19.0203 0x0f20 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:14:19.0281 0x0f20 DXGKrnl - ok

16:14:19.0312 0x0f20 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

16:14:19.0312 0x0f20 EapHost - ok

16:14:19.0452 0x0f20 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

16:14:19.0562 0x0f20 ebdrv - ok

16:14:19.0608 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe

16:14:19.0608 0x0f20 EFS - ok

16:14:19.0686 0x0f20 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:14:19.0780 0x0f20 ehRecvr - ok

16:14:19.0796 0x0f20 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

16:14:19.0827 0x0f20 ehSched - ok

16:14:19.0889 0x0f20 [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys

16:14:19.0889 0x0f20 ElbyCDIO - ok

16:14:19.0936 0x0f20 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

16:14:19.0998 0x0f20 elxstor - ok

16:14:20.0030 0x0f20 [ C26133B6165928FBD156C6FE570F9ED2, E7DD3A187E493F4BBC604B553578C7BC68F7C9B8FC952BE2FDDB3794E993F43A ] emupia C:\Windows\system32\drivers\emupia2k.sys

16:14:20.0030 0x0f20 emupia - ok

16:14:20.0092 0x0f20 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

16:14:20.0092 0x0f20 ErrDev - ok

16:14:20.0154 0x0f20 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

16:14:20.0154 0x0f20 EventSystem - ok

16:14:20.0232 0x0f20 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

16:14:20.0232 0x0f20 exfat - ok

16:14:20.0264 0x0f20 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:14:20.0264 0x0f20 fastfat - ok

16:14:20.0342 0x0f20 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

16:14:20.0357 0x0f20 Fax - ok

16:14:20.0388 0x0f20 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys

16:14:20.0388 0x0f20 fdc - ok

16:14:20.0404 0x0f20 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

16:14:20.0404 0x0f20 fdPHost - ok

16:14:20.0420 0x0f20 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

16:14:20.0420 0x0f20 FDResPub - ok

16:14:20.0435 0x0f20 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:14:20.0435 0x0f20 FileInfo - ok

16:14:20.0451 0x0f20 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:14:20.0451 0x0f20 Filetrace - ok

16:14:20.0529 0x0f20 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

16:14:20.0576 0x0f20 FLEXnet Licensing Service - ok

16:14:20.0669 0x0f20 [ 5CEE6CD43AE5844C49300EA0B1E557EE, FBDBF3CA4EF632613E6046EEB506C5050454F8857348E28EB43E60C332EE0262 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

16:14:20.0841 0x0f20 FLEXnet Licensing Service 64 - ok

16:14:20.0872 0x0f20 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

16:14:20.0872 0x0f20 flpydisk - ok

16:14:20.0934 0x0f20 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:14:20.0950 0x0f20 FltMgr - ok

16:14:21.0044 0x0f20 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

16:14:21.0059 0x0f20 FontCache - ok

16:14:21.0122 0x0f20 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:14:21.0122 0x0f20 FontCache3.0.0.0 - ok

16:14:21.0153 0x0f20 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

16:14:21.0153 0x0f20 FsDepends - ok

16:14:21.0168 0x0f20 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:14:21.0168 0x0f20 Fs_Rec - ok

16:14:21.0231 0x0f20 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

16:14:21.0231 0x0f20 fvevol - ok

16:14:21.0262 0x0f20 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

16:14:21.0262 0x0f20 gagp30kx - ok

16:14:21.0340 0x0f20 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

16:14:21.0356 0x0f20 gpsvc - ok

16:14:21.0465 0x0f20 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:14:21.0465 0x0f20 gupdate - ok

16:14:21.0496 0x0f20 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:14:21.0496 0x0f20 gupdatem - ok

16:14:21.0558 0x0f20 [ A3F010D5DBFB589A3B3288C05C2EA3F9, 080EA07B0840D6922D37EDBAB61A24AD691B0E97C929FB9FFB929C134C30DFD4 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys

16:14:21.0605 0x0f20 ha20x2k - ok

16:14:21.0636 0x0f20 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

16:14:21.0636 0x0f20 hcw85cir - ok

16:14:21.0683 0x0f20 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

16:14:21.0699 0x0f20 HDAudBus - ok

16:14:21.0699 0x0f20 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

16:14:21.0699 0x0f20 HidBatt - ok

16:14:21.0730 0x0f20 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

16:14:21.0730 0x0f20 HidBth - ok

16:14:21.0746 0x0f20 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

16:14:21.0746 0x0f20 HidIr - ok

16:14:21.0777 0x0f20 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll

16:14:21.0777 0x0f20 hidserv - ok

16:14:21.0824 0x0f20 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys

16:14:21.0824 0x0f20 HidUsb - ok

16:14:21.0870 0x0f20 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

16:14:21.0870 0x0f20 hkmsvc - ok

16:14:21.0917 0x0f20 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

16:14:21.0933 0x0f20 HomeGroupListener - ok

16:14:21.0980 0x0f20 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

16:14:21.0980 0x0f20 HomeGroupProvider - ok

16:14:22.0042 0x0f20 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

16:14:22.0042 0x0f20 HpSAMD - ok

16:14:22.0089 0x0f20 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys

16:14:22.0104 0x0f20 HTCAND64 - ok

16:14:22.0182 0x0f20 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:14:22.0198 0x0f20 HTTP - ok

16:14:22.0245 0x0f20 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

16:14:22.0245 0x0f20 hwpolicy - ok

16:14:22.0307 0x0f20 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

16:14:22.0323 0x0f20 i8042prt - ok

16:14:22.0370 0x0f20 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

16:14:22.0385 0x0f20 iaStorV - ok

16:14:22.0479 0x0f20 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:14:22.0510 0x0f20 idsvc - ok

16:14:22.0541 0x0f20 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

16:14:22.0541 0x0f20 iirsp - ok

16:14:22.0604 0x0f20 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

16:14:22.0635 0x0f20 IKEEXT - ok

16:14:22.0682 0x0f20 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

16:14:22.0682 0x0f20 intelide - ok

16:14:22.0713 0x0f20 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:14:22.0713 0x0f20 intelppm - ok

16:14:22.0728 0x0f20 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:14:22.0728 0x0f20 IPBusEnum - ok

16:14:22.0775 0x0f20 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:14:22.0775 0x0f20 IpFilterDriver - ok

16:14:22.0838 0x0f20 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

16:14:22.0869 0x0f20 iphlpsvc - ok

16:14:22.0900 0x0f20 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

16:14:22.0916 0x0f20 IPMIDRV - ok

16:14:22.0947 0x0f20 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

16:14:22.0947 0x0f20 IPNAT - ok

16:14:22.0978 0x0f20 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:14:22.0978 0x0f20 IRENUM - ok

16:14:22.0994 0x0f20 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

16:14:23.0009 0x0f20 isapnp - ok

16:14:23.0040 0x0f20 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

16:14:23.0056 0x0f20 iScsiPrt - ok

16:14:23.0087 0x0f20 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

16:14:23.0087 0x0f20 kbdclass - ok

16:14:23.0134 0x0f20 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

16:14:23.0134 0x0f20 kbdhid - ok

16:14:23.0150 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe

16:14:23.0165 0x0f20 KeyIso - ok

16:14:23.0212 0x0f20 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:14:23.0212 0x0f20 KSecDD - ok

16:14:23.0274 0x0f20 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

16:14:23.0274 0x0f20 KSecPkg - ok

16:14:23.0321 0x0f20 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:14:23.0321 0x0f20 ksthunk - ok

16:14:23.0352 0x0f20 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

16:14:23.0368 0x0f20 KtmRm - ok

16:14:23.0430 0x0f20 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll

16:14:23.0446 0x0f20 LanmanServer - ok

16:14:23.0493 0x0f20 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:14:23.0493 0x0f20 LanmanWorkstation - ok

16:14:23.0540 0x0f20 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:14:23.0540 0x0f20 lltdio - ok

16:14:23.0571 0x0f20 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:14:23.0586 0x0f20 lltdsvc - ok

16:14:23.0602 0x0f20 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:14:23.0602 0x0f20 lmhosts - ok

16:14:23.0633 0x0f20 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

16:14:23.0633 0x0f20 LSI_FC - ok

16:14:23.0664 0x0f20 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

16:14:23.0680 0x0f20 LSI_SAS - ok

16:14:23.0711 0x0f20 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:14:23.0711 0x0f20 LSI_SAS2 - ok

16:14:23.0727 0x0f20 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:14:23.0742 0x0f20 LSI_SCSI - ok

16:14:23.0758 0x0f20 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

16:14:23.0774 0x0f20 luafv - ok

16:14:23.0883 0x0f20 [ 31C6AFFFAD7C733A65F888929548BC22, 20004EF74A7FE050E0F36F4B10E7561D45E8FCCDB0953363621B3BAB046A69C9 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys

16:14:23.0883 0x0f20 mbamchameleon - ok

16:14:23.0930 0x0f20 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:14:23.0930 0x0f20 Mcx2Svc - ok

16:14:23.0961 0x0f20 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

16:14:23.0961 0x0f20 megasas - ok

16:14:23.0992 0x0f20 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

16:14:24.0008 0x0f20 MegaSR - ok

16:14:24.0070 0x0f20 Microsoft SharePoint Workspace Audit Service - ok

16:14:24.0117 0x0f20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

16:14:24.0117 0x0f20 MMCSS - ok

16:14:24.0132 0x0f20 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

16:14:24.0132 0x0f20 Modem - ok

16:14:24.0164 0x0f20 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:14:24.0164 0x0f20 monitor - ok

16:14:24.0195 0x0f20 [ D69F1E9A944A5F46A494AF901ED41118, 162F7EFA30BF687585A2F4CB612CFAA24F5B7B8BEAF1A9FB9FE3E4988682228D ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys

16:14:24.0195 0x0f20 motandroidusb - ok

16:14:24.0257 0x0f20 [ C94A2EA3FDFA5D650884926B710B7DB1, B52A17CD62E65747E8547F1D73807BBC2FA1CB449F6A787BCDDB5063DE8A6530 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys

16:14:24.0257 0x0f20 motccgp - ok

16:14:24.0273 0x0f20 [ D51E009BAEDA07EBC107D49D224C2414, F8EF80E91D67697337DD82FE0489448D2566C97C6B189BBBB4733B42BF26AB0C ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys

16:14:24.0273 0x0f20 motccgpfl - ok

16:14:24.0320 0x0f20 [ 060F0EF84F430802DF3788F3DCFD009C, 8F251B8A62F7290B81D546898FC1EE370F5BBB62264433C6A5B047E3636C9FEC ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys

16:14:24.0320 0x0f20 motmodem - ok

16:14:24.0335 0x0f20 [ EBD05F60CAFC5BBA2602B8D7101082D3, 9144E1E7C4DD6150C0E97B4C628DE0216ED372062F5F0FB216C81CAF93DBBF07 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

16:14:24.0335 0x0f20 MotoSwitchService - ok

16:14:24.0366 0x0f20 [ 87701078C3F720AC7A028E937994CC49, 8A16F0E91F44DA2679DD54266324618930C081C768E067B28AAEB93EC599C4E0 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys

16:14:24.0366 0x0f20 Motousbnet - ok

16:14:24.0429 0x0f20 [ D075B1D964A314D240F5498773EE89DF, 3EEF4D06556CE9CA4A268F335D87FCA25C078DAE341F4C23B6F56DB9D746FD80 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys

16:14:24.0429 0x0f20 motusbdevice - ok

16:14:24.0476 0x0f20 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys

16:14:24.0476 0x0f20 mouclass - ok

16:14:24.0507 0x0f20 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:14:24.0522 0x0f20 mouhid - ok

16:14:24.0569 0x0f20 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

16:14:24.0569 0x0f20 mountmgr - ok

16:14:24.0678 0x0f20 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

16:14:24.0694 0x0f20 MozillaMaintenance - ok

16:14:24.0772 0x0f20 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

16:14:24.0788 0x0f20 MpFilter - ok

16:14:24.0850 0x0f20 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

16:14:24.0850 0x0f20 mpio - ok

16:14:24.0881 0x0f20 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:14:24.0897 0x0f20 mpsdrv - ok

16:14:24.0975 0x0f20 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

16:14:24.0990 0x0f20 MpsSvc - ok

16:14:25.0037 0x0f20 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:14:25.0037 0x0f20 MRxDAV - ok

16:14:25.0084 0x0f20 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:14:25.0084 0x0f20 mrxsmb - ok

16:14:25.0131 0x0f20 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:14:25.0146 0x0f20 mrxsmb10 - ok

16:14:25.0162 0x0f20 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:14:25.0178 0x0f20 mrxsmb20 - ok

16:14:25.0209 0x0f20 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

16:14:25.0224 0x0f20 msahci - ok

16:14:25.0240 0x0f20 [ DB801A638D011B9633829EB6F663C900,

fredddy · March 20, 2014

Part 2 of 3rd post

16:14:25.0240 0x0f20 msdsm - ok

16:14:25.0271 0x0f20 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

16:14:25.0271 0x0f20 MSDTC - ok

16:14:25.0302 0x0f20 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:14:25.0302 0x0f20 Msfs - ok

16:14:25.0334 0x0f20 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

16:14:25.0334 0x0f20 mshidkmdf - ok

16:14:25.0349 0x0f20 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

16:14:25.0349 0x0f20 msisadrv - ok

16:14:25.0380 0x0f20 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:14:25.0380 0x0f20 MSiSCSI - ok

16:14:25.0380 0x0f20 msiserver - ok

16:14:25.0427 0x0f20 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:14:25.0427 0x0f20 MSKSSRV - ok

16:14:25.0536 0x0f20 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

16:14:25.0536 0x0f20 MsMpSvc - ok

16:14:25.0568 0x0f20 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:14:25.0568 0x0f20 MSPCLOCK - ok

16:14:25.0599 0x0f20 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:14:25.0599 0x0f20 MSPQM - ok

16:14:25.0646 0x0f20 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:14:25.0661 0x0f20 MsRPC - ok

16:14:25.0708 0x0f20 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

16:14:25.0708 0x0f20 mssmbios - ok

16:14:25.0724 0x0f20 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:14:25.0724 0x0f20 MSTEE - ok

16:14:25.0755 0x0f20 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

16:14:25.0755 0x0f20 MTConfig - ok

16:14:25.0770 0x0f20 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

16:14:25.0786 0x0f20 Mup - ok

16:14:25.0833 0x0f20 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

16:14:25.0848 0x0f20 napagent - ok

16:14:25.0895 0x0f20 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:14:25.0911 0x0f20 NativeWifiP - ok

16:14:26.0004 0x0f20 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys

16:14:26.0036 0x0f20 NDIS - ok

16:14:26.0051 0x0f20 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

16:14:26.0051 0x0f20 NdisCap - ok

16:14:26.0082 0x0f20 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:14:26.0082 0x0f20 NdisTapi - ok

16:14:26.0145 0x0f20 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:14:26.0145 0x0f20 Ndisuio - ok

16:14:26.0192 0x0f20 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:14:26.0192 0x0f20 NdisWan - ok

16:14:26.0238 0x0f20 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:14:26.0254 0x0f20 NDProxy - ok

16:14:26.0285 0x0f20 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:14:26.0285 0x0f20 NetBIOS - ok

16:14:26.0332 0x0f20 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

16:14:26.0348 0x0f20 NetBT - ok

16:14:26.0348 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe

16:14:26.0363 0x0f20 Netlogon - ok

16:14:26.0394 0x0f20 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

16:14:26.0394 0x0f20 Netman - ok

16:14:26.0472 0x0f20 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:14:26.0472 0x0f20 NetMsmqActivator - ok

16:14:26.0488 0x0f20 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:14:26.0504 0x0f20 NetPipeActivator - ok

16:14:26.0535 0x0f20 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

16:14:26.0535 0x0f20 netprofm - ok

16:14:26.0644 0x0f20 [ 26672F93749AC9FD28DA1B0F94EFA78D, 4DC4AE5FFC4A126E289D317979E3ED8F7235C4836AF6C161C4068DBC06948CEF ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys

16:14:26.0675 0x0f20 netr28ux - ok

16:14:26.0722 0x0f20 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:14:26.0722 0x0f20 NetTcpActivator - ok

16:14:26.0738 0x0f20 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:14:26.0738 0x0f20 NetTcpPortSharing - ok

16:14:26.0769 0x0f20 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

16:14:26.0784 0x0f20 nfrd960 - ok

16:14:26.0831 0x0f20 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

16:14:26.0831 0x0f20 NisDrv - ok

16:14:26.0894 0x0f20 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

16:14:26.0909 0x0f20 NisSrv - ok

16:14:26.0956 0x0f20 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll

16:14:26.0972 0x0f20 NlaSvc - ok

16:14:26.0987 0x0f20 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:14:26.0987 0x0f20 Npfs - ok

16:14:27.0018 0x0f20 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

16:14:27.0018 0x0f20 nsi - ok

16:14:27.0050 0x0f20 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:14:27.0050 0x0f20 nsiproxy - ok

16:14:27.0159 0x0f20 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:14:27.0237 0x0f20 Ntfs - ok

16:14:27.0252 0x0f20 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

16:14:27.0252 0x0f20 Null - ok

16:14:27.0674 0x0f20 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:14:28.0048 0x0f20 nvlddmkm - ok

16:14:28.0110 0x0f20 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:14:28.0110 0x0f20 nvraid - ok

16:14:28.0157 0x0f20 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:14:28.0157 0x0f20 nvstor - ok

16:14:28.0204 0x0f20 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

16:14:28.0204 0x0f20 nv_agp - ok

16:14:28.0235 0x0f20 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

16:14:28.0251 0x0f20 ohci1394 - ok

16:14:28.0298 0x0f20 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:14:28.0313 0x0f20 ose - ok

16:14:28.0547 0x0f20 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:14:28.0734 0x0f20 osppsvc - ok

16:14:28.0781 0x0f20 [ 0E2DE427EBE106E7E5B52869D5C99F68, D61B1B8847BC561785B64507D1D551B0184B1ACED960AF629F7AF5D6C3A30BB1 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys

16:14:28.0797 0x0f20 ossrv - ok

16:14:28.0844 0x0f20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

16:14:28.0844 0x0f20 p2pimsvc - ok

16:14:28.0875 0x0f20 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

16:14:28.0890 0x0f20 p2psvc - ok

16:14:28.0906 0x0f20 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys

16:14:28.0922 0x0f20 Parport - ok

16:14:28.0953 0x0f20 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:14:28.0953 0x0f20 partmgr - ok

16:14:28.0984 0x0f20 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

16:14:28.0984 0x0f20 PcaSvc - ok

16:14:29.0000 0x0f20 pccsmcfd - ok

16:14:29.0046 0x0f20 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

16:14:29.0062 0x0f20 pci - ok

16:14:29.0093 0x0f20 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

16:14:29.0093 0x0f20 pciide - ok

16:14:29.0140 0x0f20 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

16:14:29.0140 0x0f20 pcmcia - ok

16:14:29.0171 0x0f20 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

16:14:29.0171 0x0f20 pcw - ok

16:14:29.0202 0x0f20 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:14:29.0218 0x0f20 PEAUTH - ok

16:14:29.0280 0x0f20 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

16:14:29.0312 0x0f20 PeerDistSvc - ok

16:14:29.0374 0x0f20 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:14:29.0390 0x0f20 PerfHost - ok

16:14:29.0468 0x0f20 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

16:14:29.0530 0x0f20 pla - ok

16:14:29.0592 0x0f20 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:14:29.0608 0x0f20 PlugPlay - ok

16:14:29.0639 0x0f20 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

16:14:29.0639 0x0f20 PNRPAutoReg - ok

16:14:29.0655 0x0f20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

16:14:29.0670 0x0f20 PNRPsvc - ok

16:14:29.0717 0x0f20 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:14:29.0733 0x0f20 PolicyAgent - ok

16:14:29.0748 0x0f20 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll

16:14:29.0764 0x0f20 Power - ok

16:14:29.0826 0x0f20 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:14:29.0826 0x0f20 PptpMiniport - ok

16:14:29.0842 0x0f20 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys

16:14:29.0842 0x0f20 Processor - ok

16:14:29.0904 0x0f20 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

16:14:29.0904 0x0f20 ProfSvc - ok

16:14:29.0920 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe

16:14:29.0920 0x0f20 ProtectedStorage - ok

16:14:29.0982 0x0f20 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

16:14:29.0998 0x0f20 Psched - ok

16:14:30.0060 0x0f20 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

16:14:30.0138 0x0f20 ql2300 - ok

16:14:30.0170 0x0f20 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

16:14:30.0170 0x0f20 ql40xx - ok

16:14:30.0216 0x0f20 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

16:14:30.0216 0x0f20 QWAVE - ok

16:14:30.0232 0x0f20 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:14:30.0232 0x0f20 QWAVEdrv - ok

16:14:30.0310 0x0f20 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

16:14:30.0310 0x0f20 RapiMgr - ok

16:14:30.0497 0x0f20 [ 000D82CC258E2D341605A6F350C4D1E6, 59EC5BA95D8B9EC739BC7D0BBE0E244CA2AE2DF01A8B65BFF7741DFBE38C2940 ] RapportCerberus_59849 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys

16:14:30.0528 0x0f20 RapportCerberus_59849 - ok

16:14:30.0638 0x0f20 [ 89D5A81F6C20D0DD74F11769DCA858BB, 19D68361D332350D404860514588656D4DCF9A7595EA1731ACDF78244D984FBA ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys

16:14:30.0653 0x0f20 RapportEI64 - ok

16:14:30.0716 0x0f20 [ DD4C7AAAE0DBDE3A0091B2D552F3785E, A149F7A70BCC07DEAA8B77BCAA76C553B3069DC8ED3D059BA46EF6DA5D13ADE0 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys

16:14:30.0731 0x0f20 RapportKE64 - ok

16:14:30.0825 0x0f20 [ D11162F92258E1F09CFB4054941F2E24, B8522D8BCAEFE5CD9BB36BF74AE0B9ADE065D6472AD2CDB001101D211D332367 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

16:14:30.0840 0x0f20 RapportMgmtService - ok

16:14:30.0903 0x0f20 [ 538DF814851E721B24BFF7D50766BF9E, F63267E30F2F1267DC9B43E15F5B8A862856C69432A770ACDC9CB291ED0A8E9D ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys

16:14:30.0918 0x0f20 RapportPG64 - ok

16:14:30.0934 0x0f20 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:14:30.0934 0x0f20 RasAcd - ok

16:14:30.0981 0x0f20 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

16:14:30.0981 0x0f20 RasAgileVpn - ok

16:14:31.0012 0x0f20 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

16:14:31.0012 0x0f20 RasAuto - ok

16:14:31.0059 0x0f20 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:14:31.0059 0x0f20 Rasl2tp - ok

16:14:31.0121 0x0f20 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

16:14:31.0137 0x0f20 RasMan - ok

16:14:31.0152 0x0f20 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:14:31.0168 0x0f20 RasPppoe - ok

16:14:31.0184 0x0f20 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:14:31.0199 0x0f20 RasSstp - ok

16:14:31.0246 0x0f20 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:14:31.0246 0x0f20 rdbss - ok

16:14:31.0277 0x0f20 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

16:14:31.0277 0x0f20 rdpbus - ok

16:14:31.0293 0x0f20 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:14:31.0293 0x0f20 RDPCDD - ok

16:14:31.0355 0x0f20 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

16:14:31.0355 0x0f20 RDPDR - ok

16:14:31.0371 0x0f20 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:14:31.0386 0x0f20 RDPENCDD - ok

16:14:31.0402 0x0f20 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

16:14:31.0402 0x0f20 RDPREFMP - ok

16:14:31.0449 0x0f20 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:14:31.0464 0x0f20 RDPWD - ok

16:14:31.0511 0x0f20 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

16:14:31.0527 0x0f20 rdyboost - ok

16:14:31.0558 0x0f20 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:14:31.0558 0x0f20 RemoteAccess - ok

16:14:31.0589 0x0f20 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:14:31.0589 0x0f20 RemoteRegistry - ok

16:14:31.0652 0x0f20 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

16:14:31.0652 0x0f20 RFCOMM - ok

16:14:31.0683 0x0f20 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

16:14:31.0683 0x0f20 RpcEptMapper - ok

16:14:31.0698 0x0f20 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

16:14:31.0698 0x0f20 RpcLocator - ok

16:14:31.0761 0x0f20 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll

16:14:31.0776 0x0f20 RpcSs - ok

16:14:31.0808 0x0f20 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:14:31.0808 0x0f20 rspndr - ok

16:14:31.0854 0x0f20 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys

16:14:31.0854 0x0f20 s3cap - ok

16:14:31.0901 0x0f20 SABKUTIL - ok

16:14:31.0917 0x0f20 SABProcEnum - ok

16:14:31.0932 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe

16:14:31.0932 0x0f20 SamSs - ok

16:14:31.0995 0x0f20 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

16:14:31.0995 0x0f20 SASDIFSV - ok

16:14:32.0057 0x0f20 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

16:14:32.0057 0x0f20 SASKUTIL - ok

16:14:32.0073 0x0f20 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

16:14:32.0088 0x0f20 sbp2port - ok

16:14:32.0229 0x0f20 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

16:14:32.0260 0x0f20 SBSDWSCService - ok

16:14:32.0291 0x0f20 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:14:32.0291 0x0f20 SCardSvr - ok

16:14:32.0338 0x0f20 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

16:14:32.0338 0x0f20 scfilter - ok

16:14:32.0432 0x0f20 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

16:14:32.0447 0x0f20 Schedule - ok

16:14:32.0510 0x0f20 [ 6011CDF54BB6F4C69F38FACCDAD73D7E, 4EE85F5E87A65E55EFCB5940A09993C54C5528ADA6194F3AED314F1AC2795A73 ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys

16:14:32.0525 0x0f20 SCMNdisP - ok

16:14:32.0572 0x0f20 [ E2858D45D57E13EB142CCA3B83FB39B3, 4077E4DE683B1BEE6EB5E6C137EFAA9EAED9EF3646A5A412F2DCED1DA4CC44C8 ] SCM_Service C:\Windows\SysWOW64\WinService.exe

16:14:32.0681 0x0f20 SCM_Service - ok

16:14:32.0728 0x0f20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

16:14:32.0728 0x0f20 SCPolicySvc - ok

16:14:32.0775 0x0f20 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:14:32.0775 0x0f20 SDRSVC - ok

16:14:32.0806 0x0f20 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:14:32.0822 0x0f20 secdrv - ok

16:14:32.0853 0x0f20 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

16:14:32.0868 0x0f20 seclogon - ok

16:14:32.0884 0x0f20 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll

16:14:32.0900 0x0f20 SENS - ok

16:14:32.0915 0x0f20 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

16:14:32.0915 0x0f20 SensrSvc - ok

16:14:32.0931 0x0f20 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

16:14:32.0931 0x0f20 Serenum - ok

16:14:32.0931 0x0f20 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

16:14:32.0946 0x0f20 Serial - ok

16:14:32.0978 0x0f20 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

16:14:32.0978 0x0f20 sermouse - ok

16:14:33.0024 0x0f20 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

16:14:33.0040 0x0f20 SessionEnv - ok

16:14:33.0071 0x0f20 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

16:14:33.0087 0x0f20 sffdisk - ok

16:14:33.0087 0x0f20 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

16:14:33.0102 0x0f20 sffp_mmc - ok

16:14:33.0102 0x0f20 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

16:14:33.0102 0x0f20 sffp_sd - ok

16:14:33.0134 0x0f20 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

16:14:33.0134 0x0f20 sfloppy - ok

16:14:33.0180 0x0f20 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:14:33.0196 0x0f20 SharedAccess - ok

16:14:33.0243 0x0f20 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:14:33.0258 0x0f20 ShellHWDetection - ok

16:14:33.0290 0x0f20 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:14:33.0290 0x0f20 SiSRaid2 - ok

16:14:33.0305 0x0f20 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

16:14:33.0305 0x0f20 SiSRaid4 - ok

16:14:33.0383 0x0f20 [ 2F5AF9D91D51E832773D4A9EAF65CB33, AE7C75589040F700B5F5E93EACF022057C7D4571B496C86732E629B8AD0BF19D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

16:14:33.0383 0x0f20 SkypeUpdate - ok

16:14:33.0414 0x0f20 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:14:33.0430 0x0f20 Smb - ok

16:14:33.0461 0x0f20 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:14:33.0461 0x0f20 SNMPTRAP - ok

16:14:33.0477 0x0f20 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

16:14:33.0477 0x0f20 spldr - ok

16:14:33.0555 0x0f20 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

16:14:33.0555 0x0f20 Spooler - ok

16:14:33.0742 0x0f20 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

16:14:33.0804 0x0f20 sppsvc - ok

16:14:33.0836 0x0f20 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

16:14:33.0836 0x0f20 sppuinotify - ok

16:14:33.0898 0x0f20 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

16:14:33.0914 0x0f20 srv - ok

16:14:33.0929 0x0f20 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:14:33.0945 0x0f20 srv2 - ok

16:14:33.0960 0x0f20 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:14:33.0960 0x0f20 srvnet - ok

16:14:34.0007 0x0f20 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:14:34.0007 0x0f20 SSDPSRV - ok

16:14:34.0023 0x0f20 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:14:34.0023 0x0f20 SstpSvc - ok

16:14:34.0054 0x0f20 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

16:14:34.0054 0x0f20 stexstor - ok

16:14:34.0132 0x0f20 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

16:14:34.0132 0x0f20 stisvc - ok

16:14:34.0194 0x0f20 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys

16:14:34.0194 0x0f20 storflt - ok

16:14:34.0226 0x0f20 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll

16:14:34.0226 0x0f20 StorSvc - ok

16:14:34.0272 0x0f20 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys

16:14:34.0272 0x0f20 storvsc - ok

16:14:34.0319 0x0f20 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys

16:14:34.0319 0x0f20 swenum - ok

16:14:34.0350 0x0f20 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

16:14:34.0366 0x0f20 swprv - ok

16:14:34.0475 0x0f20 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

16:14:34.0506 0x0f20 SysMain - ok

16:14:34.0553 0x0f20 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:14:34.0569 0x0f20 TabletInputService - ok

16:14:34.0616 0x0f20 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

16:14:34.0616 0x0f20 TapiSrv - ok

16:14:34.0647 0x0f20 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

16:14:34.0647 0x0f20 TBS - ok

16:14:34.0756 0x0f20 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:14:34.0834 0x0f20 Tcpip - ok

16:14:34.0928 0x0f20 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

16:14:34.0974 0x0f20 TCPIP6 - ok

16:14:35.0021 0x0f20 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:14:35.0021 0x0f20 tcpipreg - ok

16:14:35.0052 0x0f20 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:14:35.0052 0x0f20 TDPIPE - ok

16:14:35.0084 0x0f20 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:14:35.0099 0x0f20 TDTCP - ok

16:14:35.0146 0x0f20 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:14:35.0162 0x0f20 tdx - ok

16:14:35.0193 0x0f20 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys

16:14:35.0193 0x0f20 TermDD - ok

16:14:35.0255 0x0f20 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll

16:14:35.0271 0x0f20 TermService - ok

16:14:35.0302 0x0f20 TfFsMon - ok

16:14:35.0302 0x0f20 TfNetMon - ok

16:14:35.0318 0x0f20 TfSysMon - ok

16:14:35.0333 0x0f20 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

16:14:35.0349 0x0f20 Themes - ok

16:14:35.0364 0x0f20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

16:14:35.0364 0x0f20 THREADORDER - ok

16:14:35.0396 0x0f20 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

16:14:35.0396 0x0f20 TrkWks - ok

16:14:35.0474 0x0f20 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:14:35.0489 0x0f20 TrustedInstaller - ok

16:14:35.0552 0x0f20 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:14:35.0552 0x0f20 tssecsrv - ok

16:14:35.0614 0x0f20 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

16:14:35.0614 0x0f20 TsUsbFlt - ok

16:14:35.0676 0x0f20 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:14:35.0692 0x0f20 tunnel - ok

16:14:35.0708 0x0f20 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

16:14:35.0723 0x0f20 uagp35 - ok

16:14:35.0770 0x0f20 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:14:35.0770 0x0f20 udfs - ok

16:14:35.0801 0x0f20 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:14:35.0817 0x0f20 UI0Detect - ok

16:14:35.0848 0x0f20 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

16:14:35.0864 0x0f20 uliagpkx - ok

16:14:35.0879 0x0f20 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys

16:14:35.0879 0x0f20 umbus - ok

16:14:35.0910 0x0f20 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

16:14:35.0910 0x0f20 UmPass - ok

16:14:35.0942 0x0f20 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll

16:14:35.0942 0x0f20 UmRdpService - ok

16:14:35.0973 0x0f20 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

16:14:35.0988 0x0f20 upnphost - ok

16:14:36.0035 0x0f20 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:14:36.0051 0x0f20 usbccgp - ok

16:14:36.0113 0x0f20 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

16:14:36.0113 0x0f20 usbcir - ok

16:14:36.0160 0x0f20 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys

16:14:36.0160 0x0f20 usbehci - ok

16:14:36.0191 0x0f20 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:14:36.0191 0x0f20 usbhub - ok

16:14:36.0238 0x0f20 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:14:36.0238 0x0f20 usbohci - ok

16:14:36.0269 0x0f20 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:14:36.0269 0x0f20 usbprint - ok

16:14:36.0332 0x0f20 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

16:14:36.0332 0x0f20 usbscan - ok

16:14:36.0394 0x0f20 [ 0F0C72A657C622286013788B886968AD, A1492B07BD76E60E5228FBCFB73F96CA5B7AA0E2110EB27C72803A618C88C51E ] usbser C:\Windows\system32\drivers\usbser.sys

16:14:36.0394 0x0f20 usbser - ok

16:14:36.0410 0x0f20 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:14:36.0410 0x0f20 USBSTOR - ok

16:14:36.0472 0x0f20 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

16:14:36.0472 0x0f20 usbuhci - ok

16:14:36.0503 0x0f20 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

16:14:36.0503 0x0f20 UxSms - ok

16:14:36.0519 0x0f20 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe

16:14:36.0519 0x0f20 VaultSvc - ok

16:14:36.0581 0x0f20 [ C6E73E5A476E6B34C02590C16BF10D39, A10D75E84F25E7F2B09E8AA2EA5936348C076C95C04D8DC18C2932BFD7F7244A ] VClone C:\Windows\system32\DRIVERS\VClone.sys

16:14:36.0581 0x0f20 VClone - ok

16:14:36.0597 0x0f20 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

16:14:36.0612 0x0f20 vdrvroot - ok

16:14:36.0675 0x0f20 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

16:14:36.0706 0x0f20 vds - ok

16:14:36.0753 0x0f20 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:14:36.0753 0x0f20 vga - ok

16:14:36.0768 0x0f20 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

16:14:36.0768 0x0f20 VgaSave - ok

16:14:36.0815 0x0f20 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

16:14:36.0831 0x0f20 vhdmp - ok

16:14:36.0878 0x0f20 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

16:14:36.0878 0x0f20 viaide - ok

16:14:36.0909 0x0f20 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys

16:14:36.0909 0x0f20 vmbus - ok

16:14:36.0924 0x0f20 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

16:14:36.0924 0x0f20 VMBusHID - ok

16:14:36.0956 0x0f20 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

16:14:36.0956 0x0f20 volmgr - ok

16:14:37.0018 0x0f20 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:14:37.0034 0x0f20 volmgrx - ok

16:14:37.0049 0x0f20 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

16:14:37.0049 0x0f20 volsnap - ok

16:14:37.0112 0x0f20 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

16:14:37.0112 0x0f20 vsmraid - ok

16:14:37.0221 0x0f20 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

16:14:37.0252 0x0f20 VSS - ok

16:14:37.0268 0x0f20 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

16:14:37.0268 0x0f20 vwifibus - ok

16:14:37.0299 0x0f20 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys

16:14:37.0299 0x0f20 VWiFiFlt - ok

16:14:37.0330 0x0f20 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

16:14:37.0346 0x0f20 W32Time - ok

16:14:37.0377 0x0f20 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

16:14:37.0377 0x0f20 WacomPen - ok

16:14:37.0439 0x0f20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

16:14:37.0455 0x0f20 WANARP - ok

16:14:37.0470 0x0f20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:14:37.0470 0x0f20 Wanarpv6 - ok

16:14:37.0564 0x0f20 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

16:14:37.0642 0x0f20 WatAdminSvc - ok

16:14:37.0767 0x0f20 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

16:14:37.0829 0x0f20 wbengine - ok

16:14:37.0876 0x0f20 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

16:14:37.0892 0x0f20 WbioSrvc - ok

16:14:38.0001 0x0f20 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

16:14:38.0032 0x0f20 WcesComm - ok

16:14:38.0094 0x0f20 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:14:38.0094 0x0f20 wcncsvc - ok

16:14:38.0110 0x0f20 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:14:38.0110 0x0f20 WcsPlugInService - ok

16:14:38.0141 0x0f20 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys

16:14:38.0141 0x0f20 Wd - ok

16:14:38.0204 0x0f20 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:14:38.0235 0x0f20 Wdf01000 - ok

16:14:38.0266 0x0f20 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:14:38.0266 0x0f20 WdiServiceHost - ok

16:14:38.0282 0x0f20 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:14:38.0282 0x0f20 WdiSystemHost - ok

16:14:38.0328 0x0f20 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll

16:14:38.0344 0x0f20 WebClient - ok

16:14:38.0375 0x0f20 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:14:38.0375 0x0f20 Wecsvc - ok

16:14:38.0406 0x0f20 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:14:38.0406 0x0f20 wercplsupport - ok

16:14:38.0422 0x0f20 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

16:14:38.0422 0x0f20 WerSvc - ok

16:14:38.0453 0x0f20 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

16:14:38.0453 0x0f20 WfpLwf - ok

16:14:38.0484 0x0f20 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

16:14:38.0484 0x0f20 WIMMount - ok

16:14:38.0516 0x0f20 WinDefend - ok

16:14:38.0547 0x0f20 WinHttpAutoProxySvc - ok

16:14:38.0594 0x0f20 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:14:38.0625 0x0f20 Winmgmt - ok

16:14:38.0734 0x0f20 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll

16:14:38.0828 0x0f20 WinRM - ok

16:14:38.0890 0x0f20 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys

16:14:38.0890 0x0f20 WINUSB - ok

16:14:38.0952 0x0f20 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

16:14:38.0968 0x0f20 Wlansvc - ok

16:14:39.0015 0x0f20 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

16:14:39.0015 0x0f20 WmiAcpi - ok

16:14:39.0046 0x0f20 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:14:39.0077 0x0f20 wmiApSrv - ok

16:14:39.0108 0x0f20 WMPNetworkSvc - ok

16:14:39.0124 0x0f20 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:14:39.0140 0x0f20 WPCSvc - ok

16:14:39.0202 0x0f20 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:14:39.0202 0x0f20 WPDBusEnum - ok

16:14:39.0249 0x0f20 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:14:39.0249 0x0f20 ws2ifsl - ok

16:14:39.0264 0x0f20 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll

16:14:39.0280 0x0f20 wscsvc - ok

16:14:39.0280 0x0f20 WSearch - ok

16:14:39.0420 0x0f20 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll

16:14:39.0530 0x0f20 wuauserv - ok

16:14:39.0545 0x0f20 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:14:39.0545 0x0f20 WudfPf - ok

16:14:39.0592 0x0f20 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:14:39.0608 0x0f20 WUDFRd - ok

16:14:39.0654 0x0f20 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:14:39.0654 0x0f20 wudfsvc - ok

16:14:39.0686 0x0f20 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll

16:14:39.0686 0x0f20 WwanSvc - ok

16:14:39.0779 0x0f20 ================ Scan global ===============================

16:14:39.0810 0x0f20 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

16:14:39.0857 0x0f20 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

16:14:39.0873 0x0f20 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

16:14:39.0904 0x0f20 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

16:14:39.0935 0x0f20 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

16:14:39.0935 0x0f20 [ Global ] - ok

16:14:39.0935 0x0f20 ================ Scan MBR ==================================

16:14:39.0951 0x0f20 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

16:14:40.0107 0x0f20 \Device\Harddisk0\DR0 - ok

16:14:40.0107 0x0f20 ================ Scan VBR ==================================

16:14:40.0107 0x0f20 [ 250E1386371499DABD0DCD5B041C2B3D ] \Device\Harddisk0\DR0\Partition1

16:14:40.0107 0x0f20 \Device\Harddisk0\DR0\Partition1 - ok

16:14:40.0122 0x0f20 [ F817B012B532B0D0DE7C9501376313A6 ] \Device\Harddisk0\DR0\Partition2

16:14:40.0122 0x0f20 \Device\Harddisk0\DR0\Partition2 - ok

16:14:40.0122 0x0f20 Waiting for KSN requests completion. In queue: 84

16:14:41.0137 0x0f20 Waiting for KSN requests completion. In queue: 84

16:14:42.0151 0x0f20 Waiting for KSN requests completion. In queue: 84

16:14:43.0211 0x0f20 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )

16:14:43.0227 0x0f20 Win FW state via NFP2: enabled

16:14:45.0754 0x0f20 ============================================================

16:14:45.0754 0x0f20 Scan finished

16:14:45.0754 0x0f20 ============================================================

16:14:45.0754 0x0ce0 Detected object count: 0

16:14:45.0754 0x0ce0 Actual detected object count: 0

16:14:52.0681 0x0ee4 Deinitialize success

Psychotic · March 20, 2014

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

1ClickDownloader

Close the window.

Fix with FRST (normal mode)

Open notepad (Start =>All Programs => Accessories => Notepad).
Please copy the entire contents of the code box below.
(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).

Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

URLSearchHook: HKCU - (No Name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No FileURLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No FileURLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No FileURLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No FileURLSearchHook: HKCU - (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No FileSearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678SearchScopes: HKLM-x32 - {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL = http://www.searchqu....systemid=406&q={searchTerms}SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678SearchScopes: HKCU - DefaultScope {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}SearchScopes: HKCU - {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}SearchScopes: HKCU - {8F1DDD6A-C4EC-447B-A7EB-C967AB6BE506} URL = http://www.searchqu....systemid=406&q={searchTerms}BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No FileBHO-x32: No Name - {82B16A3D-F03E-4565-A532-666B219C9A53} - C:\Users\390-w7base\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll No File#Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No FileToolbar: HKCU - No Name - {22E03916-85C5-44B0-8DC9-1830C11238D9} -  No FileFF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\390-w7base\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No FileFF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\FirefoxFF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\FirefoxCHR Extension: (Coolyou) - C:\Users\390-w7base\AppData\Local\Google\Chrome\User Data\Default\Extensions\haohhpneajlabdmpaohibadjmcpihpeh [2013-10-07]CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-17]CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\390-w7base\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-08-26]CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\390-w7base\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito\ext_offermosquito.crx [2012-08-26]CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\390-W7~1\AppData\Local\Temp\crx5BAC.tmp [2012-08-26]CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\390-w7base\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-08-26]CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-26]CHR HKLM-x32\...\Chrome\Extension: [haohhpneajlabdmpaohibadjmcpihpeh] - C:\ProgramData\Coolyou\haohhpneajlabdmpaohibadjmcpihpeh.crx [2012-09-10]CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\390-W7~1\AppData\Local\Temp\crx2FBA.tmp [2012-09-10]CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\390-W7~1\AppData\Local\Temp\tbch.crx [2012-09-10]CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx [2012-09-10]Task: {4304F1E7-E489-4A55-8DE6-A6D45E547139} - System32\Tasks\BearShareNAG => C:\Users\390-W7~1\AppData\Local\Temp\BearShare_setup.exe <==== ATTENTIONTask: {526EAF26-EEB8-430B-90F9-979F15935476} - System32\Tasks\{4DC4B2B6-8C24-4FB2-9251-638773A542FE} => C:\Program Files (x86)\iLivid\ilivid.exeTask: {B5D9CF1F-ABE9-4E72-A11F-B14DF2D0567F} - System32\Tasks\PCConfidential => C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exeTask: {CD3C0FBF-4D64-47EC-AA07-78F0608BE07E} - System32\Tasks\{D493E868-6BBC-4EE3-8014-F34E506FA560} => C:\Program Files (x86)\iLivid\ilivid.exeTask: C:\Windows\Tasks\BearShareNAG.job => C:\Users\390-W7~1\AppData\Local\Temp\BearShare_setup.exeTask: C:\Windows\Tasks\PCConfidential.job => C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exeAlternateDataStreams: C:\ProgramData\TEMP:B4AF47A7AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2U3 awtyyaoc; \??\C:\Users\390-W7~1\AppData\Local\Temp\awtyyaoc.sys [X]C:\Users\390-W7~1\AppData\Local\Temp\awtyyaoc.sysC:\Program Files (x86)\lucky leapC:\Users\390-w7base\AppData\Local\ext_offermosquitoC:\Users\390-w7base\SafariSetup.exeC:\Program Files\Web AssistantC:\Users\390-w7base\AppData\Local\CREC:\Users\390-W7~1\AppData\Local\Temp\crx5BAC.tmpC:\ProgramData\CoolyouC:\Users\390-W7~1\AppData\Local\Temp\crx2FBA.tmpC:\Users\390-W7~1\AppData\Local\Temp\tbch.crxC:\Program Files (x86)\1ClickDownloadC:\Users\390-w7base\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

Full System Scan with Malwarebytes Antimalware

If not existing, please download

Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

Run Malwarebytes Antimalware
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Post that log back here.

fredddy · March 20, 2014

Thanks, will get back tomorrow.

fredddy · March 21, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by Ron at 2014-03-21 10:12:10 Run:1

Running from C:\FRST

Boot Mode: Normal

==============================================

Malaware scan to follow.

Content of fixlist:

*****************

URLSearchHook: HKCU - (No Name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File

URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File

URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File

URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File

URLSearchHook: HKCU - (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File

SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://www.searchqu....systemid=406&q={searchTerms}

SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {8F1DDD6A-C4EC-447B-A7EB-C967AB6BE506} URL = http://www.searchqu....systemid=406&q={searchTerms}

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

Psychotic · March 21, 2014

The log is incomplete, please post up the whole content of fixlog.txt.

fredddy · March 21, 2014

Apologies

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by Ron at 2014-03-21 10:12:10 Run:1

Running from C:\FRST

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

URLSearchHook: HKCU - (No Name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File

URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File

URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File

URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File

URLSearchHook: HKCU - (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File

SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://www.searchqu....systemid=406&q={searchTerms}

SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {23029E16-DCC9-4AB6-B87D-D7838CD183F9} URL = http://uk.search.yah...type=A011GB0&p={SearchTerms}

SearchScopes: HKCU - {8F1DDD6A-C4EC-447B-A7EB-C967AB6BE506} URL = http://www.searchqu....systemid=406&q={searchTerms}

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-x32: No Name - {82B16A3D-F03E-4565-A532-666B219C9A53} - C:\Users\390-w7base\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll No File#