Page 3 of 3 First 123
  1. #41

    Re: Arte,is Trojan

    Followed the link below which has worked inasmuch that I have successfully started windows and I am currently running MalwareBytes.


    https://support.microsoft.com/en-us/kb/927392


    • Ad Bot

      advertising
      Beep.

        
       

  2. #42
    DonnaB's Avatar
    Join Date
    Jun 2012
    Location
    Illiana area, Ill. USA
    Posts
    457
    • specs System Specs
      • Operating System:
        Vista Home Premium / XP Home Edition / XP Pro / Win7 Home Premium 64-bit / VM-W2K SP4 IE6

    Re: Arte,is Trojan

    Amazing news to awaken to! Please post the log once the scan has finished.
    “What we do for ourselves dies with us. What we do for others and the world remains and is immortal.” - Albert Pine

  3. #43
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,716

    Re: Arte,is Trojan

    Son of a gun! Was I right, Donna, or was I right? You are a step ahead of us ot008239! We were prepared to send you in that direction today after seeing if you had more information about the Signatre 07: Corrupt file.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  4. #44
    DonnaB's Avatar
    Join Date
    Jun 2012
    Location
    Illiana area, Ill. USA
    Posts
    457
    • specs System Specs
      • Operating System:
        Vista Home Premium / XP Home Edition / XP Pro / Win7 Home Premium 64-bit / VM-W2K SP4 IE6

    Re: Arte,is Trojan

    You were right, Corrine! The instructions that ot008239 used are much easier to follow than the 3 commands we had discussed. That link is a keeper!!
    “What we do for ourselves dies with us. What we do for others and the world remains and is immortal.” - Albert Pine

  5. #45

    Re: Arte,is Trojan

    Greetings Corrine\DonnaB

    Gosh I thought MBR had hung, it took hours but found and resolved 7 trojans; the attached log refers.

    Running second MBR scan now.

    ETA:- Highlighted text below
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.09.1.1004
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    Account is Administrative
    Internet Explorer version: 11.0.9600.17843
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED
    CPU speed: 3.292000 GHz
    Memory total: 8498319360, free: 6148841472
    Downloaded database version: v2015.07.26.03
    Downloaded database version: v2015.07.22.01
    Downloaded database version: v2015.07.20.01
    Initializing...
    ======================
    ------------ Kernel report ------------
    07/26/2015 11:35:26
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\System32\Drivers\sptd.sys
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\intelide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\mfehidk.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\mfewfpk.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\system32\DRIVERS\mfedisk.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\DRIVERS\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\DRIVERS\HECIx64.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\athrx.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\swenum.sys
    \SystemRoot\system32\DRIVERS\ks.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\IntcDAud.sys
    \SystemRoot\system32\drivers\mfeavfk.sys
    \SystemRoot\system32\drivers\mfefirek.sys
    \SystemRoot\system32\DRIVERS\mfencbdc.sys
    \SystemRoot\system32\drivers\mfeaack.sys
    \SystemRoot\system32\DRIVERS\udfs.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_atapi.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\kbdhid.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\McPvDrv.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\spsys.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\DRIVERS\WUDFRd.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \??\C:\Windows\system32\drivers\mbamchameleon.sys - These don't look right?
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\msctf.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\sechost.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\wininet.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\usp10.dll
    \Windows\System32\shell32.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\ole32.dll
    \Windows\System32\user32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\nsi.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\lpk.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    ----------- End -----------
    Done!
    IRP handler 0 of \Driver\USBSTOR points to an unknown module
    Unhooking enabled.
    Scan started
    Database versions:
    main: v2015.07.26.03
    rootkit: v2015.07.22.01
    <<<1>>>
    Upper Device Name: \Device\Harddisk3\DR3
    Upper Device Object: 0xfffffa800722b060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000007e\
    Lower Device Object: 0xfffffa800721c310
    Lower Device Driver Name: \Driver\USBSTOR\
    Driver name found: USBSTOR
    Initialization returned 0x0
    Load Function returned 0x0
    <<<1>>>
    Upper Device Name: \Device\Harddisk2\DR2
    Upper Device Object: 0xfffffa8009353790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\00000078\
    Lower Device Object: 0xfffffa8008f8cb60
    Lower Device Driver Name: \Driver\USBSTOR\
    Driver name found: USBSTOR
    <<<1>>>
    Upper Device Name: \Device\Harddisk1\DR1
    Upper Device Object: 0xfffffa80091d9790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000006d\
    Lower Device Object: 0xfffffa80083e7b60
    Lower Device Driver Name: \Driver\USBSTOR\
    Driver name found: USBSTOR
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8007ebd060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
    Lower Device Object: 0xfffffa8007ba6060
    Lower Device Driver Name: \Driver\atapi\
    Driver name found: atapi
    Initialization returned 0x0
    Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
    Load Function returned 0x0
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8007ebd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8007ce8df0, DeviceName: Unknown, DriverName: \Driver\mfedisk\
    DevicePointer: 0xfffffa8007ebdb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8007ebd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8007ba1d10, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa8007ba6060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
    ------------ End ----------
    Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
    Upper DeviceData: 0xfffff8a011caa7f0, 0xfffffa8007ebd060, 0xfffffa8007a69790
    Lower DeviceData: 0xfffff8a012735740, 0xfffffa8007ba6060, 0xfffffa8009d799b0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: ACEA298C
    Partition information:
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63 Numsec = 80262
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920 Numsec = 31064064
    Partition file system is NTFS
    Partition is bootable
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 31145984 Numsec = 945618944
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    Disk Size: 500107862016 bytes
    Sector size: 512 bytes
    Done!
    Physical Sector Size: 0
    Drive: 1, DevicePointer: 0xfffffa80091d9790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80083f0940, DeviceName: Unknown, DriverName: \Driver\mfedisk\
    DevicePointer: 0xfffffa80083f0b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa80091d9790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80083e7b60, DeviceName: \Device\0000006d\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Physical Sector Size: 0
    Drive: 2, DevicePointer: 0xfffffa8009353790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8008fb5cf0, DeviceName: Unknown, DriverName: \Driver\mfedisk\
    DevicePointer: 0xfffffa8008fae880, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8009353790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8008f8cb60, DeviceName: \Device\00000078\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Physical Sector Size: 512
    Drive: 3, DevicePointer: 0xfffffa800722b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8006ef3750, DeviceName: Unknown, DriverName: \Driver\mfedisk\
    DevicePointer: 0xfffffa8007798710, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa800722b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa800721c310, DeviceName: \Device\0000007e\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
    Upper DeviceData: 0xfffff8a011aec4e0, 0xfffffa800722b060, 0xfffffa8009e9d090
    Lower DeviceData: 0xfffff8a00323ebd0, 0xfffffa800721c310, 0xfffffa8007f60d40
    Drive 3
    Scanning MBR on drive 3...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 35E8B3A5
    Partition information:
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 976769072
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    Disk Size: 500107862016 bytes
    Sector size: 512 bytes
    Done!
    Infected: c:\Users\Thomas\AppData\Local\Temp\{4F4576E1-B940-4C03-B4E0-20376767A8AA}\tmp8d36.tmp --> [Adware.Glazgold]
    Infected: C:\Users\Thomas\AppData\Local\Temp\{60C61E12-A394-4F30-B0BB-672C72E70D84}\keyiso90.dll --> [Trojan.Kryptik]
    Infected: C:\Users\Thomas\AppData\Local\Temp\{8983DB30-C431-4892-808E-03C3F0AE9B44}\api-ms-win-system-msxml3-l1-1-0.dll --> [Trojan.Kryptik]
    Infected: C:\Users\Thomas\AppData\Local\Temp\{A6499E72-3320-4A5B-89A7-443BC0F88FEC}\api-ms-win-system-amstream-l1-1-0.dll --> [Trojan.Vawtrak]
    Infected: C:\Users\Thomas\AppData\Local\Temp\{A85CAA9F-297D-4F42-9FD4-F93C7F9815E8}\api-ms-win-system-ddraw-l1-1-0.dll --> [Trojan.Kryptik]
    Infected: c:\Users\Thomas\AppData\Local\Temp\{F885F017-2CEA-4926-94F6-0385D70FA1D0}\tmpd827.tmp --> [Trojan.LVBP.ED]
    Infected: C:\Users\Thomas\AppData\Local\Temp\{B499D37F-C373-4E4B-8B4D-73C15DB7411F}\winbio60.dll --> [Trojan.Inject]
    Scan finished
    Creating System Restore point...
    Cleaning up...
    Removal scheduling successful. System shutdown needed.
    =======================================

    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-81920-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
    Removal finished
    Last edited by ot008239; 07-26-2015 at 11:56 AM. Reason: ETA

  6. #46
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,716

    Re: Arte,is Trojan

    Did you run the second scan with Malwarebytes Anti-Rootkit? Which log was it that you posted, mbar-log.txt or system-log.txt?

    Let's see new FRST logs. Since you are back on your desktop, we need FRST there. If you move the previously downloaded copy of FRST64 to your desktop, be sure to check Addition.txt before scanning. To download a fresh copy, see the following:

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • The first time it is run, it will produce two logs in the same directory the tool is run from -- FRST.txt and (Addition.txt.
    • Please copy/paste both logs in your reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  7. #47

    Re: Arte,is Trojan

    Corrine

    Actions taken:

    1. Ran second MBR - Clean result;
    2. Ran frst64 - logs listed below.


    Frst64 - FRST.txt


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
    Ran by Thomas (administrator) on TRUSTNO1 (26-07-2015 18:30:53)
    Running from C:\Users\Thomas\Desktop
    Loaded Profiles: Thomas (Available Profiles: Thomas & Orrin JNR & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe
    (Microsoft Corporation) C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
    () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
    () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.5.450.0\McCSPServiceHost.exe
    (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
    HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [68928 2015-03-09] (Space Sciences Laboratory)
    HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8926016 2015-03-09] (Space Sciences Laboratory)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
    HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [616272 2015-05-13] (McAfee, Inc.)
    HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
    HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
    HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [Amazon Music] => C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [OneDrive] => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-05-16]
    ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-05-16]
    ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-05-09]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK | Hotmail, Outlook, Skype, Bing, Latest News, Photos and Videos
    SearchScopes: HKLM -> DefaultScope {85792A8A-7A83-489E-B721-6BB37F588547} URL = {searchTerms} - Bing
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {85792A8A-7A83-489E-B721-6BB37F588547} URL = {searchTerms} - Bing
    SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> DefaultScope {3E07DD06-74DA-40AE-BDE1-17C0C96D0B5F} URL =
    SearchScopes: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> {85792A8A-7A83-489E-B721-6BB37F588547} URL =
    BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-16] (McAfee)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-16] (McAfee)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26] (Google Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
    Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-16] (McAfee)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-16] (McAfee)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26] (Google Inc.)
    Toolbar: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-04] (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{C26CA279-BBF7-491E-B132-D5F37BECB17B}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{C26CA279-BBF7-491E-B132-D5F37BECB17B}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{F13B5C3E-1806-49BF-B144-72AD2F5D28E0}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{F13B5C3E-1806-49BF-B144-72AD2F5D28E0}: [DhcpNameServer] 192.168.1.254
    FireFox:
    ========
    FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\t4jv6mph.default
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF Keyword.URL: https://uk.search.yahoo.com/search?f...GB0D20150516&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-04] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-05-08] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-17]
    FF Extension: McAfee SafeKey - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\t4jv6mph.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2015-05-16]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-16]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-05-16]
    FF HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-13]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-13]
    CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-01]
    ==================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-03] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
    S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
    R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-05-08] (McAfee, Inc.)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
    R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-03] (Duplex Secure Ltd.)
    ==================== NetSvcs (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2015-07-26 20:03 - 2015-07-26 20:12 - 00024576 _____ C:\BCD_Backup
    2015-07-26 20:03 - 2015-07-26 20:12 - 00021504 ___SH C:\BCD_Backup.LOG
    2015-07-26 18:30 - 2015-07-26 18:32 - 00024599 _____ C:\Users\Thomas\Desktop\FRST.txt
    2015-07-26 18:30 - 2015-07-26 18:30 - 00000000 ____D C:\Users\Thomas\Desktop\FRST-OlderVersion
    2015-07-26 16:03 - 2015-07-26 16:03 - 00000000 ___HD C:\OneDriveTemp
    2015-07-26 16:01 - 2015-07-26 16:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
    2015-07-26 13:55 - 2015-07-26 17:48 - 00201701 _____ C:\Windows\WindowsUpdate.log
    2015-07-26 12:13 - 2015-04-27 08:02 - 00198448 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
    2015-07-26 12:12 - 2015-05-08 01:42 - 00076064 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
    2015-07-26 11:50 - 2015-07-26 11:50 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
    2015-07-26 11:45 - 2015-07-26 11:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-07-26 11:40 - 2015-07-26 12:41 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
    2015-07-26 11:40 - 2015-07-26 11:40 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-26 11:35 - 2015-07-26 18:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-07-26 11:35 - 2015-07-26 16:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-07-26 11:34 - 2015-07-26 18:28 - 00000000 ____D C:\Users\Thomas\Desktop\mbar
    2015-07-26 11:34 - 2015-07-26 16:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-07-26 11:34 - 2015-07-24 22:22 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.09.1.1004.exe
    2015-07-24 20:40 - 2015-07-26 03:54 - 00016828 _____ C:\FRST.txt
    2015-07-24 20:36 - 2015-07-26 18:32 - 00000000 ____D C:\FRST
    2015-07-23 10:37 - 2015-07-26 18:30 - 02146816 _____ (Farbar) C:\Users\Thomas\Desktop\FRST64.exe
    2015-07-21 21:29 - 2015-07-21 21:25 - 00002289 _____ C:\Users\Thomas\Desktop\SFCFix.zip
    2015-07-21 21:24 - 2015-07-21 21:25 - 00002289 _____ C:\Users\Thomas\Downloads\SFCFix.zip
    2015-07-17 23:37 - 2015-07-21 21:51 - 00000000 ____D C:\Users\Thomas\AppData\Local\niemiro
    2015-07-17 14:03 - 2015-07-17 14:03 - 00000387 _____ C:\Users\Thomas\Desktop\copy.txt
    2015-07-17 13:56 - 2015-07-17 13:57 - 00000000 ____D C:\Users\Thomas\copy
    2015-07-17 13:55 - 2015-07-17 13:55 - 00000000 ____D C:\Users\Thomas\Downloads\Copy
    2015-07-17 12:11 - 2015-07-21 21:51 - 00003148 _____ C:\Users\Thomas\Desktop\SFCFix.txt
    2015-07-17 12:11 - 2015-07-21 21:51 - 00000000 ____D C:\SFCFix
    2015-07-17 11:50 - 2015-07-17 11:55 - 00003212 _____ C:\Users\Thomas\sfcdetails.txt
    2015-07-16 08:06 - 2015-07-16 08:06 - 00000000 ____D C:\Quarantine
    2015-07-16 07:56 - 2015-07-17 12:37 - 00000000 ____D C:\Program Files (x86)\stinger
    2015-07-16 07:55 - 2015-07-23 04:41 - 00000000 ____D C:\Users\Thomas\Downloads\stinger32-epo
    2015-07-15 22:35 - 2015-07-15 22:35 - 00000000 ____D C:\Users\Thomas\Desktop\McAfee File Lock
    2015-07-15 21:14 - 2015-07-15 22:18 - 00095802 _____ C:\Users\Thomas\Desktop\sfcdetails.txt
    2015-07-15 20:58 - 2015-07-15 20:58 - 00000000 ____D C:\Users\Thomas\McAfee File Lock
    2015-07-14 12:26 - 2015-07-26 16:00 - 00009018 _____ C:\Windows\PFRO.log
    2015-07-13 21:45 - 2015-07-26 16:01 - 00000224 _____ C:\Windows\setupact.log
    2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 _____ C:\Windows\setuperr.log
    2015-07-13 21:16 - 2015-07-13 21:16 - 00000000 ____D C:\Windows\system32\McAfee File Lock
    2015-07-03 15:35 - 2015-07-12 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-06-28 19:52 - 2015-06-29 10:12 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\vlc
    2015-06-28 19:50 - 2015-06-28 19:50 - 00001032 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2015-06-28 19:50 - 2015-06-28 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-06-28 19:49 - 2015-06-28 19:49 - 28849904 _____ C:\Users\Thomas\Downloads\vlc-2.2.1-win32.exe
    2015-06-28 19:49 - 2015-06-28 19:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
    ==================== One Month Modified files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2015-07-26 18:23 - 2012-05-01 13:08 - 00000000 ____D C:\ProgramData\McAfee
    2015-07-26 18:21 - 2012-09-02 18:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-26 18:17 - 2013-03-28 22:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-07-26 18:08 - 2014-05-14 20:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
    2015-07-26 18:06 - 2012-05-08 18:19 - 00000000 ____D C:\ProgramData\BOINC
    2015-07-26 16:39 - 2012-05-01 12:52 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
    2015-07-26 16:21 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-07-26 16:21 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-07-26 16:14 - 2015-04-04 11:44 - 00004978 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for trustno1-Thomas trustno1
    2015-07-26 16:07 - 2013-10-23 15:27 - 00000000 ____D C:\ProgramData\boost_interprocess
    2015-07-26 16:05 - 2015-05-16 08:52 - 00000000 __RSD C:\Users\Thomas\Documents\McAfee Vaults
    2015-07-26 16:03 - 2012-12-22 12:26 - 00000000 ___RD C:\Users\Thomas\SkyDrive
    2015-07-26 16:03 - 2012-05-01 13:15 - 00000000 ____D C:\ProgramData\Sonic
    2015-07-26 16:02 - 2012-09-02 18:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-26 16:02 - 2012-05-01 13:26 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2015-07-26 16:02 - 2012-05-01 13:26 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2015-07-26 16:01 - 2015-05-16 08:49 - 00000000 ____D C:\Program Files (x86)\McAfee
    2015-07-26 16:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-07-26 16:00 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
    2015-07-26 14:09 - 2012-05-08 18:00 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
    2015-07-26 14:04 - 2012-05-09 14:00 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
    2015-07-26 14:03 - 2012-05-08 18:00 - 00003450 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
    2015-07-26 12:16 - 2012-09-02 18:09 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-26 12:16 - 2012-09-02 18:09 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-26 12:15 - 2012-05-01 13:08 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2015-07-26 11:58 - 2015-04-04 11:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2015-07-26 11:36 - 2015-02-15 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-07-26 11:35 - 2009-07-14 06:13 - 00006506 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-07-24 08:28 - 2014-08-09 14:12 - 00000000 ____D C:\Users\Guest
    2015-07-24 08:28 - 2012-07-15 16:50 - 00000000 ____D C:\Users\Orrin JNR
    2015-07-24 08:28 - 2012-05-08 17:58 - 00000000 ____D C:\Users\Thomas
    2015-07-24 08:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
    2015-07-24 08:27 - 2015-05-16 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-07-24 08:27 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
    2015-07-24 08:27 - 2012-11-29 20:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\uTorrent
    2015-07-24 08:27 - 2012-05-09 21:20 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2015-07-24 08:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
    2015-07-24 08:22 - 2012-05-01 13:08 - 00000000 ____D C:\Program Files\mcafee
    2015-07-16 04:47 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
    2015-07-14 22:17 - 2013-03-28 22:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-07-14 22:17 - 2012-05-01 12:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-07-14 22:17 - 2012-05-01 12:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-14 21:49 - 2012-07-15 21:24 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006Core.job
    2015-07-14 12:26 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-07-13 19:53 - 2014-08-21 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-07-12 18:00 - 2012-05-08 18:00 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2015-07-12 17:47 - 2014-11-12 09:47 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieBrowserModeList
    2015-07-12 17:47 - 2014-04-30 18:30 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieUserList
    2015-07-12 17:47 - 2014-04-30 18:30 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieSiteList
    2015-07-05 04:00 - 2012-05-08 18:00 - 00004268 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
    2015-07-02 21:51 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-07-02 15:33 - 2015-02-17 14:38 - 00412440 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeaack.sys
    2015-07-02 15:33 - 2014-10-01 12:20 - 00077536 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
    2015-07-02 15:33 - 2014-10-01 12:18 - 00344704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
    2015-07-02 15:33 - 2014-10-01 12:16 - 00875928 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
    2015-07-02 15:33 - 2014-10-01 12:15 - 00496888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
    2015-07-02 15:33 - 2014-10-01 12:14 - 00347800 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
    2015-06-29 10:03 - 2015-05-16 08:45 - 00254792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
    2015-06-26 12:30 - 2014-11-09 20:44 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-06-26 12:30 - 2012-05-01 12:54 - 00000000 ____D C:\ProgramData\Skype
    ==================== Files in the root of some directories =======
    2015-05-16 08:57 - 2015-05-16 08:57 - 32371688 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2012-12-03 12:51 - 2012-12-03 20:46 - 0099384 _____ () C:\Users\Thomas\AppData\Roaming\inst.exe
    2012-12-03 12:51 - 2012-12-03 20:46 - 0007859 _____ () C:\Users\Thomas\AppData\Roaming\pcouffin.cat
    2012-12-03 12:51 - 2012-12-03 20:46 - 0001167 _____ () C:\Users\Thomas\AppData\Roaming\pcouffin.inf
    2012-12-03 12:51 - 2012-12-03 20:46 - 0082816 _____ (VSO Software) C:\Users\Thomas\AppData\Roaming\pcouffin.sys
    2013-07-13 13:39 - 2014-12-30 15:40 - 0028672 _____ () C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-03-25 19:12 - 2013-03-25 19:12 - 0000017 _____ () C:\Users\Thomas\AppData\Local\resmon.resmoncfg
    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-07-14 12:56
    ==================== End of log ============================


    Addition.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
    Ran by Thomas at 2015-07-26 18:33:38
    Running from C:\Users\Thomas\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================
    Administrator (S-1-5-21-3274687172-3602840966-2228239552-500 - Administrator - Disabled)
    Guest (S-1-5-21-3274687172-3602840966-2228239552-501 - Limited - Enabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-3274687172-3602840966-2228239552-1002 - Limited - Enabled)
    Orrin JNR (S-1-5-21-3274687172-3602840966-2228239552-1006 - Administrator - Enabled) => C:\Users\Orrin JNR
    Thomas (S-1-5-21-3274687172-3602840966-2228239552-1000 - Administrator - Enabled) => C:\Users\Thomas
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    µTorrent (HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
    Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
    Amazon Kindle (HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Amazon Kindle) (Version: - Amazon)
    Amazon Music (HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    BOINC (HKLM\...\{E06AB9D4-A799-4DFE-A5D7-025A818CA494}) (Version: 7.4.42 - Space Sciences Laboratory, U.C. Berkeley)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4822 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
    Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
    Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
    Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
    Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
    Dell Stage (HKLM-x32\...\{FC45E4D6-FEA5-4091-B172-4351D130C2E1}) (Version: 1.7.209.0 - Fingertapps)
    Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
    Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
    Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
    Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
    Dell VideoStage (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
    Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Escape Whisper Valley (TM) (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
    McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 14.0.1076 - McAfee, Inc.)
    McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.354 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
    Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
    PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
    Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
    Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
    Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    WildTangent Games App (Dell Games) (x32 Version: 4.0.5.37 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
    Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
    Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
    ==================== Custom CLSID (Whitelisted): ==========================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Wldap32.dll No File <==== ATTENTION
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
    ==================== Restore Points =========================
    15-07-2015 00:00:00 Scheduled Checkpoint
    26-07-2015 13:56:57 Windows Update
    26-07-2015 15:51:48 Malwarebytes Anti-Rootkit Restore Point
    ==================== Hosts content: ===============================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
    ==================== Scheduled Tasks (Whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    Task: {038C129A-2C21-4A55-979D-9B1687F68759} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2015-05-06] (McAfee, Inc.)
    Task: {14202F12-FE92-4A79-9A9B-74AA1E6A119F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe
    Task: {19735054-FD27-47C4-AE6B-BD8F22129400} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
    Task: {34866C0D-8A3F-46FE-A5C5-8E723A1ECEAE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-14] (PC-Doctor, Inc.)
    Task: {38E39CDE-C2F6-4A29-820A-5B31D8456A93} - System32\Tasks\{46F9C723-4317-48B8-9DE0-2C56E10F97CB} => Iexplore.exe http://www.skype.com/go/downloading?...astError=12002
    Task: {49D76187-6885-4B26-904B-DC69E1127AFF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
    Task: {5E6C6500-0DFC-4F1D-9FC4-E7ABCC6DC33D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
    Task: {5EC6C777-1AC8-45DE-B050-8EB0238BE12F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
    Task: {5EC765DB-93A9-4201-99FE-659314514AC8} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-14] (PC-Doctor, Inc.)
    Task: {6771A48E-AFC7-4AE9-82B6-B49CDA4C9785} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
    Task: {77CEF0FC-AB58-4B5F-9471-C823FAD4701C} - System32\Tasks\4801 => Wscript.exe C:\Users\Thomas\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
    Task: {781740E8-BB98-4B8D-AA07-5928C4E58E19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
    Task: {8027554B-36A3-46F1-9648-CE519B063188} - System32\Tasks\Microsoft Office 15 Sync Maintenance for trustno1-Thomas trustno1 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
    Task: {9C9A69A8-6CF2-4BBB-AB69-DD3080F7C200} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
    Task: {A4E9922A-11D0-47FC-8C0A-A89355E41B41} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
    Task: {AE31B539-58B1-4BF3-A8EB-392326489A2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
    Task: {B38025F3-B13E-4D68-B49F-B5669A4F4800} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
    Task: {C0FBB03C-1B68-40EB-BF62-0E68876728D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
    Task: {DFB78C56-9495-49D4-9725-1A62EEDDE98F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006Core => C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-15] (Google Inc.)
    Task: {F54A4CBA-212F-40F3-8EF3-98EEAFD24E69} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006UA => C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-15] (Google Inc.)
    Task: {F9CB0D3C-2806-41A2-9453-7B9B16D8CDDF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006Core.job => C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006UA.job => C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
    ==================== Loaded Modules (Whitelisted) ==============
    2013-01-20 14:35 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
    2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-04-04 11:39 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2015-04-04 11:42 - 2015-04-04 11:42 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
    2012-05-01 20:07 - 2011-01-27 16:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2011-06-27 19:26 - 2011-06-27 19:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    2014-12-29 01:36 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe
    2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    2012-02-01 11:50 - 2012-02-01 11:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    2012-05-01 12:52 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    2010-11-17 10:35 - 2010-11-17 10:35 - 01440240 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
    2011-06-29 08:52 - 2011-06-29 08:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
    2013-10-15 14:31 - 2013-10-15 14:31 - 00106496 _____ () C:\Program Files\BOINC\zlib1.dll
    2010-03-16 20:28 - 2010-03-16 20:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
    2010-03-22 15:52 - 2010-03-22 15:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
    2010-03-16 20:28 - 2010-03-16 20:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
    2010-03-16 20:28 - 2010-03-16 20:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
    2011-06-24 23:20 - 2011-06-24 23:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
    2011-06-27 19:25 - 2011-06-27 19:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
    2011-06-24 23:21 - 2011-06-24 23:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
    2010-03-11 19:52 - 2010-03-11 19:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
    2010-03-05 15:07 - 2010-03-05 15:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
    2010-03-05 15:07 - 2010-03-05 15:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
    2010-03-11 19:52 - 2010-03-11 19:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
    2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
    2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
    2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
    2010-11-17 10:35 - 2010-11-17 10:35 - 00657904 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll
    2015-04-04 11:39 - 2015-04-04 11:42 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
    2013-05-30 17:50 - 2013-05-30 21:11 - 01049920 _____ () C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll
    ==================== Alternate Data Streams (Whitelisted) =========
    (If an entry is included in the fixlist, only the ADS will be removed.)

    ==================== Safe Mode (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    ==================== EXE Association (Whitelisted) ===============
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, it will be removed from the registry.)

    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    MpsSvc Firewall Service is not running.
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    (Currently there is no automatic fix for this section.)
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
    MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
    ==================== FirewallRules (Whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    FirewallRules: [{FD00F640-F060-4186-9250-0F2ACBCAD91B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{0E98B5D8-1D3A-4001-8131-394337741F50}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
    FirewallRules: [{23253FC1-5D03-427E-A72C-09A2A9C16E4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{5EA6F428-DFEC-4014-B501-3479327E5D5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{FDD3E34B-DF12-4724-B30D-8FBE393323A0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{3892E290-9852-4029-8BC6-94E10C1FD2B1}] => (Allow) LPort=2869
    FirewallRules: [{B96AABB0-10BD-451F-92AC-ABD42143C80B}] => (Allow) LPort=1900
    FirewallRules: [{305D136B-7DA2-40BF-A230-CF9B347BC874}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{5D50F3F8-68A0-4336-AB2B-C76FE88B14A7}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{20A883F0-7026-42BD-8037-37A1B29D7191}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
    FirewallRules: [{863B8894-66B5-49CB-BA91-812589816A24}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
    FirewallRules: [{67870E8C-C2AE-4F50-A89F-10D676FC71E0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    FirewallRules: [{94D8DCF1-B1BE-44ED-8DA1-B8969E3A6A8E}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
    FirewallRules: [{39903A4C-2439-4D19-928E-9ABC86DB2934}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
    FirewallRules: [{4E5D0496-BCF6-445A-855A-8BF74EB0EF6A}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
    FirewallRules: [{768A91B1-3E0B-4352-B4A0-261A5395E526}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
    FirewallRules: [{CB89AF59-D27E-4856-B0AF-D1B991D848A1}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    FirewallRules: [{E5319128-BA8E-4488-9BE0-B98F6710F70A}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
    FirewallRules: [{F98D7A9F-02D9-4792-8E4C-762BB7D789BF}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
    FirewallRules: [{13058FB8-4C64-49C8-B5E7-7CEB8AE2FF62}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{5A2E6C97-7BAB-4EEC-86FA-FF54B3654114}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [TCP Query User{5E62DE20-6627-46F4-8135-77DB147D3C9B}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [UDP Query User{6266E663-2437-4FFE-B64D-23353FF6FFE3}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [{60512633-0213-4DA6-A919-4B08BE654D3B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{1DF744D9-F856-41BD-93CD-045947C36E1C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{978026D4-9D02-4EEA-942D-1ACF85859CA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C9C50E44-F147-4910-B45B-40106C63D156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C34520D7-0C48-48D5-8473-C5DF0EE1057C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{BAE2E98F-793E-4489-A076-62A6C2A2CEF2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{73A4B487-3D63-4BCE-8FD0-9178C3D40CFB}] => (Allow) C:\Users\Thomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{7A9303B8-6CDA-4A27-8C57-68EA3DE32E87}] => (Allow) %ProgramFiles%\Zune\Zune.exe
    FirewallRules: [{78B77D26-AB8A-4700-B41A-25196E10ED06}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{C719A152-B2D8-47F5-85E0-5CBD7E539942}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{779CD732-433C-426E-87B3-758DDF81B35A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{4306A93F-70C7-46A1-BD65-786922BDC640}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{913A77D4-45EB-4573-A900-A92ADEEAFD76}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{4B4C6639-A903-44F3-BB5C-673DBAB5E5F3}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{98901330-7E2B-4B5A-A71D-B6E29A7625C6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{FADF46FE-112A-46F7-B531-D32E10C3086F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
    FirewallRules: [{A947C3C9-8373-4B5E-8B41-467731EA73EE}] => (Allow) C:\Users\Thomas\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B6DF1F1B-F69A-4D9F-A6EF-9F67F247096C}] => (Allow) C:\Users\Thomas\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{92B9DF3A-D183-418A-897A-118390C80B88}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{3CA04011-454E-4841-8E7E-A06935E1D878}] => (Allow) C:\Users\Thomas\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{7DA2C7AC-C61E-43D5-A970-BF7A115D101D}] => (Allow) C:\Users\Thomas\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EF1AADFA-97F8-41DD-9A02-C2DAF3257A8E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [TCP Query User{D7057987-CDEB-4C45-86DC-7413908713E0}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [UDP Query User{49B7EDA7-34D4-4B06-B81E-C5A9C3A3D26A}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [{1296176C-E22E-4925-AD84-9BB876131BFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    ==================== Faulty Device Manager Devices =============
    Could not list Devices. Check "winmgmt" service or repair WMI.

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (07/26/2015 04:02:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (07/26/2015 02:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.
    Error: (07/26/2015 02:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (07/26/2015 02:21:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.
    Error: (07/26/2015 02:21:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (07/26/2015 02:21:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.
    Error: (07/26/2015 02:21:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (07/26/2015 12:15:18 PM) (Source: AVLogEvent) (EventID: 5003) (User: NT AUTHORITY)
    Description: McShield encountered error while stopping.
    Error Code:a7f40610
    Error: (07/26/2015 12:02:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (07/26/2015 11:57:17 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: trustno1)
    Description: Application or service 'Microsoft Office Document Cache Sync Client Interface' could not be shut down.

    System errors:
    =============
    Error: (07/26/2015 04:13:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.
    Error: (07/26/2015 04:09:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Dell DataSafe Online service hung on starting.
    Error: (07/26/2015 04:09:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
    %%1058
    Error: (07/26/2015 04:06:23 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
    Error: (07/26/2015 04:04:11 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
    Error: (07/26/2015 04:03:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.
    Error: (07/26/2015 04:02:39 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
    Error: (07/26/2015 04:01:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
    %%1058
    Error: (07/26/2015 03:32:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB3035583).
    Error: (07/26/2015 12:19:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
    %%1058

    Microsoft Office:
    =========================
    Error: (07/26/2015 04:02:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (07/26/2015 02:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: ASP.NETASP.NET8F20300004D070000
    Error: (07/26/2015 02:22:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
    Error: (07/26/2015 02:21:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: ASP.NETASP.NET8F20300004D070000
    Error: (07/26/2015 02:21:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
    Error: (07/26/2015 02:21:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: aspnet_stateASP.NET State Service8F20300004D070000
    Error: (07/26/2015 02:21:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
    Error: (07/26/2015 12:15:18 PM) (Source: AVLogEvent) (EventID: 5003) (User: NT AUTHORITY)
    Description: a7f40610
    Error: (07/26/2015 12:02:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (07/26/2015 11:57:17 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: trustno1)
    Description: 1C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exeMicrosoft Office Document Cache Sync Client Interface021175540643003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C00630073006900730079006E00630063006C00690065006E0074002E00650078006500000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C006D0073006F007200650073002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C00630032007200330032002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C006300730069002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C0031003000330033005C006D0073006F0069006E0074006C002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00700072006F006700720061006D00660069006C006500730063006F006D006D006F006E007800380036005C006D006900630072006F0073006F006600740020007300680061007200650064005C006F0066006600690063006500310035005C006D0073006F002E0064006C006C000000

    CodeIntegrity Error:
    ===================================
    Date: 2015-07-14 12:25:22.044
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\324a1e9.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
    Date: 2015-07-14 12:25:21.950
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\324a1e9.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    ==================== Memory info ===========================
    Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    Percentage of memory in use: 31%
    Total physical RAM: 8104.63 MB
    Available physical RAM: 5530.27 MB
    Total Virtual: 16207.46 MB
    Available Virtual: 13640.68 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:143.71 GB) NTFS
    Drive d: (GSP1RMCHPXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ACEA298C)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=14.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450.9 GB) - (Type=07 NTFS)
    ==================== End of log ============================

  8. #48
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,716

    Re: Arte,is Trojan

    Making progress, that is for certain!

    1. My first strong advice to you is to uninstall µTorrent. Necurs downloads other malware and there were multiple trojans on your computer (with another one still there and to be taken care of shortly). In addition to trojans, there was a file identified as a backdoor bot. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with good files. Based on how severely infected this computer was, if you do any banking, bill paying, credit card purchases, etc. on this computer, I suggest you change the passwords to all of those accounts just to be on the safe side.

    2. While you're uninstalling µTorrent, please also uninstall Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) and then update Java to the latest version, Java SE 8u51.

    Notes:
    • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
    • In the Java Control Panel, at minimum, set the security to high.
    • Keep Java disabled until needed. Uncheck the box "Enable Java content in the browser" in the Java Control Panel.


    3. Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Open Notepad (Start =>All Programs => Accessories => Notepad).
    • Copy/Paste the entire contents of the code box below into Notepad.

    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    2013-07-13 13:39 - 2014-12-30 15:40 - 0028672 _____ () C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    CustomCLSID: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Wldap32.dll No File <==== ATTENTION
    C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Wldap32.dll
    Task: {77CEF0FC-AB58-4B5F-9471-C823FAD4701C} - System32\Tasks\4801 => Wscript.exe C:\Users\Thomas\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
    C:\Users\Thomas\AppData\Local\Temp\launchie.vbs //B
    Task: {A4E9922A-11D0-47FC-8C0A-A89355E41B41} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    EmptyTemp:
    end
    • Click Format and ensure Wordwrap is unchecked.
    • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please post the log in your next reply.


    4. Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista - W7 users: Right-click and select "Run As Administrator".
      If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
    • Click the Start Scan button. Do not use the computer during the scan!
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
      • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
      • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
    • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
    • Copy and paste the contents of that file in your next reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  9. #49

    Re: Arte,is Trojan

    I completely accept your advice and guidence, I have removed uTorrent.

    I shall post frst64 log in my next post


    Regards

    OT008239



    11:54:25.0280 0x09e0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
    11:54:28.0930 0x09e0 ============================================================
    11:54:28.0930 0x09e0 Current date / time: 2015/07/27 11:54:28.0930
    11:54:28.0930 0x09e0 SystemInfo:
    11:54:28.0930 0x09e0
    11:54:28.0930 0x09e0 OS Version: 6.1.7601 ServicePack: 1.0
    11:54:28.0930 0x09e0 Product type: Workstation
    11:54:28.0930 0x09e0 ComputerName: TRUSTNO1
    11:54:28.0930 0x09e0 UserName: Thomas
    11:54:28.0930 0x09e0 Windows directory: C:\Windows
    11:54:28.0930 0x09e0 System windows directory: C:\Windows
    11:54:28.0930 0x09e0 Running under WOW64
    11:54:28.0930 0x09e0 Processor architecture: Intel x64
    11:54:28.0930 0x09e0 Number of processors: 4
    11:54:28.0930 0x09e0 Page size: 0x1000
    11:54:28.0930 0x09e0 Boot type: Normal boot
    11:54:28.0930 0x09e0 ============================================================
    11:54:30.0818 0x09e0 KLMD registered as C:\Windows\system32\drivers\53236387.sys
    11:54:34.0780 0x09e0 System UUID: {DC7B2EB1-CD4E-767E-ED88-A599D5D41F76}
    11:54:35.0934 0x09e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    11:54:35.0950 0x09e0 ============================================================
    11:54:35.0950 0x09e0 \Device\Harddisk0\DR0:
    11:54:35.0950 0x09e0 MBR partitions:
    11:54:35.0950 0x09e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1DA0000
    11:54:35.0950 0x09e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DB4000, BlocksNum 0x385D0000
    11:54:35.0950 0x09e0 ============================================================
    11:54:35.0981 0x09e0 C: <-> \Device\Harddisk0\DR0\Partition2
    11:54:35.0981 0x09e0 ============================================================
    11:54:35.0981 0x09e0 Initialize success
    11:54:35.0981 0x09e0 ============================================================
    11:54:41.0036 0x0968 ============================================================
    11:54:41.0036 0x0968 Scan started
    11:54:41.0036 0x0968 Mode: Manual;
    11:54:41.0036 0x0968 ============================================================
    11:54:41.0036 0x0968 KSN ping started
    11:55:06.0464 0x0968 KSN ping finished: true
    11:55:07.0478 0x0968 ================ Scan system memory ========================
    11:55:07.0478 0x0968 System memory - ok
    11:55:07.0478 0x0968 ================ Scan services =============================
    11:55:07.0618 0x0968 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    11:55:07.0618 0x0968 1394ohci - ok
    11:55:07.0665 0x0968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    11:55:07.0665 0x0968 ACPI - ok
    11:55:07.0680 0x0968 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    11:55:07.0680 0x0968 AcpiPmi - ok
    11:55:07.0805 0x0968 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    11:55:07.0805 0x0968 AdobeARMservice - ok
    11:55:07.0899 0x0968 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    11:55:07.0899 0x0968 AdobeFlashPlayerUpdateSvc - ok
    11:55:07.0930 0x0968 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    11:55:07.0946 0x0968 adp94xx - ok
    11:55:07.0977 0x0968 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
    11:55:07.0992 0x0968 adpahci - ok
    11:55:08.0008 0x0968 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    11:55:08.0024 0x0968 adpu320 - ok
    11:55:08.0055 0x0968 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    11:55:08.0055 0x0968 AeLookupSvc - ok
    11:55:08.0117 0x0968 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
    11:55:08.0133 0x0968 AFD - ok
    11:55:08.0148 0x0968 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    11:55:08.0164 0x0968 agp440 - ok
    11:55:08.0180 0x0968 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    11:55:08.0180 0x0968 ALG - ok
    11:55:08.0211 0x0968 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    11:55:08.0211 0x0968 aliide - ok
    11:55:08.0226 0x0968 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    11:55:08.0226 0x0968 amdide - ok
    11:55:08.0258 0x0968 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    11:55:08.0258 0x0968 AmdK8 - ok
    11:55:08.0273 0x0968 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    11:55:08.0273 0x0968 AmdPPM - ok
    11:55:08.0304 0x0968 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    11:55:08.0304 0x0968 amdsata - ok
    11:55:08.0320 0x0968 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    11:55:08.0336 0x0968 amdsbs - ok
    11:55:08.0336 0x0968 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    11:55:08.0336 0x0968 amdxata - ok
    11:55:08.0398 0x0968 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
    11:55:08.0398 0x0968 AppID - ok
    11:55:08.0414 0x0968 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    11:55:08.0414 0x0968 AppIDSvc - ok
    11:55:08.0460 0x0968 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
    11:55:08.0476 0x0968 Appinfo - ok
    11:55:08.0585 0x0968 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    11:55:08.0585 0x0968 Apple Mobile Device Service - ok
    11:55:08.0616 0x0968 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
    11:55:08.0616 0x0968 arc - ok
    11:55:08.0632 0x0968 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
    11:55:08.0648 0x0968 arcsas - ok
    11:55:08.0694 0x0968 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    11:55:08.0710 0x0968 aspnet_state - ok
    11:55:08.0741 0x0968 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    11:55:08.0741 0x0968 AsyncMac - ok
    11:55:08.0772 0x0968 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    11:55:08.0772 0x0968 atapi - ok
    11:55:08.0882 0x0968 [ 80D6820DDB5427363A9D3F2137441C83, FF26B6DABDD3037EAA46BF5231B2A5A6C810E32CA63B1D7F0A573B9F220DF9A5 ] athr C:\Windows\system32\DRIVERS\athrx.sys
    11:55:08.0928 0x0968 athr - ok
    11:55:08.0975 0x0968 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    11:55:08.0991 0x0968 AudioEndpointBuilder - ok
    11:55:09.0006 0x0968 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
    11:55:09.0022 0x0968 AudioSrv - ok
    11:55:09.0053 0x0968 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    11:55:09.0053 0x0968 AxInstSV - ok
    11:55:09.0084 0x0968 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    11:55:09.0100 0x0968 b06bdrv - ok
    11:55:09.0116 0x0968 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    11:55:09.0131 0x0968 b57nd60a - ok
    11:55:09.0162 0x0968 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    11:55:09.0162 0x0968 BDESVC - ok
    11:55:09.0178 0x0968 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    11:55:09.0178 0x0968 Beep - ok
    11:55:09.0240 0x0968 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    11:55:09.0256 0x0968 BFE - ok
    11:55:09.0303 0x0968 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
    11:55:09.0318 0x0968 BITS - ok
    11:55:09.0334 0x0968 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    11:55:09.0334 0x0968 blbdrive - ok
    11:55:09.0381 0x0968 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    11:55:09.0396 0x0968 Bonjour Service - ok
    11:55:09.0428 0x0968 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    11:55:09.0428 0x0968 bowser - ok
    11:55:09.0443 0x0968 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    11:55:09.0443 0x0968 BrFiltLo - ok
    11:55:09.0443 0x0968 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    11:55:09.0443 0x0968 BrFiltUp - ok
    11:55:09.0474 0x0968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    11:55:09.0490 0x0968 Browser - ok
    11:55:09.0506 0x0968 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    11:55:09.0521 0x0968 Brserid - ok
    11:55:09.0521 0x0968 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    11:55:09.0521 0x0968 BrSerWdm - ok
    11:55:09.0521 0x0968 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    11:55:09.0537 0x0968 BrUsbMdm - ok
    11:55:09.0537 0x0968 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    11:55:09.0537 0x0968 BrUsbSer - ok
    11:55:09.0552 0x0968 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    11:55:09.0552 0x0968 BTHMODEM - ok
    11:55:09.0584 0x0968 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    11:55:09.0599 0x0968 bthserv - ok
    11:55:09.0615 0x0968 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    11:55:09.0615 0x0968 cdfs - ok
    11:55:09.0646 0x0968 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    11:55:09.0646 0x0968 cdrom - ok
    11:55:09.0677 0x0968 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    11:55:09.0677 0x0968 CertPropSvc - ok
    11:55:09.0724 0x0968 [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids C:\Windows\system32\drivers\cfwids.sys
    11:55:09.0740 0x0968 cfwids - ok
    11:55:09.0740 0x0968 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
    11:55:09.0755 0x0968 circlass - ok
    11:55:09.0786 0x0968 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
    11:55:09.0802 0x0968 CLFS - ok
    11:55:09.0958 0x0968 [ 85FF7BE64BF886933E4385FC5CA97C99, FFD5CBC07C016CC78342BC4DFBEF9E70285BEADEB0DB70CD92D065A68CB2814F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
    11:55:10.0036 0x0968 ClickToRunSvc - ok
    11:55:10.0098 0x0968 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    11:55:10.0098 0x0968 clr_optimization_v2.0.50727_32 - ok
    11:55:10.0145 0x0968 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    11:55:10.0161 0x0968 clr_optimization_v2.0.50727_64 - ok
    11:55:10.0223 0x0968 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    11:55:10.0223 0x0968 clr_optimization_v4.0.30319_32 - ok
    11:55:10.0270 0x0968 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    11:55:10.0270 0x0968 clr_optimization_v4.0.30319_64 - ok
    11:55:10.0301 0x0968 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
    11:55:10.0301 0x0968 CmBatt - ok
    11:55:10.0332 0x0968 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    11:55:10.0332 0x0968 cmdide - ok
    11:55:10.0395 0x0968 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
    11:55:10.0426 0x0968 CNG - ok
    11:55:10.0442 0x0968 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    11:55:10.0442 0x0968 Compbatt - ok
    11:55:10.0473 0x0968 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    11:55:10.0473 0x0968 CompositeBus - ok
    11:55:10.0473 0x0968 COMSysApp - ok
    11:55:10.0488 0x0968 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    11:55:10.0488 0x0968 crcdisk - ok
    11:55:10.0520 0x0968 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    11:55:10.0535 0x0968 CryptSvc - ok
    11:55:10.0566 0x0968 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    11:55:10.0582 0x0968 DcomLaunch - ok
    11:55:10.0613 0x0968 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    11:55:10.0613 0x0968 defragsvc - ok
    11:55:10.0629 0x0968 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    11:55:10.0629 0x0968 DfsC - ok
    11:55:10.0660 0x0968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    11:55:10.0660 0x0968 Dhcp - ok
    11:55:10.0754 0x0968 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
    11:55:10.0785 0x0968 DiagTrack - ok
    11:55:10.0816 0x0968 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    11:55:10.0816 0x0968 discache - ok
    11:55:10.0832 0x0968 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
    11:55:10.0832 0x0968 Disk - ok
    11:55:10.0863 0x0968 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    11:55:10.0863 0x0968 Dnscache - ok
    11:55:10.0894 0x0968 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    11:55:10.0910 0x0968 dot3svc - ok
    11:55:10.0925 0x0968 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    11:55:10.0925 0x0968 DPS - ok
    11:55:10.0972 0x0968 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    11:55:10.0972 0x0968 drmkaud - ok
    11:55:11.0034 0x0968 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    11:55:11.0112 0x0968 DXGKrnl - ok
    11:55:11.0144 0x0968 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    11:55:11.0159 0x0968 EapHost - ok
    11:55:11.0284 0x0968 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
    11:55:11.0393 0x0968 ebdrv - ok
    11:55:11.0440 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
    11:55:11.0440 0x0968 EFS - ok
    11:55:11.0502 0x0968 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    11:55:11.0534 0x0968 ehRecvr - ok
    11:55:11.0549 0x0968 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    11:55:11.0549 0x0968 ehSched - ok
    11:55:11.0580 0x0968 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    11:55:11.0612 0x0968 elxstor - ok
    11:55:11.0612 0x0968 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    11:55:11.0627 0x0968 ErrDev - ok
    11:55:11.0658 0x0968 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    11:55:11.0658 0x0968 EventSystem - ok
    11:55:11.0690 0x0968 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    11:55:11.0705 0x0968 exfat - ok
    11:55:11.0721 0x0968 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    11:55:11.0721 0x0968 fastfat - ok
    11:55:11.0768 0x0968 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    11:55:11.0799 0x0968 Fax - ok
    11:55:11.0814 0x0968 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
    11:55:11.0814 0x0968 fdc - ok
    11:55:11.0830 0x0968 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    11:55:11.0830 0x0968 fdPHost - ok
    11:55:11.0846 0x0968 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    11:55:11.0846 0x0968 FDResPub - ok
    11:55:11.0861 0x0968 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    11:55:11.0861 0x0968 FileInfo - ok
    11:55:11.0877 0x0968 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    11:55:11.0877 0x0968 Filetrace - ok
    11:55:11.0877 0x0968 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    11:55:11.0877 0x0968 flpydisk - ok
    11:55:11.0908 0x0968 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    11:55:11.0908 0x0968 FltMgr - ok
    11:55:11.0986 0x0968 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
    11:55:12.0017 0x0968 FontCache - ok
    11:55:12.0064 0x0968 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    11:55:12.0064 0x0968 FontCache3.0.0.0 - ok
    11:55:12.0064 0x0968 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    11:55:12.0064 0x0968 FsDepends - ok
    11:55:12.0111 0x0968 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    11:55:12.0111 0x0968 Fs_Rec - ok
    11:55:12.0158 0x0968 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    11:55:12.0158 0x0968 fvevol - ok
    11:55:12.0173 0x0968 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    11:55:12.0189 0x0968 gagp30kx - ok
    11:55:12.0251 0x0968 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    11:55:12.0251 0x0968 GamesAppService - ok
    11:55:12.0298 0x0968 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    11:55:12.0298 0x0968 GEARAspiWDM - ok
    11:55:12.0345 0x0968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    11:55:12.0360 0x0968 gpsvc - ok
    11:55:12.0438 0x0968 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:55:12.0454 0x0968 gupdate - ok
    11:55:12.0470 0x0968 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:55:12.0470 0x0968 gupdatem - ok
    11:55:12.0516 0x0968 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    11:55:12.0516 0x0968 gusvc - ok
    11:55:12.0548 0x0968 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    11:55:12.0548 0x0968 hcw85cir - ok
    11:55:12.0594 0x0968 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    11:55:12.0610 0x0968 HdAudAddService - ok
    11:55:12.0641 0x0968 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    11:55:12.0641 0x0968 HDAudBus - ok
    11:55:12.0657 0x0968 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    11:55:12.0657 0x0968 HidBatt - ok
    11:55:12.0672 0x0968 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    11:55:12.0672 0x0968 HidBth - ok
    11:55:12.0688 0x0968 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
    11:55:12.0688 0x0968 HidIr - ok
    11:55:12.0704 0x0968 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
    11:55:12.0704 0x0968 hidserv - ok
    11:55:12.0750 0x0968 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    11:55:12.0750 0x0968 HidUsb - ok
    11:55:12.0813 0x0968 [ 68EA8A3D98781A13B7D5A67B72787754, DD085A60CE0E5D268065B709B81351AE5C9CC7647275F3DC0135437658E1A3C8 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
    11:55:12.0828 0x0968 HipShieldK - ok
    11:55:12.0875 0x0968 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    11:55:12.0891 0x0968 hkmsvc - ok
    11:55:12.0906 0x0968 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    11:55:12.0906 0x0968 HomeGroupListener - ok
    11:55:12.0953 0x0968 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    11:55:12.0969 0x0968 HomeGroupProvider - ok
    11:55:13.0094 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:55:13.0109 0x0968 HomeNetSvc - ok
    11:55:13.0125 0x0968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    11:55:13.0140 0x0968 HpSAMD - ok
    11:55:13.0172 0x0968 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
    11:55:13.0187 0x0968 HTCAND64 - ok
    11:55:13.0250 0x0968 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    11:55:13.0265 0x0968 HTTP - ok
    11:55:13.0281 0x0968 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    11:55:13.0281 0x0968 hwpolicy - ok
    11:55:13.0296 0x0968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    11:55:13.0312 0x0968 i8042prt - ok
    11:55:13.0343 0x0968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    11:55:13.0359 0x0968 iaStorV - ok
    11:55:13.0437 0x0968 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    11:55:13.0468 0x0968 idsvc - ok
    11:55:13.0484 0x0968 IEEtwCollectorService - ok
    11:55:13.0875 0x0968 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    11:55:14.0155 0x0968 igfx - ok
    11:55:14.0171 0x0968 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    11:55:14.0171 0x0968 iirsp - ok
    11:55:14.0218 0x0968 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    11:55:14.0233 0x0968 IKEEXT - ok
    11:55:14.0265 0x0968 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    11:55:14.0265 0x0968 IntcDAud - ok
    11:55:14.0296 0x0968 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    11:55:14.0296 0x0968 intelide - ok
    11:55:14.0311 0x0968 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    11:55:14.0311 0x0968 intelppm - ok
    11:55:14.0343 0x0968 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    11:55:14.0343 0x0968 IPBusEnum - ok
    11:55:14.0358 0x0968 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    11:55:14.0358 0x0968 IpFilterDriver - ok
    11:55:14.0405 0x0968 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    11:55:14.0421 0x0968 iphlpsvc - ok
    11:55:14.0436 0x0968 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    11:55:14.0436 0x0968 IPMIDRV - ok
    11:55:14.0436 0x0968 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    11:55:14.0452 0x0968 IPNAT - ok
    11:55:14.0530 0x0968 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    11:55:14.0545 0x0968 iPod Service - ok
    11:55:14.0577 0x0968 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    11:55:14.0577 0x0968 IRENUM - ok
    11:55:14.0577 0x0968 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    11:55:14.0577 0x0968 isapnp - ok
    11:55:14.0623 0x0968 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    11:55:14.0623 0x0968 iScsiPrt - ok
    11:55:14.0639 0x0968 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    11:55:14.0639 0x0968 kbdclass - ok
    11:55:14.0670 0x0968 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    11:55:14.0670 0x0968 kbdhid - ok
    11:55:14.0686 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
    11:55:14.0701 0x0968 KeyIso - ok
    11:55:14.0717 0x0968 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    11:55:14.0733 0x0968 KSecDD - ok
    11:55:14.0748 0x0968 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    11:55:14.0748 0x0968 KSecPkg - ok
    11:55:14.0764 0x0968 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    11:55:14.0764 0x0968 ksthunk - ok
    11:55:14.0795 0x0968 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    11:55:14.0811 0x0968 KtmRm - ok
    11:55:14.0842 0x0968 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
    11:55:14.0842 0x0968 LanmanServer - ok
    11:55:14.0889 0x0968 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    11:55:14.0889 0x0968 LanmanWorkstation - ok
    11:55:14.0920 0x0968 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    11:55:14.0920 0x0968 lltdio - ok
    11:55:14.0951 0x0968 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    11:55:14.0967 0x0968 lltdsvc - ok
    11:55:14.0998 0x0968 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    11:55:14.0998 0x0968 lmhosts - ok
    11:55:15.0029 0x0968 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    11:55:15.0045 0x0968 LSI_FC - ok
    11:55:15.0045 0x0968 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    11:55:15.0045 0x0968 LSI_SAS - ok
    11:55:15.0060 0x0968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    11:55:15.0060 0x0968 LSI_SAS2 - ok
    11:55:15.0060 0x0968 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    11:55:15.0060 0x0968 LSI_SCSI - ok
    11:55:15.0091 0x0968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    11:55:15.0107 0x0968 luafv - ok
    11:55:15.0185 0x0968 [ 3AC9839AFCBABD0424F1DB43C1C3A924, F23BF0405A298B090065C08F99114257569921564234F1F10219639346560C69 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    11:55:15.0185 0x0968 McAfee SiteAdvisor Service - ok
    11:55:15.0310 0x0968 [ 278E661D8D5DC7FEF3932DB1698E1BBB, 5D9BC30321E6DC6FADF83E5272316EBEFB99244AB0CAD41F28DA9AAA2E30DA6C ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
    11:55:15.0325 0x0968 McAPExe - ok
    11:55:15.0403 0x0968 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
    11:55:15.0419 0x0968 McComponentHostService - ok
    11:55:15.0528 0x0968 [ 5DDFE5AF5D91A8754530EC0CF2A0125F, F4B8DCD4D2863895509F7E9EFC965CA2A59CEDA1DD50CF8354A8FAF3E245CAB2 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
    11:55:15.0528 0x0968 mccspsvc - ok
    11:55:15.0559 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:55:15.0575 0x0968 McMPFSvc - ok
    11:55:15.0606 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McNaiAnn C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:55:15.0622 0x0968 McNaiAnn - ok
    11:55:15.0700 0x0968 [ 1C5BE4413C35D6B1F61C7EC7A628ECDD, E6BAD7F19D3E76268A09230A123BB47D6C7238B6E007CC45C6BC51BB993E8B46 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
    11:55:15.0715 0x0968 McODS - ok
    11:55:15.0731 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] mcpltsvc C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:55:15.0731 0x0968 mcpltsvc - ok
    11:55:15.0762 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McProxy C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:55:15.0762 0x0968 McProxy - ok
    11:55:15.0793 0x0968 [ 6FA527C55F29302E906DE3E7D0A5FF44, A15CA79B2B3E6E84A1DFECE86276167B869ADD6286BD970B3C97550DD3C214B2 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
    11:55:15.0793 0x0968 McPvDrv - ok
    11:55:15.0825 0x0968 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    11:55:15.0825 0x0968 Mcx2Svc - ok
    11:55:15.0840 0x0968 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
    11:55:15.0856 0x0968 megasas - ok
    11:55:15.0887 0x0968 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    11:55:15.0887 0x0968 MegaSR - ok
    11:55:15.0918 0x0968 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    11:55:15.0934 0x0968 MEIx64 - ok
    11:55:16.0012 0x0968 [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
    11:55:16.0027 0x0968 mfeaack - ok
    11:55:16.0090 0x0968 [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
    11:55:16.0105 0x0968 mfeavfk - ok
    11:55:16.0152 0x0968 [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk C:\Windows\system32\DRIVERS\mfedisk.sys
    11:55:16.0152 0x0968 mfedisk - ok
    11:55:16.0199 0x0968 [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    11:55:16.0199 0x0968 mfefire - ok
    11:55:16.0215 0x0968 [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
    11:55:16.0230 0x0968 mfefirek - ok
    11:55:16.0308 0x0968 [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
    11:55:16.0339 0x0968 mfehidk - ok
    11:55:16.0371 0x0968 [ 172F71DAFD8D139CB12D20A2A9986676, 9B2CBCE81C7EE0A150CDC4F68370D0B75E9AE57BDB82A4D1B74F4F9F09329240 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    11:55:16.0371 0x0968 mfemms - ok
    11:55:16.0433 0x0968 [ 6DCA16733237F51775CA1DA28F8B20C2, 1F0CE7521C499E86C570F528206C1D4A73A4238F953A295170391F4469D4EA59 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
    11:55:16.0464 0x0968 mfencbdc - ok
    11:55:16.0495 0x0968 [ 49C3EEAAADE470DB5CEF659D1A60D443, EA7563E4D3B8304EB8BCCF468CBD09ED9B38B1754A6A061640722306E81E6316 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
    11:55:16.0495 0x0968 mfencrk - ok
    11:55:16.0542 0x0968 [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp C:\Windows\system32\mfevtps.exe
    11:55:16.0558 0x0968 mfevtp - ok
    11:55:16.0620 0x0968 [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
    11:55:16.0636 0x0968 mfewfpk - ok
    11:55:16.0651 0x0968 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    11:55:16.0651 0x0968 MMCSS - ok
    11:55:16.0683 0x0968 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    11:55:16.0683 0x0968 Modem - ok
    11:55:16.0698 0x0968 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    11:55:16.0698 0x0968 monitor - ok
    11:55:16.0729 0x0968 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    11:55:16.0729 0x0968 mouclass - ok
    11:55:16.0745 0x0968 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    11:55:16.0745 0x0968 mouhid - ok
    11:55:16.0792 0x0968 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    11:55:16.0807 0x0968 mountmgr - ok
    11:55:16.0870 0x0968 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    11:55:16.0870 0x0968 MozillaMaintenance - ok
    11:55:16.0885 0x0968 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    11:55:16.0901 0x0968 mpio - ok
    11:55:16.0917 0x0968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    11:55:16.0917 0x0968 mpsdrv - ok
    11:55:16.0948 0x0968 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    11:55:16.0963 0x0968 MpsSvc - ok
    11:55:17.0010 0x0968 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    11:55:17.0010 0x0968 MRxDAV - ok
    11:55:17.0041 0x0968 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    11:55:17.0057 0x0968 mrxsmb - ok
    11:55:17.0073 0x0968 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    11:55:17.0088 0x0968 mrxsmb10 - ok
    11:55:17.0135 0x0968 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    11:55:17.0135 0x0968 mrxsmb20 - ok
    11:55:17.0166 0x0968 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    11:55:17.0166 0x0968 msahci - ok
    11:55:17.0182 0x0968 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    11:55:17.0197 0x0968 msdsm - ok
    11:55:17.0213 0x0968 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    11:55:17.0213 0x0968 MSDTC - ok
    11:55:17.0229 0x0968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    11:55:17.0229 0x0968 Msfs - ok
    11:55:17.0229 0x0968 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    11:55:17.0244 0x0968 mshidkmdf - ok
    11:55:17.0260 0x0968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    11:55:17.0260 0x0968 msisadrv - ok
    11:55:17.0291 0x0968 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    11:55:17.0307 0x0968 MSiSCSI - ok
    11:55:17.0307 0x0968 msiserver - ok
    11:55:17.0338 0x0968 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:55:17.0353 0x0968 MSK80Service - ok
    11:55:17.0369 0x0968 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    11:55:17.0369 0x0968 MSKSSRV - ok
    11:55:17.0385 0x0968 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    11:55:17.0385 0x0968 MSPCLOCK - ok
    11:55:17.0400 0x0968 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    11:55:17.0416 0x0968 MSPQM - ok
    11:55:17.0431 0x0968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    11:55:17.0447 0x0968 MsRPC - ok
    11:55:17.0447 0x0968 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    11:55:17.0447 0x0968 mssmbios - ok
    11:55:17.0478 0x0968 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    11:55:17.0478 0x0968 MSTEE - ok
    11:55:17.0478 0x0968 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    11:55:17.0478 0x0968 MTConfig - ok
    11:55:17.0494 0x0968 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    11:55:17.0494 0x0968 Mup - ok
    11:55:17.0525 0x0968 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    11:55:17.0541 0x0968 napagent - ok
    11:55:17.0572 0x0968 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    11:55:17.0587 0x0968 NativeWifiP - ok
    11:55:17.0650 0x0968 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    11:55:17.0697 0x0968 NDIS - ok
    11:55:17.0712 0x0968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    11:55:17.0712 0x0968 NdisCap - ok
    11:55:17.0728 0x0968 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    11:55:17.0728 0x0968 NdisTapi - ok
    11:55:17.0743 0x0968 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    11:55:17.0759 0x0968 Ndisuio - ok
    11:55:17.0759 0x0968 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    11:55:17.0759 0x0968 NdisWan - ok
    11:55:17.0775 0x0968 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    11:55:17.0775 0x0968 NDProxy - ok
    11:55:17.0790 0x0968 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    11:55:17.0790 0x0968 NetBIOS - ok
    11:55:17.0806 0x0968 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    11:55:17.0806 0x0968 NetBT - ok
    11:55:17.0837 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
    11:55:17.0837 0x0968 Netlogon - ok
    11:55:17.0884 0x0968 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    11:55:17.0884 0x0968 Netman - ok
    11:55:17.0915 0x0968 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:55:17.0915 0x0968 NetMsmqActivator - ok
    11:55:17.0931 0x0968 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:55:17.0931 0x0968 NetPipeActivator - ok
    11:55:17.0962 0x0968 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    11:55:17.0977 0x0968 netprofm - ok
    11:55:17.0993 0x0968 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:55:18.0009 0x0968 NetTcpActivator - ok
    11:55:18.0009 0x0968 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:55:18.0009 0x0968 NetTcpPortSharing - ok
    11:55:18.0040 0x0968 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    11:55:18.0040 0x0968 nfrd960 - ok
    11:55:18.0071 0x0968 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
    11:55:18.0087 0x0968 NlaSvc - ok
    11:55:18.0305 0x0968 [ F389A22EE9077C8B6F27E01D8B5CDA1B, 9955234219AB8DEE536A06C058E67CEC45607551E8D8EE95B57FB5761457B595 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    11:55:18.0399 0x0968 NOBU - ok
    11:55:18.0430 0x0968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    11:55:18.0430 0x0968 Npfs - ok
    11:55:18.0430 0x0968 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    11:55:18.0430 0x0968 nsi - ok
    11:55:18.0445 0x0968 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    11:55:18.0445 0x0968 nsiproxy - ok
    11:55:18.0523 0x0968 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    11:55:18.0586 0x0968 Ntfs - ok
    11:55:18.0601 0x0968 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    11:55:18.0601 0x0968 Null - ok
    11:55:18.0617 0x0968 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    11:55:18.0617 0x0968 nvraid - ok
    11:55:18.0633 0x0968 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    11:55:18.0648 0x0968 nvstor - ok
    11:55:18.0664 0x0968 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    11:55:18.0664 0x0968 nv_agp - ok
    11:55:18.0679 0x0968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    11:55:18.0679 0x0968 ohci1394 - ok
    11:55:18.0742 0x0968 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    11:55:18.0757 0x0968 ose - ok
    11:55:18.0945 0x0968 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    11:55:19.0054 0x0968 osppsvc - ok
    11:55:19.0101 0x0968 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    11:55:19.0116 0x0968 p2pimsvc - ok
    11:55:19.0132 0x0968 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    11:55:19.0147 0x0968 p2psvc - ok
    11:55:19.0179 0x0968 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
    11:55:19.0179 0x0968 Parport - ok
    11:55:19.0210 0x0968 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    11:55:19.0210 0x0968 partmgr - ok
    11:55:19.0257 0x0968 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
    11:55:19.0257 0x0968 PcaSvc - ok
    11:55:19.0288 0x0968 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    11:55:19.0288 0x0968 pci - ok
    11:55:19.0319 0x0968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    11:55:19.0319 0x0968 pciide - ok
    11:55:19.0335 0x0968 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    11:55:19.0350 0x0968 pcmcia - ok
    11:55:19.0366 0x0968 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    11:55:19.0366 0x0968 pcw - ok
    11:55:19.0413 0x0968 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    11:55:19.0428 0x0968 PEAUTH - ok
    11:55:19.0475 0x0968 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    11:55:19.0491 0x0968 PerfHost - ok
    11:55:19.0553 0x0968 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    11:55:19.0600 0x0968 pla - ok
    11:55:19.0647 0x0968 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    11:55:19.0647 0x0968 PlugPlay - ok
    11:55:19.0662 0x0968 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    11:55:19.0662 0x0968 PNRPAutoReg - ok
    11:55:19.0678 0x0968 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    11:55:19.0693 0x0968 PNRPsvc - ok
    11:55:19.0725 0x0968 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    11:55:19.0740 0x0968 PolicyAgent - ok
    11:55:19.0771 0x0968 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
    11:55:19.0771 0x0968 Power - ok
    11:55:19.0803 0x0968 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    11:55:19.0803 0x0968 PptpMiniport - ok
    11:55:19.0818 0x0968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
    11:55:19.0818 0x0968 Processor - ok
    11:55:19.0849 0x0968 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
    11:55:19.0865 0x0968 ProfSvc - ok
    11:55:19.0865 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
    11:55:19.0865 0x0968 ProtectedStorage - ok
    11:55:19.0896 0x0968 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    11:55:19.0896 0x0968 Psched - ok
    11:55:19.0943 0x0968 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    11:55:19.0943 0x0968 PxHlpa64 - ok
    11:55:20.0005 0x0968 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    11:55:20.0052 0x0968 ql2300 - ok
    11:55:20.0068 0x0968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    11:55:20.0083 0x0968 ql40xx - ok
    11:55:20.0099 0x0968 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    11:55:20.0099 0x0968 QWAVE - ok
    11:55:20.0115 0x0968 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    11:55:20.0115 0x0968 QWAVEdrv - ok
    11:55:20.0130 0x0968 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    11:55:20.0130 0x0968 RasAcd - ok
    11:55:20.0161 0x0968 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    11:55:20.0161 0x0968 RasAgileVpn - ok
    11:55:20.0177 0x0968 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    11:55:20.0177 0x0968 RasAuto - ok
    11:55:20.0193 0x0968 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    11:55:20.0193 0x0968 Rasl2tp - ok
    11:55:20.0208 0x0968 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    11:55:20.0208 0x0968 RasMan - ok
    11:55:20.0224 0x0968 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    11:55:20.0224 0x0968 RasPppoe - ok
    11:55:20.0239 0x0968 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    11:55:20.0239 0x0968 RasSstp - ok
    11:55:20.0255 0x0968 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    11:55:20.0271 0x0968 rdbss - ok
    11:55:20.0286 0x0968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    11:55:20.0286 0x0968 rdpbus - ok
    11:55:20.0317 0x0968 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    11:55:20.0317 0x0968 RDPCDD - ok
    11:55:20.0317 0x0968 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    11:55:20.0317 0x0968 RDPENCDD - ok
    11:55:20.0333 0x0968 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    11:55:20.0333 0x0968 RDPREFMP - ok
    11:55:20.0364 0x0968 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    11:55:20.0380 0x0968 RDPWD - ok
    11:55:20.0411 0x0968 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    11:55:20.0427 0x0968 rdyboost - ok
    11:55:20.0442 0x0968 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    11:55:20.0458 0x0968 RemoteAccess - ok
    11:55:20.0458 0x0968 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    11:55:20.0458 0x0968 RemoteRegistry - ok
    11:55:20.0505 0x0968 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
    11:55:20.0505 0x0968 RimUsb - ok
    11:55:20.0598 0x0968 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    11:55:20.0629 0x0968 RoxMediaDB12OEM - ok
    11:55:20.0676 0x0968 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    11:55:20.0692 0x0968 RoxWatch12 - ok
    11:55:20.0707 0x0968 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    11:55:20.0707 0x0968 RpcEptMapper - ok
    11:55:20.0723 0x0968 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    11:55:20.0723 0x0968 RpcLocator - ok
    11:55:20.0739 0x0968 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    11:55:20.0754 0x0968 RpcSs - ok
    11:55:20.0785 0x0968 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    11:55:20.0785 0x0968 rspndr - ok
    11:55:20.0863 0x0968 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    11:55:20.0895 0x0968 RTL8167 - ok
    11:55:20.0910 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
    11:55:20.0910 0x0968 SamSs - ok
    11:55:20.0926 0x0968 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    11:55:20.0926 0x0968 sbp2port - ok
    11:55:20.0957 0x0968 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    11:55:20.0957 0x0968 SCardSvr - ok
    11:55:20.0973 0x0968 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    11:55:20.0973 0x0968 scfilter - ok
    11:55:21.0004 0x0968 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    11:55:21.0019 0x0968 Schedule - ok
    11:55:21.0066 0x0968 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    11:55:21.0066 0x0968 SCPolicySvc - ok
    11:55:21.0066 0x0968 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    11:55:21.0082 0x0968 SDRSVC - ok
    11:55:21.0097 0x0968 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    11:55:21.0113 0x0968 secdrv - ok
    11:55:21.0113 0x0968 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    11:55:21.0113 0x0968 seclogon - ok
    11:55:21.0129 0x0968 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
    11:55:21.0144 0x0968 SENS - ok
    11:55:21.0160 0x0968 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    11:55:21.0160 0x0968 SensrSvc - ok
    11:55:21.0175 0x0968 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
    11:55:21.0191 0x0968 Serenum - ok
    11:55:21.0207 0x0968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
    11:55:21.0207 0x0968 Serial - ok
    11:55:21.0222 0x0968 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
    11:55:21.0222 0x0968 sermouse - ok
    11:55:21.0238 0x0968 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    11:55:21.0253 0x0968 SessionEnv - ok
    11:55:21.0253 0x0968 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    11:55:21.0253 0x0968 sffdisk - ok
    11:55:21.0253 0x0968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    11:55:21.0253 0x0968 sffp_mmc - ok
    11:55:21.0269 0x0968 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    11:55:21.0269 0x0968 sffp_sd - ok
    11:55:21.0269 0x0968 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    11:55:21.0269 0x0968 sfloppy - ok
    11:55:21.0378 0x0968 [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    11:55:21.0409 0x0968 SftService - ok
    11:55:21.0441 0x0968 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    11:55:21.0456 0x0968 SharedAccess - ok
    11:55:21.0472 0x0968 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    11:55:21.0487 0x0968 ShellHWDetection - ok
    11:55:21.0487 0x0968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    11:55:21.0503 0x0968 SiSRaid2 - ok
    11:55:21.0503 0x0968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    11:55:21.0503 0x0968 SiSRaid4 - ok
    11:55:21.0581 0x0968 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    11:55:21.0581 0x0968 SkypeUpdate - ok
    11:55:21.0597 0x0968 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    11:55:21.0612 0x0968 Smb - ok
    11:55:21.0628 0x0968 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    11:55:21.0628 0x0968 SNMPTRAP - ok
    11:55:21.0643 0x0968 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    11:55:21.0643 0x0968 spldr - ok
    11:55:21.0706 0x0968 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    11:55:21.0721 0x0968 Spooler - ok
    11:55:21.0832 0x0968 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    11:55:21.0910 0x0968 sppsvc - ok
    11:55:21.0925 0x0968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    11:55:21.0941 0x0968 sppuinotify - ok
    11:55:22.0019 0x0968 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
    11:55:22.0050 0x0968 sptd - ok
    11:55:22.0097 0x0968 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    11:55:22.0378 0x0968 srv - ok
    11:55:22.0393 0x0968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    11:55:22.0409 0x0968 srv2 - ok
    11:55:22.0424 0x0968 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    11:55:22.0658 0x0968 srvnet - ok
    11:55:22.0690 0x0968 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    11:55:22.0908 0x0968 SSDPSRV - ok
    11:55:22.0924 0x0968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    11:55:22.0924 0x0968 SstpSvc - ok
    11:55:22.0939 0x0968 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
    11:55:22.0955 0x0968 stexstor - ok
    11:55:23.0002 0x0968 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    11:55:23.0017 0x0968 stisvc - ok
    11:55:23.0064 0x0968 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    11:55:23.0064 0x0968 stllssvr - ok
    11:55:23.0080 0x0968 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    11:55:23.0080 0x0968 swenum - ok
    11:55:23.0111 0x0968 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    11:55:23.0142 0x0968 swprv - ok
    11:55:23.0204 0x0968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    11:55:23.0236 0x0968 SysMain - ok
    11:55:23.0251 0x0968 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    11:55:23.0267 0x0968 TabletInputService - ok
    11:55:23.0282 0x0968 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    11:55:23.0298 0x0968 TapiSrv - ok
    11:55:23.0314 0x0968 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    11:55:23.0314 0x0968 TBS - ok
    11:55:23.0407 0x0968 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    11:55:23.0470 0x0968 Tcpip - ok
    11:55:23.0563 0x0968 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    11:55:23.0594 0x0968 TCPIP6 - ok
    11:55:23.0641 0x0968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    11:55:23.0641 0x0968 tcpipreg - ok
    11:55:23.0657 0x0968 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    11:55:23.0657 0x0968 TDPIPE - ok
    11:55:23.0688 0x0968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    11:55:23.0688 0x0968 TDTCP - ok
    11:55:23.0719 0x0968 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    11:55:23.0719 0x0968 tdx - ok
    11:55:23.0735 0x0968 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    11:55:23.0750 0x0968 TermDD - ok
    11:55:23.0797 0x0968 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
    11:55:23.0828 0x0968 TermService - ok
    11:55:23.0844 0x0968 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    11:55:23.0860 0x0968 Themes - ok
    11:55:23.0875 0x0968 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    11:55:23.0891 0x0968 THREADORDER - ok
    11:55:23.0906 0x0968 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    11:55:23.0906 0x0968 TrkWks - ok
    11:55:23.0953 0x0968 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    11:55:23.0969 0x0968 TrustedInstaller - ok
    11:55:24.0000 0x0968 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    11:55:24.0000 0x0968 tssecsrv - ok
    11:55:24.0047 0x0968 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    11:55:24.0047 0x0968 TsUsbFlt - ok
    11:55:24.0062 0x0968 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    11:55:24.0062 0x0968 TsUsbGD - ok
    11:55:24.0078 0x0968 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    11:55:24.0078 0x0968 tunnel - ok
    11:55:24.0094 0x0968 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    11:55:24.0094 0x0968 uagp35 - ok
    11:55:24.0109 0x0968 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    11:55:24.0125 0x0968 udfs - ok
    11:55:24.0172 0x0968 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    11:55:24.0172 0x0968 UI0Detect - ok
    11:55:24.0187 0x0968 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    11:55:24.0203 0x0968 uliagpkx - ok
    11:55:24.0218 0x0968 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    11:55:24.0218 0x0968 umbus - ok
    11:55:24.0234 0x0968 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
    11:55:24.0234 0x0968 UmPass - ok
    11:55:24.0250 0x0968 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    11:55:24.0265 0x0968 upnphost - ok
    11:55:24.0312 0x0968 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    11:55:24.0328 0x0968 USBAAPL64 - ok
    11:55:24.0390 0x0968 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    11:55:24.0390 0x0968 usbaudio - ok
    11:55:24.0437 0x0968 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    11:55:24.0437 0x0968 usbccgp - ok
    11:55:24.0468 0x0968 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    11:55:24.0484 0x0968 usbcir - ok
    11:55:24.0515 0x0968 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    11:55:24.0515 0x0968 usbehci - ok
    11:55:24.0562 0x0968 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    11:55:24.0562 0x0968 usbhub - ok
    11:55:24.0624 0x0968 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    11:55:24.0624 0x0968 usbohci - ok
    11:55:24.0655 0x0968 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
    11:55:24.0655 0x0968 usbprint - ok
    11:55:24.0686 0x0968 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    11:55:24.0686 0x0968 USBSTOR - ok
    11:55:24.0718 0x0968 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    11:55:24.0718 0x0968 usbuhci - ok
    11:55:24.0764 0x0968 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
    11:55:24.0764 0x0968 usb_rndisx - ok
    11:55:24.0796 0x0968 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    11:55:24.0796 0x0968 UxSms - ok
    11:55:24.0811 0x0968 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
    11:55:24.0827 0x0968 VaultSvc - ok
    11:55:24.0889 0x0968 [ 58E2365E7FD880624F648C63C5D22009, 9E00C2EF3488B7477AFF75FA62F2B66FD54166C19DCA594216B23EB046335FF0 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
    11:55:24.0905 0x0968 VBoxNetAdp - ok
    11:55:24.0936 0x0968 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    11:55:24.0936 0x0968 vdrvroot - ok
    11:55:24.0967 0x0968 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    11:55:24.0983 0x0968 vds - ok
    11:55:25.0014 0x0968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    11:55:25.0014 0x0968 vga - ok
    11:55:25.0030 0x0968 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    11:55:25.0030 0x0968 VgaSave - ok
    11:55:25.0045 0x0968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    11:55:25.0061 0x0968 vhdmp - ok
    11:55:25.0108 0x0968 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    11:55:25.0108 0x0968 viaide - ok
    11:55:25.0123 0x0968 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    11:55:25.0123 0x0968 volmgr - ok
    11:55:25.0154 0x0968 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    11:55:25.0154 0x0968 volmgrx - ok
    11:55:25.0201 0x0968 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    11:55:25.0217 0x0968 volsnap - ok
    11:55:25.0217 0x0968 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    11:55:25.0232 0x0968 vsmraid - ok
    11:55:25.0295 0x0968 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    11:55:25.0357 0x0968 VSS - ok
    11:55:25.0357 0x0968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    11:55:25.0357 0x0968 vwifibus - ok
    11:55:25.0373 0x0968 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    11:55:25.0373 0x0968 vwififlt - ok
    11:55:25.0404 0x0968 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    11:55:25.0420 0x0968 W32Time - ok
    11:55:25.0435 0x0968 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    11:55:25.0435 0x0968 WacomPen - ok
    11:55:25.0482 0x0968 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    11:55:25.0482 0x0968 WANARP - ok
    11:55:25.0482 0x0968 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    11:55:25.0482 0x0968 Wanarpv6 - ok
    11:55:25.0560 0x0968 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    11:55:25.0591 0x0968 WatAdminSvc - ok
    11:55:25.0654 0x0968 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    11:55:25.0700 0x0968 wbengine - ok
    11:55:25.0732 0x0968 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    11:55:25.0747 0x0968 WbioSrvc - ok
    11:55:25.0763 0x0968 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    11:55:25.0778 0x0968 wcncsvc - ok
    11:55:25.0794 0x0968 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    11:55:25.0794 0x0968 WcsPlugInService - ok
    11:55:25.0810 0x0968 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
    11:55:25.0825 0x0968 Wd - ok
    11:55:25.0856 0x0968 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
    11:55:25.0856 0x0968 WDC_SAM - ok
    11:55:25.0903 0x0968 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    11:55:25.0934 0x0968 Wdf01000 - ok
    11:55:25.0966 0x0968 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
    11:55:25.0981 0x0968 WdiServiceHost - ok
    11:55:25.0981 0x0968 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
    11:55:25.0981 0x0968 WdiSystemHost - ok
    11:55:26.0012 0x0968 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    11:55:26.0044 0x0968 WebClient - ok
    11:55:26.0059 0x0968 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    11:55:26.0059 0x0968 Wecsvc - ok
    11:55:26.0075 0x0968 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    11:55:26.0075 0x0968 wercplsupport - ok
    11:55:26.0106 0x0968 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    11:55:26.0106 0x0968 WerSvc - ok
    11:55:26.0137 0x0968 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    11:55:26.0137 0x0968 WfpLwf - ok
    11:55:26.0168 0x0968 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
    11:55:26.0168 0x0968 WimFltr - ok
    11:55:26.0184 0x0968 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    11:55:26.0184 0x0968 WIMMount - ok
    11:55:26.0215 0x0968 WinDefend - ok
    11:55:26.0215 0x0968 WinHttpAutoProxySvc - ok
    11:55:26.0262 0x0968 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    11:55:26.0278 0x0968 Winmgmt - ok
    11:55:26.0371 0x0968 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
    11:55:26.0434 0x0968 WinRM - ok
    11:55:26.0496 0x0968 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
    11:55:26.0496 0x0968 WinUsb - ok
    11:55:26.0543 0x0968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    11:55:26.0574 0x0968 Wlansvc - ok
    11:55:26.0636 0x0968 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    11:55:26.0652 0x0968 wlcrasvc - ok
    11:55:26.0746 0x0968 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    11:55:26.0792 0x0968 wlidsvc - ok
    11:55:26.0839 0x0968 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    11:55:26.0839 0x0968 WmiAcpi - ok
    11:55:26.0870 0x0968 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    11:55:26.0886 0x0968 wmiApSrv - ok
    11:55:26.0917 0x0968 WMPNetworkSvc - ok
    11:55:26.0933 0x0968 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    11:55:26.0933 0x0968 WPCSvc - ok
    11:55:26.0948 0x0968 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    11:55:26.0948 0x0968 WPDBusEnum - ok
    11:55:26.0964 0x0968 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    11:55:26.0964 0x0968 ws2ifsl - ok
    11:55:26.0980 0x0968 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
    11:55:26.0980 0x0968 wscsvc - ok
    11:55:26.0980 0x0968 WSearch - ok
    11:55:27.0120 0x0968 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
    11:55:27.0214 0x0968 wuauserv - ok
    11:55:27.0260 0x0968 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    11:55:27.0260 0x0968 WudfPf - ok
    11:55:27.0292 0x0968 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    11:55:27.0292 0x0968 WUDFRd - ok
    11:55:27.0323 0x0968 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    11:55:27.0338 0x0968 wudfsvc - ok
    11:55:27.0370 0x0968 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    11:55:27.0385 0x0968 WwanSvc - ok
    11:55:27.0401 0x0968 ================ Scan global ===============================
    11:55:27.0416 0x0968 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    11:55:27.0463 0x0968 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
    11:55:27.0479 0x0968 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
    11:55:27.0494 0x0968 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    11:55:27.0541 0x0968 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
    11:55:27.0541 0x0968 [ Global ] - ok
    11:55:27.0541 0x0968 ================ Scan MBR ==================================
    11:55:27.0557 0x0968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    11:55:27.0760 0x0968 \Device\Harddisk0\DR0 - ok
    11:55:27.0760 0x0968 ================ Scan VBR ==================================
    11:55:27.0760 0x0968 [ F603F70A12CA388555F885BDF0C3E71B ] \Device\Harddisk0\DR0\Partition1
    11:55:27.0760 0x0968 \Device\Harddisk0\DR0\Partition1 - ok
    11:55:27.0760 0x0968 [ 061A926CA0B8AF7E7707D254CF0AA095 ] \Device\Harddisk0\DR0\Partition2
    11:55:27.0760 0x0968 \Device\Harddisk0\DR0\Partition2 - ok
    11:55:27.0760 0x0968 ================ Scan generic autorun ======================
    11:55:27.0791 0x0968 [ 43F00115C2FF39F2E1152A6AE1D85296, C6C138908A996273BA692E341072272E27366A1CCBEA393CE0C0A51AC186BFD4 ] C:\Windows\system32\igfxtray.exe
    11:55:27.0791 0x0968 IgfxTray - ok
    11:55:27.0822 0x0968 [ 77F436CF85CEC9FF73BDB418261F65F0, 66CE80AE5224881BC4AB338534F16FBA1ADBE45D4B38E9C1485DB016623A77B1 ] C:\Windows\system32\hkcmd.exe
    11:55:27.0822 0x0968 HotKeysCmds - ok
    11:55:27.0853 0x0968 [ 3636EF5F0FB848F195BEF6D217D43935, CAC2E5277EAF6FB0B59D48E1BA7FD713F5689E267341E7B6ADDACF40A8DC4C12 ] C:\Windows\system32\igfxpers.exe
    11:55:27.0869 0x0968 Persistence - ok
    11:55:27.0994 0x0968 [ 1136B11FB4B6A598051BD9648A798F7C, 9019F8479325959F8DC7415E5607AE7B90B6755F435D4E3D0E90D44CD25C2BCD ] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    11:55:28.0025 0x0968 Stage Remote - ok
    11:55:28.0056 0x0968 [ E7048263BD470D9328E1E82E5798C941, 8C7E19D68315B2BF8B2AF71B1AE13B52C4008739C35CEFFCEA62817E9E1A4D7D ] C:\Program Files\BOINC\boinctray.exe
    11:55:28.0056 0x0968 boinctray - ok
    11:55:28.0274 0x0968 [ 7F6F0D0F619141EAA9F8CB9054A91A91, 0776593C4746E455BD6F77F791CEB066BC56D8123253003388D6661086B486BB ] C:\Program Files\BOINC\boincmgr.exe
    11:55:28.0399 0x0968 boincmgr - ok
    11:55:28.0446 0x0968 [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
    11:55:28.0446 0x0968 iTunesHelper - ok
    11:55:28.0493 0x0968 [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    11:55:28.0493 0x0968 RemoteControl9 - ok
    11:55:28.0508 0x0968 [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
    11:55:28.0508 0x0968 PDVD9LanguageShortcut - ok
    11:55:28.0571 0x0968 [ 814B913346119771CA458F34ADFC16A5, 31841992C83F8FE01CED6B0E47C3B08F3F202B37813C67E73074652625932F14 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
    11:55:28.0571 0x0968 mcui_exe - ok
    11:55:28.0602 0x0968 [ A7749965A3923D024922A86BAAECAFF4, 70CC52E58881F405B334EDE68913EAB1B7FADBFB19B92F42B40E4737C6F073F7 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
    11:55:28.0618 0x0968 RoxWatchTray - ok
    11:55:28.0664 0x0968 [ 4164A47F3A2DA7EA44572904C3DF44A4, 192097A694949269CD642C4F832715F48F4448669951D027DBECE9D873E9DA94 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    11:55:28.0680 0x0968 Desktop Disc Tool - ok
    11:55:28.0758 0x0968 [ 53EDBE9C1D6B0CEC11A573852B5B6DAD, E4A6B00AA93F2E8BBA7149601A37D7388E0A5EC48CD95A0BD94939FD96726811 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    11:55:28.0774 0x0968 AccuWeatherWidget - ok
    11:55:28.0852 0x0968 [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    11:55:28.0852 0x0968 APSDaemon - ok
    11:55:28.0898 0x0968 [ A55FB42F0642DBF4817543A58E97721F, A4A8986EA050B1216D85749AB705EB36FE9D0FE0E833281DC63732B1FD4E4687 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    11:55:28.0914 0x0968 SunJavaUpdateSched - ok
    11:55:29.0008 0x0968 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    11:55:29.0132 0x0968 Sidebar - ok
    11:55:29.0164 0x0968 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    11:55:29.0179 0x0968 mctadmin - ok
    11:55:29.0210 0x0968 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    11:55:29.0242 0x0968 Sidebar - ok
    11:55:29.0242 0x0968 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    11:55:29.0242 0x0968 mctadmin - ok
    11:55:29.0273 0x0968 Skype - ok
    11:55:29.0538 0x0968 [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe
    11:55:29.0678 0x0968 Amazon Music - ok
    11:55:29.0756 0x0968 [ EADC02F7D3B46E152704BA64D7CB90FA, 4357850EEC0DE0E41210F405C821C9FAD6E25E53C745CF34F3984EA4294A144B ] C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    11:55:29.0756 0x0968 OneDrive - ok
    11:55:29.0788 0x0968 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
    11:55:29.0803 0x0968 RESTART_STICKY_NOTES - ok
    11:55:30.0053 0x0968 [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
    11:55:30.0224 0x0968 CCleaner Monitoring - ok
    11:55:30.0256 0x0968 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
    11:55:30.0271 0x0968 Uninstall C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512 - ok
    11:55:30.0380 0x0968 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe
    11:55:30.0380 0x0968 Google Update - ok
    11:55:30.0380 0x0968 Waiting for KSN requests completion. In queue: 85
    11:55:31.0394 0x0968 Waiting for KSN requests completion. In queue: 85
    11:55:32.0408 0x0968 Waiting for KSN requests completion. In queue: 85
    11:55:33.0438 0x0968 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
    11:55:33.0438 0x0968 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
    11:55:35.0903 0x0968 ============================================================
    11:55:35.0903 0x0968 Scan finished
    11:55:35.0903 0x0968 ============================================================
    11:55:35.0903 0x0798 Detected object count: 0
    11:55:35.0903 0x0798 Actual detected object count: 0
    11:58:40.0811 0x0fbc ============================================================
    11:58:40.0811 0x0fbc Scan started
    11:58:40.0811 0x0fbc Mode: Manual;
    11:58:40.0811 0x0fbc ============================================================
    11:58:40.0811 0x0fbc KSN ping started
    11:59:06.0208 0x0fbc KSN ping finished: true
    11:59:06.0816 0x0fbc ================ Scan system memory ========================
    11:59:06.0816 0x0fbc System memory - ok
    11:59:06.0816 0x0fbc ================ Scan services =============================
    11:59:06.0925 0x0fbc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    11:59:06.0941 0x0fbc 1394ohci - ok
    11:59:06.0957 0x0fbc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    11:59:06.0972 0x0fbc ACPI - ok
    11:59:06.0988 0x0fbc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    11:59:06.0988 0x0fbc AcpiPmi - ok
    11:59:07.0066 0x0fbc [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    11:59:07.0066 0x0fbc AdobeARMservice - ok
    11:59:07.0144 0x0fbc [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    11:59:07.0159 0x0fbc AdobeFlashPlayerUpdateSvc - ok
    11:59:07.0175 0x0fbc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    11:59:07.0191 0x0fbc adp94xx - ok
    11:59:07.0206 0x0fbc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
    11:59:07.0222 0x0fbc adpahci - ok
    11:59:07.0237 0x0fbc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    11:59:07.0237 0x0fbc adpu320 - ok
    11:59:07.0284 0x0fbc [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    11:59:07.0284 0x0fbc AeLookupSvc - ok
    11:59:07.0331 0x0fbc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
    11:59:07.0331 0x0fbc AFD - ok
    11:59:07.0347 0x0fbc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    11:59:07.0362 0x0fbc agp440 - ok
    11:59:07.0378 0x0fbc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    11:59:07.0378 0x0fbc ALG - ok
    11:59:07.0409 0x0fbc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    11:59:07.0409 0x0fbc aliide - ok
    11:59:07.0425 0x0fbc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    11:59:07.0425 0x0fbc amdide - ok
    11:59:07.0440 0x0fbc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    11:59:07.0440 0x0fbc AmdK8 - ok
    11:59:07.0456 0x0fbc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    11:59:07.0456 0x0fbc AmdPPM - ok
    11:59:07.0487 0x0fbc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    11:59:07.0487 0x0fbc amdsata - ok
    11:59:07.0503 0x0fbc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    11:59:07.0503 0x0fbc amdsbs - ok
    11:59:07.0518 0x0fbc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    11:59:07.0518 0x0fbc amdxata - ok
    11:59:07.0565 0x0fbc [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
    11:59:07.0565 0x0fbc AppID - ok
    11:59:07.0596 0x0fbc [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    11:59:07.0596 0x0fbc AppIDSvc - ok
    11:59:07.0627 0x0fbc [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
    11:59:07.0627 0x0fbc Appinfo - ok
    11:59:07.0705 0x0fbc [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    11:59:07.0705 0x0fbc Apple Mobile Device Service - ok
    11:59:07.0737 0x0fbc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
    11:59:07.0737 0x0fbc arc - ok
    11:59:07.0752 0x0fbc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
    11:59:07.0752 0x0fbc arcsas - ok
    11:59:07.0815 0x0fbc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    11:59:07.0815 0x0fbc aspnet_state - ok
    11:59:07.0830 0x0fbc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    11:59:07.0846 0x0fbc AsyncMac - ok
    11:59:07.0877 0x0fbc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    11:59:07.0877 0x0fbc atapi - ok
    11:59:07.0986 0x0fbc [ 80D6820DDB5427363A9D3F2137441C83, FF26B6DABDD3037EAA46BF5231B2A5A6C810E32CA63B1D7F0A573B9F220DF9A5 ] athr C:\Windows\system32\DRIVERS\athrx.sys
    11:59:08.0049 0x0fbc athr - ok
    11:59:08.0111 0x0fbc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    11:59:08.0127 0x0fbc AudioEndpointBuilder - ok
    11:59:08.0142 0x0fbc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
    11:59:08.0158 0x0fbc AudioSrv - ok
    11:59:08.0173 0x0fbc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    11:59:08.0189 0x0fbc AxInstSV - ok
    11:59:08.0220 0x0fbc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    11:59:08.0220 0x0fbc b06bdrv - ok
    11:59:08.0236 0x0fbc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    11:59:08.0251 0x0fbc b57nd60a - ok
    11:59:08.0267 0x0fbc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    11:59:08.0267 0x0fbc BDESVC - ok
    11:59:08.0267 0x0fbc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    11:59:08.0267 0x0fbc Beep - ok
    11:59:08.0298 0x0fbc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    11:59:08.0314 0x0fbc BFE - ok
    11:59:08.0361 0x0fbc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
    11:59:08.0376 0x0fbc BITS - ok
    11:59:08.0392 0x0fbc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    11:59:08.0392 0x0fbc blbdrive - ok
    11:59:08.0439 0x0fbc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    11:59:08.0454 0x0fbc Bonjour Service - ok
    11:59:08.0485 0x0fbc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    11:59:08.0485 0x0fbc bowser - ok
    11:59:08.0501 0x0fbc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    11:59:08.0501 0x0fbc BrFiltLo - ok
    11:59:08.0501 0x0fbc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    11:59:08.0501 0x0fbc BrFiltUp - ok
    11:59:08.0532 0x0fbc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    11:59:08.0532 0x0fbc Browser - ok
    11:59:08.0548 0x0fbc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    11:59:08.0563 0x0fbc Brserid - ok
    11:59:08.0563 0x0fbc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    11:59:08.0563 0x0fbc BrSerWdm - ok
    11:59:08.0563 0x0fbc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    11:59:08.0579 0x0fbc BrUsbMdm - ok
    11:59:08.0579 0x0fbc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    11:59:08.0579 0x0fbc BrUsbSer - ok
    11:59:08.0579 0x0fbc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    11:59:08.0595 0x0fbc BTHMODEM - ok
    11:59:08.0626 0x0fbc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    11:59:08.0626 0x0fbc bthserv - ok
    11:59:08.0641 0x0fbc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    11:59:08.0641 0x0fbc cdfs - ok
    11:59:08.0657 0x0fbc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    11:59:08.0673 0x0fbc cdrom - ok
    11:59:08.0673 0x0fbc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    11:59:08.0673 0x0fbc CertPropSvc - ok
    11:59:08.0704 0x0fbc [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids C:\Windows\system32\drivers\cfwids.sys
    11:59:08.0719 0x0fbc cfwids - ok
    11:59:08.0719 0x0fbc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
    11:59:08.0719 0x0fbc circlass - ok
    11:59:08.0766 0x0fbc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
    11:59:08.0782 0x0fbc CLFS - ok
    11:59:08.0922 0x0fbc [ 85FF7BE64BF886933E4385FC5CA97C99, FFD5CBC07C016CC78342BC4DFBEF9E70285BEADEB0DB70CD92D065A68CB2814F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
    11:59:08.0985 0x0fbc ClickToRunSvc - ok
    11:59:09.0047 0x0fbc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    11:59:09.0063 0x0fbc clr_optimization_v2.0.50727_32 - ok
    11:59:09.0109 0x0fbc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    11:59:09.0109 0x0fbc clr_optimization_v2.0.50727_64 - ok
    11:59:09.0156 0x0fbc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    11:59:09.0172 0x0fbc clr_optimization_v4.0.30319_32 - ok
    11:59:09.0203 0x0fbc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    11:59:09.0219 0x0fbc clr_optimization_v4.0.30319_64 - ok
    11:59:09.0234 0x0fbc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
    11:59:09.0234 0x0fbc CmBatt - ok
    11:59:09.0265 0x0fbc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    11:59:09.0265 0x0fbc cmdide - ok
    11:59:09.0312 0x0fbc [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
    11:59:09.0328 0x0fbc CNG - ok
    11:59:09.0343 0x0fbc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    11:59:09.0343 0x0fbc Compbatt - ok
    11:59:09.0359 0x0fbc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    11:59:09.0359 0x0fbc CompositeBus - ok
    11:59:09.0359 0x0fbc COMSysApp - ok
    11:59:09.0375 0x0fbc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    11:59:09.0375 0x0fbc crcdisk - ok
    11:59:09.0421 0x0fbc [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    11:59:09.0437 0x0fbc CryptSvc - ok
    11:59:09.0468 0x0fbc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    11:59:09.0484 0x0fbc DcomLaunch - ok
    11:59:09.0499 0x0fbc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    11:59:09.0515 0x0fbc defragsvc - ok
    11:59:09.0531 0x0fbc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    11:59:09.0531 0x0fbc DfsC - ok
    11:59:09.0546 0x0fbc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    11:59:09.0546 0x0fbc Dhcp - ok
    11:59:09.0624 0x0fbc [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
    11:59:09.0655 0x0fbc DiagTrack - ok
    11:59:09.0671 0x0fbc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    11:59:09.0671 0x0fbc discache - ok
    11:59:09.0687 0x0fbc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
    11:59:09.0687 0x0fbc Disk - ok
    11:59:09.0718 0x0fbc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    11:59:09.0733 0x0fbc Dnscache - ok
    11:59:09.0749 0x0fbc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    11:59:09.0765 0x0fbc dot3svc - ok
    11:59:09.0765 0x0fbc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    11:59:09.0780 0x0fbc DPS - ok
    11:59:09.0811 0x0fbc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    11:59:09.0811 0x0fbc drmkaud - ok
    11:59:09.0874 0x0fbc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    11:59:09.0889 0x0fbc DXGKrnl - ok
    11:59:09.0936 0x0fbc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    11:59:09.0936 0x0fbc EapHost - ok
    11:59:10.0030 0x0fbc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
    11:59:10.0077 0x0fbc ebdrv - ok
    11:59:10.0108 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
    11:59:10.0108 0x0fbc EFS - ok
    11:59:10.0170 0x0fbc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    11:59:10.0186 0x0fbc ehRecvr - ok
    11:59:10.0217 0x0fbc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    11:59:10.0217 0x0fbc ehSched - ok
    11:59:10.0248 0x0fbc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    11:59:10.0248 0x0fbc elxstor - ok
    11:59:10.0264 0x0fbc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    11:59:10.0264 0x0fbc ErrDev - ok
    11:59:10.0295 0x0fbc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    11:59:10.0295 0x0fbc EventSystem - ok
    11:59:10.0311 0x0fbc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    11:59:10.0326 0x0fbc exfat - ok
    11:59:10.0342 0x0fbc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    11:59:10.0342 0x0fbc fastfat - ok
    11:59:10.0357 0x0fbc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    11:59:10.0373 0x0fbc Fax - ok
    11:59:10.0373 0x0fbc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
    11:59:10.0373 0x0fbc fdc - ok
    11:59:10.0389 0x0fbc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    11:59:10.0389 0x0fbc fdPHost - ok
    11:59:10.0404 0x0fbc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    11:59:10.0404 0x0fbc FDResPub - ok
    11:59:10.0404 0x0fbc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    11:59:10.0404 0x0fbc FileInfo - ok
    11:59:10.0420 0x0fbc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    11:59:10.0420 0x0fbc Filetrace - ok
    11:59:10.0420 0x0fbc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    11:59:10.0420 0x0fbc flpydisk - ok
    11:59:10.0435 0x0fbc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    11:59:10.0435 0x0fbc FltMgr - ok
    11:59:10.0513 0x0fbc [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
    11:59:10.0529 0x0fbc FontCache - ok
    11:59:10.0560 0x0fbc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    11:59:10.0560 0x0fbc FontCache3.0.0.0 - ok
    11:59:10.0560 0x0fbc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    11:59:10.0560 0x0fbc FsDepends - ok
    11:59:10.0607 0x0fbc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    11:59:10.0607 0x0fbc Fs_Rec - ok
    11:59:10.0638 0x0fbc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    11:59:10.0654 0x0fbc fvevol - ok
    11:59:10.0654 0x0fbc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    11:59:10.0654 0x0fbc gagp30kx - ok
    11:59:10.0716 0x0fbc [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    11:59:10.0716 0x0fbc GamesAppService - ok
    11:59:10.0747 0x0fbc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    11:59:10.0747 0x0fbc GEARAspiWDM - ok
    11:59:10.0794 0x0fbc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    11:59:10.0825 0x0fbc gpsvc - ok
    11:59:10.0888 0x0fbc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:59:10.0888 0x0fbc gupdate - ok
    11:59:10.0888 0x0fbc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    11:59:10.0888 0x0fbc gupdatem - ok
    11:59:10.0919 0x0fbc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    11:59:10.0919 0x0fbc gusvc - ok
    11:59:10.0950 0x0fbc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    11:59:10.0950 0x0fbc hcw85cir - ok
    11:59:10.0981 0x0fbc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    11:59:10.0997 0x0fbc HdAudAddService - ok
    11:59:11.0013 0x0fbc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    11:59:11.0013 0x0fbc HDAudBus - ok
    11:59:11.0028 0x0fbc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    11:59:11.0028 0x0fbc HidBatt - ok
    11:59:11.0044 0x0fbc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    11:59:11.0044 0x0fbc HidBth - ok
    11:59:11.0044 0x0fbc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
    11:59:11.0044 0x0fbc HidIr - ok
    11:59:11.0059 0x0fbc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
    11:59:11.0059 0x0fbc hidserv - ok
    11:59:11.0091 0x0fbc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    11:59:11.0091 0x0fbc HidUsb - ok
    11:59:11.0137 0x0fbc [ 68EA8A3D98781A13B7D5A67B72787754, DD085A60CE0E5D268065B709B81351AE5C9CC7647275F3DC0135437658E1A3C8 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
    11:59:11.0137 0x0fbc HipShieldK - ok
    11:59:11.0153 0x0fbc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    11:59:11.0153 0x0fbc hkmsvc - ok
    11:59:11.0169 0x0fbc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    11:59:11.0184 0x0fbc HomeGroupListener - ok
    11:59:11.0200 0x0fbc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    11:59:11.0200 0x0fbc HomeGroupProvider - ok
    11:59:11.0325 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:59:11.0340 0x0fbc HomeNetSvc - ok
    11:59:11.0356 0x0fbc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    11:59:11.0356 0x0fbc HpSAMD - ok
    11:59:11.0403 0x0fbc [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
    11:59:11.0403 0x0fbc HTCAND64 - ok
    11:59:11.0449 0x0fbc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    11:59:11.0481 0x0fbc HTTP - ok
    11:59:11.0481 0x0fbc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    11:59:11.0481 0x0fbc hwpolicy - ok
    11:59:11.0496 0x0fbc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    11:59:11.0496 0x0fbc i8042prt - ok
    11:59:11.0527 0x0fbc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    11:59:11.0543 0x0fbc iaStorV - ok
    11:59:11.0605 0x0fbc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    11:59:11.0621 0x0fbc idsvc - ok
    11:59:11.0621 0x0fbc IEEtwCollectorService - ok
    11:59:12.0027 0x0fbc [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    11:59:12.0292 0x0fbc igfx - ok
    11:59:12.0307 0x0fbc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    11:59:12.0307 0x0fbc iirsp - ok
    11:59:12.0370 0x0fbc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    11:59:12.0385 0x0fbc IKEEXT - ok
    11:59:12.0417 0x0fbc [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    11:59:12.0417 0x0fbc IntcDAud - ok
    11:59:12.0448 0x0fbc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    11:59:12.0448 0x0fbc intelide - ok
    11:59:12.0463 0x0fbc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    11:59:12.0463 0x0fbc intelppm - ok
    11:59:12.0495 0x0fbc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    11:59:12.0495 0x0fbc IPBusEnum - ok
    11:59:12.0495 0x0fbc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    11:59:12.0510 0x0fbc IpFilterDriver - ok
    11:59:12.0557 0x0fbc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    11:59:12.0573 0x0fbc iphlpsvc - ok
    11:59:12.0588 0x0fbc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    11:59:12.0588 0x0fbc IPMIDRV - ok
    11:59:12.0619 0x0fbc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    11:59:12.0619 0x0fbc IPNAT - ok
    11:59:12.0666 0x0fbc [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    11:59:12.0682 0x0fbc iPod Service - ok
    11:59:12.0682 0x0fbc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    11:59:12.0682 0x0fbc IRENUM - ok
    11:59:12.0697 0x0fbc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    11:59:12.0697 0x0fbc isapnp - ok
    11:59:12.0729 0x0fbc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    11:59:12.0744 0x0fbc iScsiPrt - ok
    11:59:12.0760 0x0fbc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    11:59:12.0760 0x0fbc kbdclass - ok
    11:59:12.0775 0x0fbc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    11:59:12.0775 0x0fbc kbdhid - ok
    11:59:12.0791 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
    11:59:12.0791 0x0fbc KeyIso - ok
    11:59:12.0822 0x0fbc [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    11:59:12.0822 0x0fbc KSecDD - ok
    11:59:12.0838 0x0fbc [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    11:59:12.0838 0x0fbc KSecPkg - ok
    11:59:12.0853 0x0fbc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    11:59:12.0853 0x0fbc ksthunk - ok
    11:59:12.0885 0x0fbc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    11:59:12.0900 0x0fbc KtmRm - ok
    11:59:12.0916 0x0fbc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
    11:59:12.0931 0x0fbc LanmanServer - ok
    11:59:12.0947 0x0fbc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    11:59:12.0947 0x0fbc LanmanWorkstation - ok
    11:59:12.0963 0x0fbc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    11:59:12.0963 0x0fbc lltdio - ok
    11:59:12.0994 0x0fbc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    11:59:13.0009 0x0fbc lltdsvc - ok
    11:59:13.0009 0x0fbc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    11:59:13.0025 0x0fbc lmhosts - ok
    11:59:13.0041 0x0fbc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    11:59:13.0056 0x0fbc LSI_FC - ok
    11:59:13.0056 0x0fbc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    11:59:13.0056 0x0fbc LSI_SAS - ok
    11:59:13.0072 0x0fbc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    11:59:13.0072 0x0fbc LSI_SAS2 - ok
    11:59:13.0072 0x0fbc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    11:59:13.0072 0x0fbc LSI_SCSI - ok
    11:59:13.0103 0x0fbc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    11:59:13.0103 0x0fbc luafv - ok
    11:59:13.0150 0x0fbc [ 3AC9839AFCBABD0424F1DB43C1C3A924, F23BF0405A298B090065C08F99114257569921564234F1F10219639346560C69 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    11:59:13.0150 0x0fbc McAfee SiteAdvisor Service - ok
    11:59:13.0259 0x0fbc [ 278E661D8D5DC7FEF3932DB1698E1BBB, 5D9BC30321E6DC6FADF83E5272316EBEFB99244AB0CAD41F28DA9AAA2E30DA6C ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
    11:59:13.0275 0x0fbc McAPExe - ok
    11:59:13.0337 0x0fbc [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
    11:59:13.0353 0x0fbc McComponentHostService - ok
    11:59:13.0446 0x0fbc [ 5DDFE5AF5D91A8754530EC0CF2A0125F, F4B8DCD4D2863895509F7E9EFC965CA2A59CEDA1DD50CF8354A8FAF3E245CAB2 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
    11:59:13.0446 0x0fbc mccspsvc - ok
    11:59:13.0477 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:59:13.0477 0x0fbc McMPFSvc - ok
    11:59:13.0493 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McNaiAnn C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:59:13.0509 0x0fbc McNaiAnn - ok
    11:59:13.0587 0x0fbc [ 1C5BE4413C35D6B1F61C7EC7A628ECDD, E6BAD7F19D3E76268A09230A123BB47D6C7238B6E007CC45C6BC51BB993E8B46 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
    11:59:13.0587 0x0fbc McODS - ok
    11:59:13.0602 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] mcpltsvc C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:59:13.0602 0x0fbc mcpltsvc - ok
    11:59:13.0618 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McProxy C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    11:59:13.0618 0x0fbc McProxy - ok
    11:59:13.0649 0x0fbc [ 6FA527C55F29302E906DE3E7D0A5FF44, A15CA79B2B3E6E84A1DFECE86276167B869ADD6286BD970B3C97550DD3C214B2 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
    11:59:13.0649 0x0fbc McPvDrv - ok
    11:59:13.0680 0x0fbc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    11:59:13.0680 0x0fbc Mcx2Svc - ok
    11:59:13.0696 0x0fbc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
    11:59:13.0711 0x0fbc megasas - ok
    11:59:13.0727 0x0fbc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    11:59:13.0727 0x0fbc MegaSR - ok
    11:59:13.0758 0x0fbc [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    11:59:13.0758 0x0fbc MEIx64 - ok
    11:59:13.0805 0x0fbc [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
    11:59:13.0836 0x0fbc mfeaack - ok
    11:59:13.0883 0x0fbc [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
    11:59:13.0899 0x0fbc mfeavfk - ok
    11:59:13.0961 0x0fbc [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk C:\Windows\system32\DRIVERS\mfedisk.sys
    11:59:13.0961 0x0fbc mfedisk - ok
    11:59:14.0024 0x0fbc [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    11:59:14.0024 0x0fbc mfefire - ok
    11:59:14.0056 0x0fbc [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
    11:59:14.0056 0x0fbc mfefirek - ok
    11:59:14.0102 0x0fbc [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
    11:59:14.0118 0x0fbc mfehidk - ok
    11:59:14.0149 0x0fbc [ 172F71DAFD8D139CB12D20A2A9986676, 9B2CBCE81C7EE0A150CDC4F68370D0B75E9AE57BDB82A4D1B74F4F9F09329240 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    11:59:14.0165 0x0fbc mfemms - ok
    11:59:14.0212 0x0fbc [ 6DCA16733237F51775CA1DA28F8B20C2, 1F0CE7521C499E86C570F528206C1D4A73A4238F953A295170391F4469D4EA59 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
    11:59:14.0227 0x0fbc mfencbdc - ok
    11:59:14.0243 0x0fbc [ 49C3EEAAADE470DB5CEF659D1A60D443, EA7563E4D3B8304EB8BCCF468CBD09ED9B38B1754A6A061640722306E81E6316 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
    11:59:14.0243 0x0fbc mfencrk - ok
    11:59:14.0274 0x0fbc [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp C:\Windows\system32\mfevtps.exe
    11:59:14.0274 0x0fbc mfevtp - ok
    11:59:14.0321 0x0fbc [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
    11:59:14.0336 0x0fbc mfewfpk - ok
    11:59:14.0368 0x0fbc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    11:59:14.0368 0x0fbc MMCSS - ok
    11:59:14.0383 0x0fbc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    11:59:14.0383 0x0fbc Modem - ok
    11:59:14.0399 0x0fbc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    11:59:14.0399 0x0fbc monitor - ok
    11:59:14.0414 0x0fbc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    11:59:14.0414 0x0fbc mouclass - ok
    11:59:14.0430 0x0fbc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    11:59:14.0430 0x0fbc mouhid - ok
    11:59:14.0477 0x0fbc [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    11:59:14.0477 0x0fbc mountmgr - ok
    11:59:14.0508 0x0fbc [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    11:59:14.0508 0x0fbc MozillaMaintenance - ok
    11:59:14.0524 0x0fbc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    11:59:14.0539 0x0fbc mpio - ok
    11:59:14.0570 0x0fbc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    11:59:14.0570 0x0fbc mpsdrv - ok
    11:59:14.0617 0x0fbc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    11:59:14.0617 0x0fbc MpsSvc - ok
    11:59:14.0664 0x0fbc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    11:59:14.0664 0x0fbc MRxDAV - ok
    11:59:14.0695 0x0fbc [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    11:59:14.0695 0x0fbc mrxsmb - ok
    11:59:14.0742 0x0fbc [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    11:59:14.0742 0x0fbc mrxsmb10 - ok
    11:59:14.0758 0x0fbc [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    11:59:14.0758 0x0fbc mrxsmb20 - ok
    11:59:14.0804 0x0fbc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    11:59:14.0804 0x0fbc msahci - ok
    11:59:14.0836 0x0fbc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    11:59:14.0836 0x0fbc msdsm - ok
    11:59:14.0851 0x0fbc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    11:59:14.0867 0x0fbc MSDTC - ok
    11:59:14.0882 0x0fbc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    11:59:14.0882 0x0fbc Msfs - ok
    11:59:14.0882 0x0fbc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    11:59:14.0882 0x0fbc mshidkmdf - ok
    11:59:14.0898 0x0fbc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    11:59:14.0914 0x0fbc msisadrv - ok
    11:59:14.0929 0x0fbc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    11:59:14.0945 0x0fbc MSiSCSI - ok
    11:59:14.0945 0x0fbc msiserver - ok
    11:59:14.0976 0x0fbc [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    11:59:14.0976 0x0fbc MSK80Service - ok
    11:59:14.0992 0x0fbc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    11:59:14.0992 0x0fbc MSKSSRV - ok
    11:59:15.0007 0x0fbc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    11:59:15.0007 0x0fbc MSPCLOCK - ok
    11:59:15.0023 0x0fbc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    11:59:15.0023 0x0fbc MSPQM - ok
    11:59:15.0054 0x0fbc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    11:59:15.0070 0x0fbc MsRPC - ok
    11:59:15.0070 0x0fbc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    11:59:15.0070 0x0fbc mssmbios - ok
    11:59:15.0101 0x0fbc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    11:59:15.0101 0x0fbc MSTEE - ok
    11:59:15.0116 0x0fbc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    11:59:15.0116 0x0fbc MTConfig - ok
    11:59:15.0132 0x0fbc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    11:59:15.0132 0x0fbc Mup - ok
    11:59:15.0148 0x0fbc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    11:59:15.0163 0x0fbc napagent - ok
    11:59:15.0179 0x0fbc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    11:59:15.0194 0x0fbc NativeWifiP - ok
    11:59:15.0241 0x0fbc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    11:59:15.0272 0x0fbc NDIS - ok
    11:59:15.0272 0x0fbc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    11:59:15.0288 0x0fbc NdisCap - ok
    11:59:15.0304 0x0fbc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    11:59:15.0304 0x0fbc NdisTapi - ok
    11:59:15.0304 0x0fbc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    11:59:15.0304 0x0fbc Ndisuio - ok
    11:59:15.0319 0x0fbc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    11:59:15.0319 0x0fbc NdisWan - ok
    11:59:15.0335 0x0fbc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    11:59:15.0335 0x0fbc NDProxy - ok
    11:59:15.0350 0x0fbc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    11:59:15.0350 0x0fbc NetBIOS - ok
    11:59:15.0366 0x0fbc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    11:59:15.0366 0x0fbc NetBT - ok
    11:59:15.0366 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
    11:59:15.0382 0x0fbc Netlogon - ok
    11:59:15.0397 0x0fbc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    11:59:15.0413 0x0fbc Netman - ok
    11:59:15.0444 0x0fbc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:59:15.0444 0x0fbc NetMsmqActivator - ok
    11:59:15.0444 0x0fbc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:59:15.0460 0x0fbc NetPipeActivator - ok
    11:59:15.0491 0x0fbc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    11:59:15.0506 0x0fbc netprofm - ok
    11:59:15.0522 0x0fbc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:59:15.0522 0x0fbc NetTcpActivator - ok
    11:59:15.0538 0x0fbc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    11:59:15.0538 0x0fbc NetTcpPortSharing - ok
    11:59:15.0553 0x0fbc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    11:59:15.0553 0x0fbc nfrd960 - ok
    11:59:15.0600 0x0fbc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
    11:59:15.0600 0x0fbc NlaSvc - ok
    11:59:15.0818 0x0fbc [ F389A22EE9077C8B6F27E01D8B5CDA1B, 9955234219AB8DEE536A06C058E67CEC45607551E8D8EE95B57FB5761457B595 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    11:59:15.0912 0x0fbc NOBU - ok
    11:59:15.0943 0x0fbc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    11:59:15.0943 0x0fbc Npfs - ok
    11:59:15.0943 0x0fbc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    11:59:15.0943 0x0fbc nsi - ok
    11:59:15.0959 0x0fbc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    11:59:15.0959 0x0fbc nsiproxy - ok
    11:59:16.0052 0x0fbc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    11:59:16.0084 0x0fbc Ntfs - ok
    11:59:16.0099 0x0fbc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    11:59:16.0099 0x0fbc Null - ok
    11:59:16.0130 0x0fbc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    11:59:16.0130 0x0fbc nvraid - ok
    11:59:16.0162 0x0fbc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    11:59:16.0162 0x0fbc nvstor - ok
    11:59:16.0177 0x0fbc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    11:59:16.0177 0x0fbc nv_agp - ok
    11:59:16.0193 0x0fbc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    11:59:16.0208 0x0fbc ohci1394 - ok
    11:59:16.0255 0x0fbc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    11:59:16.0271 0x0fbc ose - ok
    11:59:16.0442 0x0fbc [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    11:59:16.0567 0x0fbc osppsvc - ok
    11:59:16.0598 0x0fbc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    11:59:16.0614 0x0fbc p2pimsvc - ok
    11:59:16.0630 0x0fbc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    11:59:16.0645 0x0fbc p2psvc - ok
    11:59:16.0661 0x0fbc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
    11:59:16.0661 0x0fbc Parport - ok
    11:59:16.0708 0x0fbc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    11:59:16.0708 0x0fbc partmgr - ok
    11:59:16.0739 0x0fbc [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
    11:59:16.0754 0x0fbc PcaSvc - ok
    11:59:16.0770 0x0fbc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    11:59:16.0786 0x0fbc pci - ok
    11:59:16.0801 0x0fbc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    11:59:16.0801 0x0fbc pciide - ok
    11:59:16.0832 0x0fbc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    11:59:16.0832 0x0fbc pcmcia - ok
    11:59:16.0864 0x0fbc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    11:59:16.0864 0x0fbc pcw - ok
    11:59:16.0910 0x0fbc [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    11:59:16.0926 0x0fbc PEAUTH - ok
    11:59:16.0973 0x0fbc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    11:59:16.0988 0x0fbc PerfHost - ok
    11:59:17.0051 0x0fbc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    11:59:17.0082 0x0fbc pla - ok
    11:59:17.0129 0x0fbc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    11:59:17.0129 0x0fbc PlugPlay - ok
    11:59:17.0144 0x0fbc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    11:59:17.0144 0x0fbc PNRPAutoReg - ok
    11:59:17.0160 0x0fbc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    11:59:17.0176 0x0fbc PNRPsvc - ok
    11:59:17.0191 0x0fbc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    11:59:17.0207 0x0fbc PolicyAgent - ok
    11:59:17.0238 0x0fbc [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
    11:59:17.0254 0x0fbc Power - ok
    11:59:17.0269 0x0fbc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    11:59:17.0269 0x0fbc PptpMiniport - ok
    11:59:17.0285 0x0fbc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
    11:59:17.0300 0x0fbc Processor - ok
    11:59:17.0332 0x0fbc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
    11:59:17.0332 0x0fbc ProfSvc - ok
    11:59:17.0347 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
    11:59:17.0347 0x0fbc ProtectedStorage - ok
    11:59:17.0363 0x0fbc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    11:59:17.0363 0x0fbc Psched - ok
    11:59:17.0394 0x0fbc [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    11:59:17.0394 0x0fbc PxHlpa64 - ok
    11:59:17.0456 0x0fbc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    11:59:17.0488 0x0fbc ql2300 - ok
    11:59:17.0519 0x0fbc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    11:59:17.0519 0x0fbc ql40xx - ok
    11:59:17.0534 0x0fbc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    11:59:17.0550 0x0fbc QWAVE - ok
    11:59:17.0566 0x0fbc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    11:59:17.0566 0x0fbc QWAVEdrv - ok
    11:59:17.0581 0x0fbc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    11:59:17.0581 0x0fbc RasAcd - ok
    11:59:17.0597 0x0fbc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    11:59:17.0597 0x0fbc RasAgileVpn - ok
    11:59:17.0612 0x0fbc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    11:59:17.0612 0x0fbc RasAuto - ok
    11:59:17.0628 0x0fbc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    11:59:17.0628 0x0fbc Rasl2tp - ok
    11:59:17.0644 0x0fbc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    11:59:17.0659 0x0fbc RasMan - ok
    11:59:17.0659 0x0fbc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    11:59:17.0659 0x0fbc RasPppoe - ok
    11:59:17.0675 0x0fbc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    11:59:17.0675 0x0fbc RasSstp - ok
    11:59:17.0690 0x0fbc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    11:59:17.0690 0x0fbc rdbss - ok
    11:59:17.0706 0x0fbc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    11:59:17.0706 0x0fbc rdpbus - ok
    11:59:17.0722 0x0fbc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    11:59:17.0722 0x0fbc RDPCDD - ok
    11:59:17.0722 0x0fbc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    11:59:17.0722 0x0fbc RDPENCDD - ok
    11:59:17.0737 0x0fbc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    11:59:17.0737 0x0fbc RDPREFMP - ok
    11:59:17.0784 0x0fbc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    11:59:17.0784 0x0fbc RDPWD - ok
    11:59:17.0815 0x0fbc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    11:59:17.0815 0x0fbc rdyboost - ok
    11:59:17.0846 0x0fbc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    11:59:17.0846 0x0fbc RemoteAccess - ok
    11:59:17.0862 0x0fbc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    11:59:17.0862 0x0fbc RemoteRegistry - ok
    11:59:17.0893 0x0fbc [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
    11:59:17.0893 0x0fbc RimUsb - ok
    11:59:18.0002 0x0fbc [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    11:59:18.0018 0x0fbc RoxMediaDB12OEM - ok
    11:59:18.0065 0x0fbc [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    11:59:18.0065 0x0fbc RoxWatch12 - ok
    11:59:18.0080 0x0fbc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    11:59:18.0080 0x0fbc RpcEptMapper - ok
    11:59:18.0096 0x0fbc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    11:59:18.0112 0x0fbc RpcLocator - ok
    11:59:18.0127 0x0fbc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    11:59:18.0143 0x0fbc RpcSs - ok
    11:59:18.0174 0x0fbc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    11:59:18.0174 0x0fbc rspndr - ok
    11:59:18.0221 0x0fbc [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    11:59:18.0236 0x0fbc RTL8167 - ok
    11:59:18.0252 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
    11:59:18.0252 0x0fbc SamSs - ok
    11:59:18.0268 0x0fbc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    11:59:18.0268 0x0fbc sbp2port - ok
    11:59:18.0283 0x0fbc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    11:59:18.0283 0x0fbc SCardSvr - ok
    11:59:18.0299 0x0fbc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    11:59:18.0299 0x0fbc scfilter - ok
    11:59:18.0330 0x0fbc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    11:59:18.0346 0x0fbc Schedule - ok
    11:59:18.0361 0x0fbc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    11:59:18.0361 0x0fbc SCPolicySvc - ok
    11:59:18.0377 0x0fbc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    11:59:18.0377 0x0fbc SDRSVC - ok
    11:59:18.0392 0x0fbc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    11:59:18.0392 0x0fbc secdrv - ok
    11:59:18.0408 0x0fbc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    11:59:18.0408 0x0fbc seclogon - ok
    11:59:18.0408 0x0fbc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
    11:59:18.0408 0x0fbc SENS - ok
    11:59:18.0424 0x0fbc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    11:59:18.0424 0x0fbc SensrSvc - ok
    11:59:18.0424 0x0fbc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
    11:59:18.0439 0x0fbc Serenum - ok
    11:59:18.0439 0x0fbc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
    11:59:18.0439 0x0fbc Serial - ok
    11:59:18.0439 0x0fbc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
    11:59:18.0439 0x0fbc sermouse - ok
    11:59:18.0470 0x0fbc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    11:59:18.0470 0x0fbc SessionEnv - ok
    11:59:18.0470 0x0fbc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    11:59:18.0470 0x0fbc sffdisk - ok
    11:59:18.0470 0x0fbc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    11:59:18.0470 0x0fbc sffp_mmc - ok
    11:59:18.0470 0x0fbc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    11:59:18.0470 0x0fbc sffp_sd - ok
    11:59:18.0486 0x0fbc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    11:59:18.0486 0x0fbc sfloppy - ok
    11:59:18.0580 0x0fbc [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    11:59:18.0611 0x0fbc SftService - ok
    11:59:18.0642 0x0fbc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    11:59:18.0658 0x0fbc SharedAccess - ok
    11:59:18.0658 0x0fbc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    11:59:18.0673 0x0fbc ShellHWDetection - ok
    11:59:18.0673 0x0fbc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    11:59:18.0673 0x0fbc SiSRaid2 - ok
    11:59:18.0673 0x0fbc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    11:59:18.0689 0x0fbc SiSRaid4 - ok
    11:59:18.0736 0x0fbc [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    11:59:18.0751 0x0fbc SkypeUpdate - ok
    11:59:18.0751 0x0fbc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    11:59:18.0751 0x0fbc Smb - ok
    11:59:18.0782 0x0fbc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    11:59:18.0782 0x0fbc SNMPTRAP - ok
    11:59:18.0782 0x0fbc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    11:59:18.0782 0x0fbc spldr - ok
    11:59:18.0845 0x0fbc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    11:59:18.0845 0x0fbc Spooler - ok
    11:59:18.0970 0x0fbc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    11:59:19.0048 0x0fbc sppsvc - ok
    11:59:19.0063 0x0fbc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    11:59:19.0063 0x0fbc sppuinotify - ok
    11:59:19.0110 0x0fbc [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
    11:59:19.0126 0x0fbc sptd - ok
    11:59:19.0157 0x0fbc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    11:59:19.0172 0x0fbc srv - ok
    11:59:19.0188 0x0fbc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    11:59:19.0188 0x0fbc srv2 - ok
    11:59:19.0204 0x0fbc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    11:59:19.0219 0x0fbc srvnet - ok
    11:59:19.0219 0x0fbc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    11:59:19.0235 0x0fbc SSDPSRV - ok
    11:59:19.0250 0x0fbc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    11:59:19.0250 0x0fbc SstpSvc - ok
    11:59:19.0266 0x0fbc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
    11:59:19.0266 0x0fbc stexstor - ok
    11:59:19.0313 0x0fbc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    11:59:19.0328 0x0fbc stisvc - ok
    11:59:19.0360 0x0fbc [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    11:59:19.0360 0x0fbc stllssvr - ok
    11:59:19.0375 0x0fbc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    11:59:19.0375 0x0fbc swenum - ok
    11:59:19.0422 0x0fbc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    11:59:19.0422 0x0fbc swprv - ok
    11:59:19.0484 0x0fbc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    11:59:19.0531 0x0fbc SysMain - ok
    11:59:19.0547 0x0fbc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    11:59:19.0547 0x0fbc TabletInputService - ok
    11:59:19.0562 0x0fbc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    11:59:19.0578 0x0fbc TapiSrv - ok
    11:59:19.0594 0x0fbc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    11:59:19.0594 0x0fbc TBS - ok
    11:59:19.0672 0x0fbc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    11:59:19.0718 0x0fbc Tcpip - ok
    11:59:19.0781 0x0fbc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    11:59:19.0828 0x0fbc TCPIP6 - ok
    11:59:19.0859 0x0fbc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    11:59:19.0874 0x0fbc tcpipreg - ok
    11:59:19.0874 0x0fbc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    11:59:19.0890 0x0fbc TDPIPE - ok
    11:59:19.0921 0x0fbc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    11:59:19.0921 0x0fbc TDTCP - ok
    11:59:19.0937 0x0fbc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    11:59:19.0952 0x0fbc tdx - ok
    11:59:19.0968 0x0fbc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    11:59:19.0968 0x0fbc TermDD - ok
    11:59:20.0030 0x0fbc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
    11:59:20.0046 0x0fbc TermService - ok
    11:59:20.0062 0x0fbc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    11:59:20.0062 0x0fbc Themes - ok
    11:59:20.0093 0x0fbc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    11:59:20.0093 0x0fbc THREADORDER - ok
    11:59:20.0108 0x0fbc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    11:59:20.0124 0x0fbc TrkWks - ok
    11:59:20.0171 0x0fbc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    11:59:20.0186 0x0fbc TrustedInstaller - ok
    11:59:20.0218 0x0fbc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    11:59:20.0218 0x0fbc tssecsrv - ok
    11:59:20.0233 0x0fbc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    11:59:20.0233 0x0fbc TsUsbFlt - ok
    11:59:20.0249 0x0fbc [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    11:59:20.0249 0x0fbc TsUsbGD - ok
    11:59:20.0264 0x0fbc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    11:59:20.0264 0x0fbc tunnel - ok
    11:59:20.0280 0x0fbc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    11:59:20.0280 0x0fbc uagp35 - ok
    11:59:20.0327 0x0fbc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    11:59:20.0327 0x0fbc udfs - ok
    11:59:20.0342 0x0fbc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    11:59:20.0342 0x0fbc UI0Detect - ok
    11:59:20.0358 0x0fbc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    11:59:20.0358 0x0fbc uliagpkx - ok
    11:59:20.0374 0x0fbc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    11:59:20.0374 0x0fbc umbus - ok
    11:59:20.0389 0x0fbc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
    11:59:20.0389 0x0fbc UmPass - ok
    11:59:20.0405 0x0fbc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    11:59:20.0420 0x0fbc upnphost - ok
    11:59:20.0452 0x0fbc [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    11:59:20.0452 0x0fbc USBAAPL64 - ok
    11:59:20.0483 0x0fbc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    11:59:20.0483 0x0fbc usbaudio - ok
    11:59:20.0530 0x0fbc [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    11:59:20.0530 0x0fbc usbccgp - ok
    11:59:20.0561 0x0fbc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    11:59:20.0561 0x0fbc usbcir - ok
    11:59:20.0592 0x0fbc [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    11:59:20.0592 0x0fbc usbehci - ok
    11:59:20.0623 0x0fbc [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    11:59:20.0623 0x0fbc usbhub - ok
    11:59:20.0654 0x0fbc [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    11:59:20.0654 0x0fbc usbohci - ok
    11:59:20.0686 0x0fbc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
    11:59:20.0686 0x0fbc usbprint - ok
    11:59:20.0717 0x0fbc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    11:59:20.0717 0x0fbc USBSTOR - ok
    11:59:20.0748 0x0fbc [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    11:59:20.0748 0x0fbc usbuhci - ok
    11:59:20.0779 0x0fbc [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
    11:59:20.0779 0x0fbc usb_rndisx - ok
    11:59:20.0795 0x0fbc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    11:59:20.0795 0x0fbc UxSms - ok
    11:59:20.0810 0x0fbc [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
    11:59:20.0810 0x0fbc VaultSvc - ok
    11:59:20.0857 0x0fbc [ 58E2365E7FD880624F648C63C5D22009, 9E00C2EF3488B7477AFF75FA62F2B66FD54166C19DCA594216B23EB046335FF0 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
    11:59:20.0857 0x0fbc VBoxNetAdp - ok
    11:59:20.0873 0x0fbc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    11:59:20.0873 0x0fbc vdrvroot - ok
    11:59:20.0904 0x0fbc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    11:59:20.0920 0x0fbc vds - ok
    11:59:20.0920 0x0fbc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    11:59:20.0920 0x0fbc vga - ok
    11:59:20.0935 0x0fbc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    11:59:20.0935 0x0fbc VgaSave - ok
    11:59:20.0951 0x0fbc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    11:59:20.0966 0x0fbc vhdmp - ok
    11:59:20.0998 0x0fbc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    11:59:20.0998 0x0fbc viaide - ok
    11:59:21.0013 0x0fbc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    11:59:21.0013 0x0fbc volmgr - ok
    11:59:21.0044 0x0fbc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    11:59:21.0044 0x0fbc volmgrx - ok
    11:59:21.0076 0x0fbc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    11:59:21.0076 0x0fbc volsnap - ok
    11:59:21.0091 0x0fbc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    11:59:21.0107 0x0fbc vsmraid - ok
    11:59:21.0185 0x0fbc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    11:59:21.0216 0x0fbc VSS - ok
    11:59:21.0232 0x0fbc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    11:59:21.0232 0x0fbc vwifibus - ok
    11:59:21.0247 0x0fbc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    11:59:21.0247 0x0fbc vwififlt - ok
    11:59:21.0263 0x0fbc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    11:59:21.0278 0x0fbc W32Time - ok
    11:59:21.0278 0x0fbc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    11:59:21.0278 0x0fbc WacomPen - ok
    11:59:21.0294 0x0fbc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    11:59:21.0294 0x0fbc WANARP - ok
    11:59:21.0310 0x0fbc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    11:59:21.0310 0x0fbc Wanarpv6 - ok
    11:59:21.0372 0x0fbc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    11:59:21.0403 0x0fbc WatAdminSvc - ok
    11:59:21.0450 0x0fbc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    11:59:21.0481 0x0fbc wbengine - ok
    11:59:21.0512 0x0fbc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    11:59:21.0512 0x0fbc WbioSrvc - ok
    11:59:21.0528 0x0fbc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    11:59:21.0544 0x0fbc wcncsvc - ok
    11:59:21.0559 0x0fbc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    11:59:21.0559 0x0fbc WcsPlugInService - ok
    11:59:21.0559 0x0fbc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
    11:59:21.0575 0x0fbc Wd - ok
    11:59:21.0590 0x0fbc [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
    11:59:21.0590 0x0fbc WDC_SAM - ok
    11:59:21.0653 0x0fbc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    11:59:21.0668 0x0fbc Wdf01000 - ok
    11:59:21.0700 0x0fbc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
    11:59:21.0700 0x0fbc WdiServiceHost - ok
    11:59:21.0700 0x0fbc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
    11:59:21.0715 0x0fbc WdiSystemHost - ok
    11:59:21.0746 0x0fbc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    11:59:21.0746 0x0fbc WebClient - ok
    11:59:21.0762 0x0fbc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    11:59:21.0762 0x0fbc Wecsvc - ok
    11:59:21.0762 0x0fbc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    11:59:21.0778 0x0fbc wercplsupport - ok
    11:59:21.0778 0x0fbc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    11:59:21.0778 0x0fbc WerSvc - ok
    11:59:21.0809 0x0fbc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    11:59:21.0809 0x0fbc WfpLwf - ok
    11:59:21.0824 0x0fbc [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
    11:59:21.0824 0x0fbc WimFltr - ok
    11:59:21.0840 0x0fbc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    11:59:21.0840 0x0fbc WIMMount - ok
    11:59:21.0871 0x0fbc WinDefend - ok
    11:59:21.0887 0x0fbc WinHttpAutoProxySvc - ok
    11:59:21.0934 0x0fbc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    11:59:21.0934 0x0fbc Winmgmt - ok
    11:59:22.0043 0x0fbc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
    11:59:22.0074 0x0fbc WinRM - ok
    11:59:22.0105 0x0fbc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
    11:59:22.0105 0x0fbc WinUsb - ok
    11:59:22.0152 0x0fbc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    11:59:22.0168 0x0fbc Wlansvc - ok
    11:59:22.0230 0x0fbc [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    11:59:22.0230 0x0fbc wlcrasvc - ok
    11:59:22.0324 0x0fbc [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    11:59:22.0355 0x0fbc wlidsvc - ok
    11:59:22.0370 0x0fbc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    11:59:22.0386 0x0fbc WmiAcpi - ok
    11:59:22.0417 0x0fbc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    11:59:22.0417 0x0fbc wmiApSrv - ok
    11:59:22.0448 0x0fbc WMPNetworkSvc - ok
    11:59:22.0480 0x0fbc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    11:59:22.0480 0x0fbc WPCSvc - ok
    11:59:22.0495 0x0fbc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    11:59:22.0495 0x0fbc WPDBusEnum - ok
    11:59:22.0511 0x0fbc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    11:59:22.0511 0x0fbc ws2ifsl - ok
    11:59:22.0526 0x0fbc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
    11:59:22.0526 0x0fbc wscsvc - ok
    11:59:22.0526 0x0fbc WSearch - ok
    11:59:22.0620 0x0fbc [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
    11:59:22.0667 0x0fbc wuauserv - ok
    11:59:22.0698 0x0fbc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    11:59:22.0698 0x0fbc WudfPf - ok
    11:59:22.0714 0x0fbc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    11:59:22.0729 0x0fbc WUDFRd - ok
    11:59:22.0745 0x0fbc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    11:59:22.0760 0x0fbc wudfsvc - ok
    11:59:22.0792 0x0fbc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    11:59:22.0807 0x0fbc WwanSvc - ok
    11:59:22.0807 0x0fbc ================ Scan global ===============================
    11:59:22.0823 0x0fbc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    11:59:22.0870 0x0fbc [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
    11:59:22.0885 0x0fbc [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
    11:59:22.0916 0x0fbc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    11:59:22.0963 0x0fbc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
    11:59:22.0963 0x0fbc [ Global ] - ok
    11:59:22.0963 0x0fbc ================ Scan MBR ==================================
    11:59:22.0979 0x0fbc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    11:59:23.0166 0x0fbc \Device\Harddisk0\DR0 - ok
    11:59:23.0166 0x0fbc ================ Scan VBR ==================================
    11:59:23.0166 0x0fbc [ F603F70A12CA388555F885BDF0C3E71B ] \Device\Harddisk0\DR0\Partition1
    11:59:23.0166 0x0fbc \Device\Harddisk0\DR0\Partition1 - ok
    11:59:23.0182 0x0fbc [ 061A926CA0B8AF7E7707D254CF0AA095 ] \Device\Harddisk0\DR0\Partition2
    11:59:23.0182 0x0fbc \Device\Harddisk0\DR0\Partition2 - ok
    11:59:23.0182 0x0fbc ================ Scan generic autorun ======================
    11:59:23.0197 0x0fbc [ 43F00115C2FF39F2E1152A6AE1D85296, C6C138908A996273BA692E341072272E27366A1CCBEA393CE0C0A51AC186BFD4 ] C:\Windows\system32\igfxtray.exe
    11:59:23.0213 0x0fbc IgfxTray - ok
    11:59:23.0228 0x0fbc [ 77F436CF85CEC9FF73BDB418261F65F0, 66CE80AE5224881BC4AB338534F16FBA1ADBE45D4B38E9C1485DB016623A77B1 ] C:\Windows\system32\hkcmd.exe
    11:59:23.0244 0x0fbc HotKeysCmds - ok
    11:59:23.0260 0x0fbc [ 3636EF5F0FB848F195BEF6D217D43935, CAC2E5277EAF6FB0B59D48E1BA7FD713F5689E267341E7B6ADDACF40A8DC4C12 ] C:\Windows\system32\igfxpers.exe
    11:59:23.0275 0x0fbc Persistence - ok
    11:59:23.0400 0x0fbc [ 1136B11FB4B6A598051BD9648A798F7C, 9019F8479325959F8DC7415E5607AE7B90B6755F435D4E3D0E90D44CD25C2BCD ] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    11:59:23.0431 0x0fbc Stage Remote - ok
    11:59:23.0462 0x0fbc [ E7048263BD470D9328E1E82E5798C941, 8C7E19D68315B2BF8B2AF71B1AE13B52C4008739C35CEFFCEA62817E9E1A4D7D ] C:\Program Files\BOINC\boinctray.exe
    11:59:23.0462 0x0fbc boinctray - ok
    11:59:23.0743 0x0fbc [ 7F6F0D0F619141EAA9F8CB9054A91A91, 0776593C4746E455BD6F77F791CEB066BC56D8123253003388D6661086B486BB ] C:\Program Files\BOINC\boincmgr.exe
    11:59:23.0946 0x0fbc boincmgr - ok
    11:59:23.0977 0x0fbc [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
    11:59:23.0993 0x0fbc iTunesHelper - ok
    11:59:24.0024 0x0fbc [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    11:59:24.0024 0x0fbc RemoteControl9 - ok
    11:59:24.0040 0x0fbc [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
    11:59:24.0055 0x0fbc PDVD9LanguageShortcut - ok
    11:59:24.0102 0x0fbc [ 814B913346119771CA458F34ADFC16A5, 31841992C83F8FE01CED6B0E47C3B08F3F202B37813C67E73074652625932F14 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
    11:59:24.0118 0x0fbc mcui_exe - ok
    11:59:24.0149 0x0fbc [ A7749965A3923D024922A86BAAECAFF4, 70CC52E58881F405B334EDE68913EAB1B7FADBFB19B92F42B40E4737C6F073F7 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
    11:59:24.0149 0x0fbc RoxWatchTray - ok
    11:59:24.0211 0x0fbc [ 4164A47F3A2DA7EA44572904C3DF44A4, 192097A694949269CD642C4F832715F48F4448669951D027DBECE9D873E9DA94 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    11:59:24.0211 0x0fbc Desktop Disc Tool - ok
    11:59:24.0289 0x0fbc [ 53EDBE9C1D6B0CEC11A573852B5B6DAD, E4A6B00AA93F2E8BBA7149601A37D7388E0A5EC48CD95A0BD94939FD96726811 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    11:59:24.0305 0x0fbc AccuWeatherWidget - ok
    11:59:24.0352 0x0fbc [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    11:59:24.0352 0x0fbc APSDaemon - ok
    11:59:24.0398 0x0fbc [ A55FB42F0642DBF4817543A58E97721F, A4A8986EA050B1216D85749AB705EB36FE9D0FE0E833281DC63732B1FD4E4687 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    11:59:24.0414 0x0fbc SunJavaUpdateSched - ok
    11:59:24.0476 0x0fbc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    11:59:24.0508 0x0fbc Sidebar - ok
    11:59:24.0523 0x0fbc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    11:59:24.0523 0x0fbc mctadmin - ok
    11:59:24.0570 0x0fbc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    11:59:24.0601 0x0fbc Sidebar - ok
    11:59:24.0601 0x0fbc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    11:59:24.0617 0x0fbc mctadmin - ok
    11:59:24.0632 0x0fbc Skype - ok
    11:59:24.0913 0x0fbc [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe
    11:59:25.0038 0x0fbc Amazon Music - ok
    11:59:25.0116 0x0fbc [ EADC02F7D3B46E152704BA64D7CB90FA, 4357850EEC0DE0E41210F405C821C9FAD6E25E53C745CF34F3984EA4294A144B ] C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    11:59:25.0132 0x0fbc OneDrive - ok
    11:59:25.0163 0x0fbc [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
    11:59:25.0178 0x0fbc RESTART_STICKY_NOTES - ok
    11:59:25.0444 0x0fbc [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
    11:59:25.0724 0x0fbc CCleaner Monitoring - ok
    11:59:25.0771 0x0fbc [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
    11:59:25.0896 0x0fbc Uninstall C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512 - ok
    11:59:26.0036 0x0fbc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Orrin JNR\AppData\Local\Google\Update\GoogleUpdate.exe
    11:59:26.0036 0x0fbc Google Update - ok
    11:59:26.0052 0x0fbc AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
    11:59:26.0052 0x0fbc FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
    11:59:28.0502 0x0fbc ============================================================
    11:59:28.0502 0x0fbc Scan finished
    11:59:28.0502 0x0fbc ============================================================
    11:59:28.0502 0x1630 Detected object count: 0
    11:59:28.0502 0x1630 Actual detected object count: 0

  10. #50

    Re: Arte,is Trojan

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
    Ran by Thomas (administrator) on TRUSTNO1 (26-07-2015 18:30:53)
    Running from C:\Users\Thomas\Desktop
    Loaded Profiles: Thomas (Available Profiles: Thomas & Orrin JNR & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe
    (Microsoft Corporation) C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
    () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
    () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
    (Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    (McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.5.450.0\McCSPServiceHost.exe
    (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
    (Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
    HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [68928 2015-03-09] (Space Sciences Laboratory)
    HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8926016 2015-03-09] (Space Sciences Laboratory)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
    HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [616272 2015-05-13] (McAfee, Inc.)
    HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
    HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
    HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [Amazon Music] => C:\Users\Thomas\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [OneDrive] => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-05-16]
    ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-05-16]
    ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-05-09]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK | Hotmail, Outlook, Skype, Bing, Latest News, Photos and Videos
    SearchScopes: HKLM -> DefaultScope {85792A8A-7A83-489E-B721-6BB37F588547} URL = {searchTerms} - Bing
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {85792A8A-7A83-489E-B721-6BB37F588547} URL = {searchTerms} - Bing
    SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> DefaultScope {3E07DD06-74DA-40AE-BDE1-17C0C96D0B5F} URL =
    SearchScopes: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> {85792A8A-7A83-489E-B721-6BB37F588547} URL =
    BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-16] (McAfee)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-16] (McAfee)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26] (Google Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
    Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-05-16] (McAfee)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-05-16] (McAfee)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26] (Google Inc.)
    Toolbar: HKU\S-1-5-21-3274687172-3602840966-2228239552-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-26] (Google Inc.)
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-04] (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-07-03] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{C26CA279-BBF7-491E-B132-D5F37BECB17B}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{C26CA279-BBF7-491E-B132-D5F37BECB17B}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{F13B5C3E-1806-49BF-B144-72AD2F5D28E0}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{F13B5C3E-1806-49BF-B144-72AD2F5D28E0}: [DhcpNameServer] 192.168.1.254
    FireFox:
    ========
    FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\t4jv6mph.default
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF Keyword.URL: https://uk.search.yahoo.com/search?f...GB0D20150516&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-04] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-26] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-05-08] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-17]
    FF Extension: McAfee SafeKey - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\t4jv6mph.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2015-05-16]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-16]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-05-16]
    FF HKU\S-1-5-21-3274687172-3602840966-2228239552-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-13]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-13]
    CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-01]
    ==================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-03] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
    S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
    R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-05-08] (McAfee, Inc.)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
    R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-03] (Duplex Secure Ltd.)
    ==================== NetSvcs (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2015-07-26 20:03 - 2015-07-26 20:12 - 00024576 _____ C:\BCD_Backup
    2015-07-26 20:03 - 2015-07-26 20:12 - 00021504 ___SH C:\BCD_Backup.LOG
    2015-07-26 18:30 - 2015-07-26 18:32 - 00024599 _____ C:\Users\Thomas\Desktop\FRST.txt
    2015-07-26 18:30 - 2015-07-26 18:30 - 00000000 ____D C:\Users\Thomas\Desktop\FRST-OlderVersion
    2015-07-26 16:03 - 2015-07-26 16:03 - 00000000 ___HD C:\OneDriveTemp
    2015-07-26 16:01 - 2015-07-26 16:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
    2015-07-26 13:55 - 2015-07-26 17:48 - 00201701 _____ C:\Windows\WindowsUpdate.log
    2015-07-26 12:13 - 2015-04-27 08:02 - 00198448 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
    2015-07-26 12:12 - 2015-05-08 01:42 - 00076064 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
    2015-07-26 11:50 - 2015-07-26 11:50 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
    2015-07-26 11:45 - 2015-07-26 11:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-07-26 11:40 - 2015-07-26 12:41 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
    2015-07-26 11:40 - 2015-07-26 11:40 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-26 11:35 - 2015-07-26 18:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-07-26 11:35 - 2015-07-26 16:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-07-26 11:34 - 2015-07-26 18:28 - 00000000 ____D C:\Users\Thomas\Desktop\mbar
    2015-07-26 11:34 - 2015-07-26 16:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-07-26 11:34 - 2015-07-24 22:22 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.09.1.1004.exe
    2015-07-24 20:40 - 2015-07-26 03:54 - 00016828 _____ C:\FRST.txt
    2015-07-24 20:36 - 2015-07-26 18:32 - 00000000 ____D C:\FRST
    2015-07-23 10:37 - 2015-07-26 18:30 - 02146816 _____ (Farbar) C:\Users\Thomas\Desktop\FRST64.exe
    2015-07-21 21:29 - 2015-07-21 21:25 - 00002289 _____ C:\Users\Thomas\Desktop\SFCFix.zip
    2015-07-21 21:24 - 2015-07-21 21:25 - 00002289 _____ C:\Users\Thomas\Downloads\SFCFix.zip
    2015-07-17 23:37 - 2015-07-21 21:51 - 00000000 ____D C:\Users\Thomas\AppData\Local\niemiro
    2015-07-17 14:03 - 2015-07-17 14:03 - 00000387 _____ C:\Users\Thomas\Desktop\copy.txt
    2015-07-17 13:56 - 2015-07-17 13:57 - 00000000 ____D C:\Users\Thomas\copy
    2015-07-17 13:55 - 2015-07-17 13:55 - 00000000 ____D C:\Users\Thomas\Downloads\Copy
    2015-07-17 12:11 - 2015-07-21 21:51 - 00003148 _____ C:\Users\Thomas\Desktop\SFCFix.txt
    2015-07-17 12:11 - 2015-07-21 21:51 - 00000000 ____D C:\SFCFix
    2015-07-17 11:50 - 2015-07-17 11:55 - 00003212 _____ C:\Users\Thomas\sfcdetails.txt
    2015-07-16 08:06 - 2015-07-16 08:06 - 00000000 ____D C:\Quarantine
    2015-07-16 07:56 - 2015-07-17 12:37 - 00000000 ____D C:\Program Files (x86)\stinger
    2015-07-16 07:55 - 2015-07-23 04:41 - 00000000 ____D C:\Users\Thomas\Downloads\stinger32-epo
    2015-07-15 22:35 - 2015-07-15 22:35 - 00000000 ____D C:\Users\Thomas\Desktop\McAfee File Lock
    2015-07-15 21:14 - 2015-07-15 22:18 - 00095802 _____ C:\Users\Thomas\Desktop\sfcdetails.txt
    2015-07-15 20:58 - 2015-07-15 20:58 - 00000000 ____D C:\Users\Thomas\McAfee File Lock
    2015-07-14 12:26 - 2015-07-26 16:00 - 00009018 _____ C:\Windows\PFRO.log
    2015-07-13 21:45 - 2015-07-26 16:01 - 00000224 _____ C:\Windows\setupact.log
    2015-07-13 21:45 - 2015-07-13 21:45 - 00000000 _____ C:\Windows\setuperr.log
    2015-07-13 21:16 - 2015-07-13 21:16 - 00000000 ____D C:\Windows\system32\McAfee File Lock
    2015-07-03 15:35 - 2015-07-12 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-06-28 19:52 - 2015-06-29 10:12 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\vlc
    2015-06-28 19:50 - 2015-06-28 19:50 - 00001032 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2015-06-28 19:50 - 2015-06-28 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-06-28 19:49 - 2015-06-28 19:49 - 28849904 _____ C:\Users\Thomas\Downloads\vlc-2.2.1-win32.exe
    2015-06-28 19:49 - 2015-06-28 19:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
    ==================== One Month Modified files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2015-07-26 18:23 - 2012-05-01 13:08 - 00000000 ____D C:\ProgramData\McAfee
    2015-07-26 18:21 - 2012-09-02 18:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-26 18:17 - 2013-03-28 22:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-07-26 18:08 - 2014-05-14 20:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
    2015-07-26 18:06 - 2012-05-08 18:19 - 00000000 ____D C:\ProgramData\BOINC
    2015-07-26 16:39 - 2012-05-01 12:52 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
    2015-07-26 16:21 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-07-26 16:21 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-07-26 16:14 - 2015-04-04 11:44 - 00004978 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for trustno1-Thomas trustno1
    2015-07-26 16:07 - 2013-10-23 15:27 - 00000000 ____D C:\ProgramData\boost_interprocess
    2015-07-26 16:05 - 2015-05-16 08:52 - 00000000 __RSD C:\Users\Thomas\Documents\McAfee Vaults
    2015-07-26 16:03 - 2012-12-22 12:26 - 00000000 ___RD C:\Users\Thomas\SkyDrive
    2015-07-26 16:03 - 2012-05-01 13:15 - 00000000 ____D C:\ProgramData\Sonic
    2015-07-26 16:02 - 2012-09-02 18:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-26 16:02 - 2012-05-01 13:26 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2015-07-26 16:02 - 2012-05-01 13:26 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2015-07-26 16:01 - 2015-05-16 08:49 - 00000000 ____D C:\Program Files (x86)\McAfee
    2015-07-26 16:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-07-26 16:00 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
    2015-07-26 14:09 - 2012-05-08 18:00 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
    2015-07-26 14:04 - 2012-05-09 14:00 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
    2015-07-26 14:03 - 2012-05-08 18:00 - 00003450 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
    2015-07-26 12:16 - 2012-09-02 18:09 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-26 12:16 - 2012-09-02 18:09 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-26 12:15 - 2012-05-01 13:08 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2015-07-26 11:58 - 2015-04-04 11:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2015-07-26 11:36 - 2015-02-15 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-07-26 11:35 - 2009-07-14 06:13 - 00006506 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-07-24 08:28 - 2014-08-09 14:12 - 00000000 ____D C:\Users\Guest
    2015-07-24 08:28 - 2012-07-15 16:50 - 00000000 ____D C:\Users\Orrin JNR
    2015-07-24 08:28 - 2012-05-08 17:58 - 00000000 ____D C:\Users\Thomas
    2015-07-24 08:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
    2015-07-24 08:27 - 2015-05-16 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-07-24 08:27 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
    2015-07-24 08:27 - 2012-11-29 20:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\uTorrent
    2015-07-24 08:27 - 2012-05-09 21:20 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2015-07-24 08:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
    2015-07-24 08:22 - 2012-05-01 13:08 - 00000000 ____D C:\Program Files\mcafee
    2015-07-16 04:47 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
    2015-07-14 22:17 - 2013-03-28 22:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-07-14 22:17 - 2012-05-01 12:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-07-14 22:17 - 2012-05-01 12:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-14 21:49 - 2012-07-15 21:24 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3274687172-3602840966-2228239552-1006Core.job
    2015-07-14 12:26 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-07-13 19:53 - 2014-08-21 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-07-12 18:00 - 2012-05-08 18:00 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2015-07-12 17:47 - 2014-11-12 09:47 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieBrowserModeList
    2015-07-12 17:47 - 2014-04-30 18:30 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieUserList
    2015-07-12 17:47 - 2014-04-30 18:30 - 00000000 __SHD C:\Users\Thomas\AppData\Local\EmieSiteList
    2015-07-05 04:00 - 2012-05-08 18:00 - 00004268 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
    2015-07-02 21:51 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-07-02 15:33 - 2015-02-17 14:38 - 00412440 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeaack.sys
    2015-07-02 15:33 - 2014-10-01 12:20 - 00077536 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
    2015-07-02 15:33 - 2014-10-01 12:18 - 00344704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
    2015-07-02 15:33 - 2014-10-01 12:16 - 00875928 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
    2015-07-02 15:33 - 2014-10-01 12:15 - 00496888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
    2015-07-02 15:33 - 2014-10-01 12:14 - 00347800 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
    2015-06-29 10:03 - 2015-05-16 08:45 - 00254792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
    2015-06-26 12:30 - 2014-11-09 20:44 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-06-26 12:30 - 2012-05-01 12:54 - 00000000 ____D C:\ProgramData\Skype
    ==================== Files in the root of some directories =======
    2015-05-16 08:57 - 2015-05-16 08:57 - 32371688 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2012-12-03 12:51 - 2012-12-03 20:46 - 0099384 _____ () C:\Users\Thomas\AppData\Roaming\inst.exe
    2012-12-03 12:51 - 2012-12-03 20:46 - 0007859 _____ () C:\Users\Thomas\AppData\Roaming\pcouffin.cat
    2012-12-03 12:51 - 2012-12-03 20:46 - 0001167 _____ () C:\Users\Thomas\AppData\Roaming\pcouffin.inf
    2012-12-03 12:51 - 2012-12-03 20:46 - 0082816 _____ (VSO Software) C:\Users\Thomas\AppData\Roaming\pcouffin.sys
    2013-07-13 13:39 - 2014-12-30 15:40 - 0028672 _____ () C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-03-25 19:12 - 2013-03-25 19:12 - 0000017 _____ () C:\Users\Thomas\AppData\Local\resmon.resmoncfg
    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-07-14 12:56
    ==================== End of log ============================

  11. #51
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,716

    Re: Arte,is Trojan

    That TDSS log is enough to make a person dizzy! The bottom line, however is good:

    11:59:28.0502 0x1630 Detected object count: 0
    11:59:28.0502 0x1630 Actual detected object count: 0

    I would like to see the last fixlog.txt, please, and tell me how your computer is working now.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  12. #52

    Re: Arte,is Trojan

    Quote Originally Posted by Corrine View Post
    That TDSS log is enough to make a person dizzy! The bottom line, however is good:
    11:59:28.0502 0x1630 Detected object count: 0
    11:59:28.0502 0x1630 Actual detected object count: 0

    I would like to see the last fixlog.txt, please, and tell me how your computer is working now.
    PC appears stable now, I am currently backing it up.

    Thank you for all your efforts, I'll have to lock the PC down more as it is used by the kids.

    Regards

    OT008239

  13. #53
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,716

    Re: Arte,is Trojan

    Since the FRST scan was run from the Thomas account. If that is one of your children's account,create a new Administrator account for yourself and change that along with the Orrin JNR account to limited user account. Also, disable the Guest account.

    In the event you need assistance doing that, see the following Windows Help documents:

    Change a user's account type - Windows Help
    Turn the guest account on or off - Windows Help
    Set up Parental Controls - Windows Help

    You will also want to update Firefox. If the standard version is installed, it needs to be updated to Version 39. The ESR version is currently 31.8.
    Evyatar says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Page 3 of 3 First 123

Similar Threads

  1. Sabpab, New Mac OS X Backdoor Trojan
    By Corrine in forum Security News
    Replies: 0
    Last Post: 04-13-2012, 08:35 PM
  2. OSX/Flashback Trojan
    By Corrine in forum Security News
    Replies: 1
    Last Post: 04-13-2012, 08:30 PM

Log in

Log in