Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

udmserve.net


  • Please log in to reply
10 replies to this topic

#1 tonywiseman54

tonywiseman54

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 03 January 2014 - 03:55 AM

I am running Windows 7 and seem to have been infected with some malware that is causing ads to pop up which have a very annoying little spaceship runnuing across the ad and firing noisy rockets around. The ads seem to come from usmserve.net. I would very much like to hijack the spaceship and fire one of its rockets on itself to destroy it - but I guess I need to find some appropriate malware removal program instead.  Can anyone help. Have already used malwarebyte Anti-malware Free - it found 8 items and quarantined them after which i removed them. The ads still pop up.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 03 January 2014 - 04:17 AM

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 


Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

 

 


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

 

 

 

  • Please download Adware cleaner from the link below.
  • http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
  • Save it to your desktop.
  • Right click run as admin.
  • Hit the scan button.
  • Allow completion.
  • Make sure all items are ticked.
  • Hit the clean button.
  • Even if no items are displayed to be ticked hit the clean button anyway.
  • The machine will reboot this is normal.
  • Post the log in your next reply.

 

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.

    H2HaYv4.png
  2. Post the log when it's finished.


#3 tonywiseman54

tonywiseman54
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 03 January 2014 - 05:25 AM

Hi,

 

Thanks for prompt reply.

 

 

1)   MiniToolBox by Farbar  Version: 18-12-2013
Ran by Tony Wiseman (administrator) on 03-01-2014 at 09:26:46
Running from "C:\Users\Tony Wiseman\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : BackOffice2
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E8-9A-8F-8B-EF-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.128(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 03 January 2014 07:53:24
   Lease Expires . . . . . . . . . . : 04 January 2014 07:53:24
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:24e3:2c80:3f57:fe7f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::24e3:2c80:3f57:fe7f%19(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  O2WirelessBox.lan
Address:  192.168.1.254

Name:    google.com
Addresses:  2a00:1450:4009:804::1007
      173.194.34.136
      173.194.34.133
      173.194.34.135
      173.194.34.132
      173.194.34.130
      173.194.34.134
      173.194.34.142
      173.194.34.137
      173.194.34.128
      173.194.34.131
      173.194.34.129


Pinging google.com [173.194.41.102] with 32 bytes of data:
Reply from 173.194.41.102: bytes=32 time=15ms TTL=58
Reply from 173.194.41.102: bytes=32 time=14ms TTL=58

Ping statistics for 173.194.41.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server:  O2WirelessBox.lan
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=165ms TTL=51
Reply from 98.138.253.109: bytes=32 time=161ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 161ms, Maximum = 165ms, Average = 163ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...e8 9a 8f 8b ef cd ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.128     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.128    276
    192.168.1.128  255.255.255.255         On-link     192.168.1.128    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.128    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.128    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.128    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 19     58 2001::/32                On-link
 19    306 2001:0:5ef5:79fb:24e3:2c80:3f57:fe7f/128
                                    On-link
 19    306 fe80::/64                On-link
 19    306 fe80::24e3:2c80:3f57:fe7f/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/03/2014 07:55:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 07:53:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: HPAuto.exe, version: 1.0.12935.3667, time stamp: 0x4d5cc461
Faulting module name: HPAuto.exe, version: 1.0.12935.3667, time stamp: 0x4d5cc461
Exception code: 0xc0000005
Fault offset: 0x0000000000007be2
Faulting process id: 0xa50
Faulting application start time: 0xHPAuto.exe0
Faulting application path: HPAuto.exe1
Faulting module path: HPAuto.exe2
Report Id: HPAuto.exe3

Error: (01/02/2014 00:32:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/01/2014 11:11:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2014 11:11:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: HPAuto.exe, version: 1.0.12935.3667, time stamp: 0x4d5cc461
Faulting module name: HPAuto.exe, version: 1.0.12935.3667, time stamp: 0x4d5cc461
Exception code: 0xc0000005
Fault offset: 0x0000000000007be2
Faulting process id: 0xa30
Faulting application start time: 0xHPAuto.exe0
Faulting application path: HPAuto.exe1
Faulting module path: HPAuto.exe2
Report Id: HPAuto.exe3

Error: (01/01/2014 00:32:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/29/2013 07:34:55 PM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = MDIForm
Procedure Name = Timer1_Timer
Error Number = 3043
Error Description = Disk or network error.

Error: (12/29/2013 07:34:43 PM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = frmWaitingPatients
Procedure Name = GetData
Error Number = 91
Error Description = Object variable or With block variable not set

Error: (12/29/2013 07:34:36 PM) (Source: VBRuntime) (User: )
Description: The VB Application identified by the event source logged this Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = DataLink.cls SQL:SELECT * FROM tblPatientVisits WHERE VisitDate = #29 Dec 2013# AND Not Hidden
Procedure Name = LoadRecordset
Error Number = 3043
Error Description = Disk or network error.

Error: (12/29/2013 10:52:22 AM) (Source: Application Error) (User: )
Description: Faulting application name: Optisoft.exe, version: 7.0.0.13, time stamp: 0x4e447837
Faulting module name: oc30.dll, version: 3.20.0.0, time stamp: 0x2fc10ea3
Exception code: 0xc0000005
Fault offset: 0x000532ae
Faulting process id: 0x%9
Faulting application start time: 0xOptisoft.exe0
Faulting application path: Optisoft.exe1
Faulting module path: Optisoft.exe2
Report Id: Optisoft.exe3


System errors:
=============
Error: (01/03/2014 07:55:41 AM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (01/03/2014 07:54:30 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/03/2014 07:54:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (01/03/2014 07:53:41 AM) (Source: Service Control Manager) (User: )
Description: The HP Auto service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/03/2014 07:53:23 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847

Error: (01/01/2014 11:13:07 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (01/01/2014 11:11:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/01/2014 11:11:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (01/01/2014 11:11:45 PM) (Source: Service Control Manager) (User: )
Description: The HP Auto service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/01/2014 11:11:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPAuto service.


Microsoft Office Sessions:
=========================
Error: (01/03/2014 07:55:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 07:53:39 AM) (Source: Application Error)(User: )
Description: HPAuto.exe1.0.12935.36674d5cc461HPAuto.exe1.0.12935.36674d5cc461c00000050000000000007be2a5001cf0858e1839c26C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exeC:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe2792ead8-744c-11e3-96a5-e89a8f8befcd

Error: (01/02/2014 00:32:25 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/01/2014 11:11:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2014 11:11:05 PM) (Source: Application Error)(User: )
Description: HPAuto.exe1.0.12935.36674d5cc461HPAuto.exe1.0.12935.36674d5cc461c00000050000000000007be2a3001cf0746b73270f0C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exeC:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exefcd7e4e9-7339-11e3-9c9d-e89a8f8befcd

Error: (01/01/2014 00:32:34 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (12/29/2013 07:34:55 PM) (Source: VBRuntime)(User: )
Description: Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = MDIForm
Procedure Name = Timer1_Timer
Error Number = 3043
Error Description = Disk or network error.

Error: (12/29/2013 07:34:43 PM) (Source: VBRuntime)(User: )
Description: Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = frmWaitingPatients
Procedure Name = GetData
Error Number = 91
Error Description = Object variable or With block variable not set

Error: (12/29/2013 07:34:36 PM) (Source: VBRuntime)(User: )
Description: Application OptomNotes: Thread ID: 6460 ,Logged: An error has occurred in OptomNotes
Please contact Support

Form Name = DataLink.cls SQL:SELECT * FROM tblPatientVisits WHERE VisitDate = #29 Dec 2013# AND Not Hidden
Procedure Name = LoadRecordset
Error Number = 3043
Error Description = Disk or network error.

Error: (12/29/2013 10:52:22 AM) (Source: Application Error)(User: )
Description: Optisoft.exe7.0.0.134e447837oc30.dll3.20.0.02fc10ea3c0000005000532ae


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
ACE Stream Media 2.0.13.1 (Version: 2.0.13.1)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Airport Mania (Version: 2.2.0.95)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.774.0)
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (Version: 1.1.64.56)
Azteca (Version: 2.2.0.95)
B110 (Version: 140.0.283.000)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blasterball 3 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
BufferChm (Version: 140.0.212.000)
Build-a-lot (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435)
Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435)
Catalyst Control Center Localization All (Version: 2010.0511.2153.37435)
CCC Help Chinese Standard (Version: 2010.0511.2152.37435)
CCC Help Chinese Traditional (Version: 2010.0511.2152.37435)
CCC Help Czech (Version: 2010.0511.2152.37435)
CCC Help Danish (Version: 2010.0511.2152.37435)
CCC Help Dutch (Version: 2010.0511.2152.37435)
CCC Help English (Version: 2010.0511.2152.37435)
CCC Help Finnish (Version: 2010.0511.2152.37435)
CCC Help French (Version: 2010.0511.2152.37435)
CCC Help German (Version: 2010.0511.2152.37435)
CCC Help Greek (Version: 2010.0511.2152.37435)
CCC Help Hungarian (Version: 2010.0511.2152.37435)
CCC Help Italian (Version: 2010.0511.2152.37435)
CCC Help Japanese (Version: 2010.0511.2152.37435)
CCC Help Korean (Version: 2010.0511.2152.37435)
CCC Help Norwegian (Version: 2010.0511.2152.37435)
CCC Help Polish (Version: 2010.0511.2152.37435)
CCC Help Portuguese (Version: 2010.0511.2152.37435)
CCC Help Russian (Version: 2010.0511.2152.37435)
CCC Help Spanish (Version: 2010.0511.2152.37435)
CCC Help Swedish (Version: 2010.0511.2152.37435)
CCC Help Thai (Version: 2010.0511.2152.37435)
CCC Help Turkish (Version: 2010.0511.2152.37435)
ccc-core-static (Version: 2010.0511.2153.37435)
ccc-utility64 (Version: 2010.0511.2153.37435)
Chuzzle Deluxe (Version: 2.2.0.95)
Coupon Printer for Windows (Version: 5.0.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dora's World Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP TouchSmart Video (Version: 4.1.4412)
ESET NOD32 Antivirus (Version: 7.0.302.26)
Facebook for HP TouchSmart (Version: 1.1.0004)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Google Chrome (Version: 31.0.1650.63)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
GPBaseService2 (Version: 140.0.211.000)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Games (Version: 1.0.2.4)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Keyboard (Version: 1.5.0.3)
HP LinkUp (Version: 2.01.026)
HP My Display TouchSmart Edition (Version: 1.03.021)
HP Odometer (Version: 2.10.0000)
HP Officejet 6700 Basic Device Software (Version: 25.0.619.0)
HP Officejet 6700 Help (Version: 140.0.2.2)
HP Officejet 6700 Product Improvement Study (Version: 25.0.619.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart 7520 series Basic Device Software (Version: 28.0.1315.0)
HP Photosmart 7520 series Help (Version: 28.0.0)
HP Photosmart 7520 series Product Improvement Study (Version: 28.0.1315.0)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Remote Solution (Version: 1.1.14.0)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Support Information (Version: 10.1.1000)
HP TouchSmart (Version: 4.0.41.0)
HP TouchSmart Apps Center (Version: 4.0.0.1)
HP TouchSmart Browser (Version: 4.1.0012)
HP TouchSmart Calendar (Version: 4.1.3869.29064)
HP TouchSmart Canvas (Version: 2.0.3917.26233)
HP TouchSmart Clock (Version: 3.1.3881.29051)
HP TouchSmart Default Magnets (Version: 1.0.0.0)
HP TouchSmart eBay (Version: 1.0.4025.15222)
HP TouchSmart Music (Version: 4.2.4913)
HP TouchSmart Notes (Version: 4.1.3916.21107)
HP TouchSmart Photo (Version: 4.2.4913)
HP TouchSmart RecipeBox (Version: 3.0.3830.27730)
HP TouchSmart RSS (Version: 4.1.0009)
HP TouchSmart Tutorials (Version: 3.2.0.2)
HP TouchSmart Twitter (Version: 3.0.4024.33750)
HP TouchSmart Video (Version: 4.2.4928)
HP TouchSmart Webcam (Version: 4.2.3603)
HP Update (Version: 5.003.003.001)
HP Vision Hardware Diagnostics (Version: 2.5.0.0)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
I.R.I.S. OCR (Version: 12.3.4.0)
iExplorer 3.2.5.2
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3609)
LogMeIn (Version: 4.1.3426)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 140.0.212.000)
Marketsplash Shortcuts (Version: 1.0.1.7)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Word 2010 (Version: 14.0.7015.1000)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Movie Theme Pack for HP TouchSmart Video (Version: 4.1.4412)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MusicStation (Version: 1.0.1.25)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
OpenOffice 4.0.1 (Version: 4.01.9714)
Optisoft Enterprise (Version: 7.0.13)
OptomNotes (Version: 1.0.110)
PDF Complete Special Edition (Version: 4.0.35)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4817)
PressReader (Version: 5.10.1217.0)
PS_AIO_07_B110_SW_Min (Version: 140.0.142.000)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
R.U.S.E. for TouchSmart (Version: 1.0.0.0)
Rapport (Version: 3.5.1205.20)
Rapport (Version: 3.5.1304.29)
Realtek High Definition Audio Driver (Version: 6.0.1.6156)
Recovery Manager (Version: 5.5.3621)
Remote Graphics Receiver (Version: 5.4.5)
Scan (Version: 140.0.80.000)
SDK (Version: 2.26.005)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies (Version: 14.0)
Slingo Deluxe (Version: 2.2.0.95)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
SopCast 3.5.0 (Version: 3.5.0)
Status (Version: 140.0.256.000)
Steam (Version: 1.0.0.0)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Trusteer Endpoint Protection (Version: 3.5.1304.29)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 2.0.2 (Version: 2.0.2)
WebReg (Version: 140.0.212.017)
WebSlingPlayer ActiveX (Version: 1.5.14755)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.0.3184)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3839.3 MB
Available physical RAM: 2012.3 MB
Total Pagefile: 7676.77 MB
Available Pagefile: 5638.81 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.88 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:446.26 GB) (Free:359.92 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:19.41 GB) (Free:2.43 GB) NTFS
6 Drive i: () (Fixed) (Total:7.45 GB) (Free:5.49 GB) FAT32

========================= Users: ========================================

User accounts for \\BACKOFFICE2

Administrator            Guest                    LogMeInRemoteUser        
Tony Wiseman             


**** End of log ****
 

 

 

2)  Security check

 

Results of screen317's Security Check version 0.99.78  

 

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 7.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 

 

 

3)  Autoruns and autorunsc

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "20/12/2013 15:23"
+ "egui"    "ESET Main GUI"    "ESET"    "c:\program files\eset\eset nod32 antivirus\egui.exe"    "12/09/2013 10:01"
+ "hpsysdrv"    "hpsysdrv"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"    "20/11/2008 18:46"
+ "LogMeIn GUI"    "LogMeIn Desktop Application"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\logmeinsystray.exe"    "12/04/2007 17:56"
+ "RtHDVCpl"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravcpl64.exe"    "12/07/2010 08:04"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "03/01/2014 07:53"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"    "04/04/2013 21:05"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"    "17/04/2013 03:13"
+ "BATINDICATOR"    "HP BATTERY INDICATOR"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp keyboard\batindicator.exe"    "20/07/2010 09:01"
+ "BATINDICATORHL"    "HP BATTERY INDICATOR"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp keyboard\batindicator_hidlist.exe"    "23/07/2010 02:48"
+ "BCSSync"    "Microsoft Office 2010 component"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\bcssync.exe"    "05/11/2012 15:25"
+ "DT HPO"    "DT_Startup"    "Portrait Displays, Inc."    "c:\program files (x86)\common files\portrait displays\shared\dt_startup.exe"    "10/03/2011 00:52"
+ "Easybits Recovery"    ""    "EasyBits Software AS"    "c:\program files (x86)\easybits for kids\ezrecover.exe"    "19/06/1992 22:22"
+ "HP Remote Solution"    "HP Remote Solution"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp remote solution\hp_remote_solution.exe"    "25/08/2009 02:11"
+ "HP Software Update"    "hpwuSchd Application"    "Hewlett-Packard"    "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"    "27/04/2010 08:58"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"    "02/11/2013 06:56"
+ "Magic Desktop for HP notification"    "Software update notification"    "Easybits"    "c:\programdata\easybits magic desktop for hp\mdhpsun.exe"    "19/06/1992 22:22"
+ "PDF Complete"    "Sentry for PDF"    "PDF Complete Inc"    "c:\program files (x86)\pdf complete\pdfsty.exe"    "19/06/1992 22:22"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"    "19/04/2012 03:40"
+ "StartCCC"    "Catalyst® Control Center Launcher"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"    "12/05/2010 01:44"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Oracle Corporation"    "c:\program files (x86)\common files\java\java update\jusched.exe"    "02/07/2013 16:16"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "20/12/2013 15:22"
+ "HP Digital Imaging Monitor.lnk"    "HP Digital Imaging Monitor"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"    "18/11/2009 12:41"
"C:\Users\Tony Wiseman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "18/12/2013 08:43"
+ "Monitor Ink Alerts - .lnk"    "Print Driver Status Business Logic"    "Hewlett-Packard Co."    "c:\program files\hp\hp officejet 6700\bin\hpstatusbl.dll"    "09/09/2011 23:25"
+ "Monitor Ink Alerts - HP Photosmart 7520 series.lnk"    "Print Driver Status Business Logic"    "Hewlett-Packard Co."    "c:\program files\hp\hp photosmart 7520 series\bin\hpstatusbl.dll"    "17/10/2012 11:37"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "11/02/2011 17:00"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "13/07/2009 23:58"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "11/02/2011 17:00"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\31.0.1650.63\installer\chrmstp.exe"    "04/12/2013 01:54"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "13/07/2009 23:42"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "22/12/2013 11:26"
+ "ACEStream"    ""    ""    "c:\users\tony wiseman\appdata\roaming\acestream\engine\ace_engine.exe"    "22/03/2013 11:04"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "14/07/2009 04:53"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"    "28/02/2010 09:24"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""    "22/12/2013 11:06"
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""    "03/01/2014 09:52"
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects"    ""    ""    ""    "22/12/2013 11:06"
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects"    ""    ""    ""    "03/01/2014 09:52"
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""    "20/12/2013 15:23"
+ "EldosMountNotificator"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""    "03/01/2014 07:53"
+ "EldosMountNotificator"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""    "03/01/2014 09:52"
+ "EasyBits Security Shield Hook - prevents launching insecure programs by kids"    "EasyBits Security Shield component"    "EasyBits Software Corp."    "c:\windows\syswow64\ezupbhook.dll"    "06/02/2005 21:11"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\shellext.dll"    "12/09/2013 10:02"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"    "12/09/2013 10:02"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\shellext.dll"    "12/09/2013 10:02"
"HKLM\Software\Wow6432Node\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"    "12/09/2013 10:02"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "LinkUpMenuExt"    "HP LinkUp File Transfer Extension"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp linkup\linkupext64.dll"    "24/02/2011 20:40"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"    "28/02/2013 20:39"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"    "12/05/2010 01:46"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"    "14/07/2009 01:32"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "14/07/2009 04:53"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"    "14/07/2009 01:09"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "20/11/2013 09:27"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "Apache Software Foundation"    "c:\program files (x86)\openoffice 4\program\shlxthdl\shlxthdl_x64.dll"    "20/09/2013 11:41"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "20/11/2013 09:27"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"    "11/05/2013 09:34"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "Apache Software Foundation"    "c:\program files (x86)\openoffice 4\program\shlxthdl\shlxthdl.dll"    "20/09/2013 11:50"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "20/11/2013 09:27"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\shellext.dll"    "12/09/2013 10:02"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"    "28/02/2013 20:39"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "20/11/2013 09:27"
+ "ESET Smart Security - Context Menu Shell Extension"    "ESET Shell Extension"    "ESET"    "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"    "12/09/2013 10:02"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "22/12/2013 11:06"
+ "EldosIconOverlay"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "03/01/2014 09:52"
+ "EldosIconOverlay"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "09/04/2012 13:26"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "22/12/2013 11:06"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"    "05/12/2013 03:35"
+ "HP Network Check Helper"    "HP Network Check IE Plug-in"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckpluginx64.dll"    "28/08/2013 08:30"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\urlredir.dll"    "06/03/2013 07:39"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"    "21/09/2010 21:47"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "03/01/2014 09:52"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"    "05/12/2013 03:47"
+ "HP Network Check Helper"    "HP Network Check IE Plug-in"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll"    "28/08/2013 08:28"
+ "HP Print Enhancer"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"    "13/10/2009 22:13"
+ "HP Smart BHO Class"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"    "13/10/2009 22:13"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"    "08/10/2013 14:43"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\ssv.dll"    "08/10/2013 14:43"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\urlredir.dll"    "06/03/2013 07:38"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"    "21/09/2010 21:01"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "20/12/2013 12:22"
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"    "05/12/2013 03:35"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "22/12/2013 11:07"
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"    "05/12/2013 03:47"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "20/12/2013 12:22"
+ "HP Network Check"    "NCLauncherFromIE"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"    "09/07/2012 22:46"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "22/12/2013 11:07"
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"    "10/11/2010 10:03"
+ "HP Network Check"    "NCLauncherFromIE"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"    "09/07/2012 22:46"
+ "Show or hide HP Smart Web Printing"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"    "13/10/2009 22:13"
+ "SmartPrint"    "HP Smart Print Setup"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe"    "15/04/2011 13:20"
"Task Scheduler"    ""    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.9 r900"    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"    "01/12/2013 18:09"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"    "02/06/2011 00:46"
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "09/03/2010 06:10"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "09/03/2010 06:10"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"    "04/11/2013 20:09"
+ "\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask"    "UtilTask"    "Microsoft"    "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\utiltask.exe"    "23/11/2011 17:48"
+ "\Hewlett-Packard\HP Support Assistant\NetworkCheck"    "Detection_NetworkCheck"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\detection_networkcheck.exe"    "08/02/2012 19:33"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"    "04/11/2013 20:09"
+ "\Hewlett-Packard\HP Support Assistant\Update Check"    "HPSFUpdater"    "Hewlett-Packard Company"    "c:\programdata\hewlett-packard\hp support framework\resources\updater7\hpsfupdater.exe"    "23/09/2013 22:08"
+ "\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2A42B180"    "HPWarrantyChecker"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe"    "22/11/2013 09:07"
+ "\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN3A8341PW05RT"    "HPWarrantyChecker"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe"    "22/11/2013 09:07"
+ "\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan"    "HPWarrantyChecker"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe"    "22/11/2013 09:07"
+ "\HPCeeScheduleForTony Wiseman"    "HP Ceement"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"    "15/07/2011 11:42"
+ "\HPCustParticipation HP Officejet 6700"    "HP Customer Participation."    "Hewlett-Packard Co."    "c:\program files\hp\hp officejet 6700\bin\hpcustpartic.exe"    "09/09/2011 23:18"
+ "\HPCustParticipation HP Photosmart 7520 series"    "HP Customer Participation."    "Hewlett-Packard Co."    "c:\program files\hp\hp photosmart 7520 series\bin\hpcustpartic.exe"    "17/10/2012 11:34"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"    "13/07/2009 23:53"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"    "10/11/2010 10:02"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"    "10/06/2009 20:36"
+ "\Microsoft\Windows\TabletPC\InputPersonalization"    ""    ""    "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"    ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"    "14/07/2009 00:24"
+ "\MirageAgent"    "YouCam Mirage"    "CyberLink"    "c:\program files (x86)\hewlett-packard\media\webcam\ycmmirage.exe"    "26/05/2010 02:59"
+ "\RMCreator"    "UCRD Reminder"    "CyberLink"    "c:\program files (x86)\hewlett-packard\recovery\reminder.exe"    "21/12/2010 07:07"
+ "\ServicePlan"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"    "31/01/2011 11:09"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "20/12/2013 15:23"
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"    "04/04/2013 21:05"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"    "01/12/2013 18:09"
+ "AERTFilters"    "Andrea Service"    "Andrea Electronics Corporation"    "c:\program files\realtek\audio\hda\aertsr64.exe"    "17/11/2009 16:17"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"    "12/05/2010 02:16"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"    "18/05/2012 03:06"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "31/08/2011 05:52"
+ "CalendarSynchService"    "HP TouchSmart Calendar Service"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\touchsmart\calendar\service\gcalservice.exe"    "05/08/2010 10:38"
+ "cvhsvc"    "Client Virtualization Handler Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"    "22/04/2013 09:57"
+ "DTSRVC"    "Provides support for applications that control display settings."    "Portrait Displays, Inc."    "c:\program files (x86)\common files\portrait displays\shared\dtsrvc.exe"    "10/03/2011 00:53"
+ "ekrn"    "ESET Service"    "ESET"    "c:\program files\eset\eset nod32 antivirus\x86\ekrn.exe"    "12/09/2013 09:59"
+ "ezSharedSvc"    "Provides licensing, security and parental control services for EasyBits applications. If this service is stopped or disabled, these applications will not function properly."    "EasyBits Software AS"    "c:\windows\syswow64\ezsharedsvchost.exe"    "19/06/1992 22:22"
+ "GamesAppService"    "WT Games App Services"    "WildTangent, Inc."    "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"    "04/10/2010 22:15"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "09/03/2010 06:10"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "09/03/2010 06:10"
+ "gusvc"    "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."    "Google"    "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"    "02/03/2012 21:13"
+ "HP Support Assistant Service"    "HP Support Assistant Service"    ""    "File not found: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"    ""
+ "HPAuto"    "HP Usage Improvement Tracking"    "Hewlett-Packard"    "c:\program files\hewlett-packard\hp auto\hpauto.exe"    "17/02/2011 06:46"
+ "HPClientSvc"    "HP Client Services"    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"    "11/10/2010 09:47"
+ "hpqcxs08"    "HP CUE Context Manager Objects"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"    "18/11/2009 03:42"
+ "hpqddsvc"    "This service detects and monitors CUE devices on the system."    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"    "18/11/2009 12:15"
+ "hpqwmiex"    "HP Software Framework WMI Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"    "14/05/2013 01:01"
+ "HPSLPSVC"    "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable"    "Hewlett-Packard Co."    "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"    "22/10/2010 20:06"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "02/11/2013 06:57"
+ "LMIGuardianSvc"    "Support LogMeIn processes with quality assurance feedback"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\lmiguardiansvc.exe"    "30/11/2012 08:15"
+ "LMIMaint"    "LogMeIn Maintenance Service"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\ramaint.exe"    "10/12/2013 14:09"
+ "LMIRescueUA_466145"    "LogMeIn Rescue"    "LogMeIn, Inc."    "c:\users\tony wiseman\appdata\local\logmein rescue unattended\lmir0001.tmp\unattended_srv.exe"    "05/03/2013 15:05"
+ "LogMeIn"    "LogMeIn"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\logmein.exe"    "08/11/2010 10:58"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"    "05/12/2013 17:09"
+ "Net Driver HPZ12"    "Dot4Net Module"    "Hewlett-Packard"    "c:\windows\system32\hpzinw12.dll"    "06/08/2010 05:45"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"    "10/01/2010 04:16"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"    "12/08/2009 02:00"
+ "pdfcDispatcher"    "Manages the PDF document production process.  A primary task is to enable the routing of documents from the print spooler to the user.  If this service is stopped, PDF documents will be unavailable."    "PDF Complete Inc"    "c:\program files (x86)\pdf complete\pdfsvc.exe"    "19/06/1992 22:22"
+ "PdiService"    "Provides support for applications that control display settings."    "Portrait Displays, Inc."    "c:\program files (x86)\common files\portrait displays\drivers\pdisrvc.exe"    "09/03/2011 22:45"
+ "Pml Driver HPZ12"    "PmlDrv Module"    "Hewlett-Packard"    "c:\windows\system32\hpzipm12.dll"    "06/08/2010 05:45"
+ "RapportMgmtService"    "Trusteer Endpoint Protection Central Management and Monitoring Service"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe"    "02/12/2013 16:34"
+ "sftlist"    "Streams and manages applications."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"    "25/06/2013 19:04"
+ "sftvsa"    "Monitors global service events and launches virtual services."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"    "25/06/2013 19:02"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"    "17/07/2009 00:04"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"    "27/05/2013 05:51"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"    "21/09/2010 21:46"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "20/11/2010 11:18"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "20/12/2013 15:23"
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"    "05/12/2008 23:54"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"    "01/05/2007 17:30"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"    "28/02/2007 00:04"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"    "13/07/2009 23:19"
+ "amd_sata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amd_sata.sys"    "12/10/2012 09:48"
+ "amd_xata"    "Stor Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amd_xata.sys"    "12/10/2012 09:48"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"    "12/05/2010 01:40"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"    "12/05/2010 01:24"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"    "19/03/2010 00:45"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"    "20/03/2009 18:36"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"    "19/03/2010 16:18"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"    "24/05/2007 21:27"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"    "14/01/2009 19:27"
+ "AtiPcie"    "AMD PCIE Filter Driver for ATI PCIE chipset"    "Advanced Micro Devices Inc."    "c:\windows\system32\drivers\atipcie64.sys"    "10/03/2010 14:33"
+ "AVerAVF2"    "AVerMedia Driver for NEC6125X Series"    "AVerMedia TECHNOLOGIES, Inc."    "c:\windows\system32\drivers\averavf2.sys"    "11/11/2010 04:01"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"    "13/02/2009 22:18"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"    "26/04/2009 11:14"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"    "07/08/2006 01:51"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"    "07/08/2006 01:51"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"    "07/08/2006 01:51"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"    "07/08/2006 01:51"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"    "07/08/2006 01:51"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"    "09/08/2006 12:11"
+ "cbfs3"    "Callback File System Driver"    "EldoS Corporation"    "c:\windows\system32\drivers\cbfs3.sys"    "09/04/2012 13:21"
+ "clwvd"    "CyberLink WebCam Virtual Driver"    "CyberLink Corporation"    "c:\windows\system32\drivers\clwvd.sys"    "28/07/2010 01:19"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"    "13/07/2009 23:19"
+ "eamonm"    "Eset file on-access scanner"    "ESET"    "c:\windows\system32\drivers\eamonm.sys"    "15/08/2013 14:53"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"    "31/12/2008 16:29"
+ "ehdrv"    "Eset Helper driver"    "ESET"    "c:\windows\system32\drivers\ehdrv.sys"    "15/08/2013 14:54"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"    "03/02/2009 22:52"
+ "epfwwfpr"    "EPFW Filter Driver"    "ESET"    "c:\windows\system32\drivers\epfwwfpr.sys"    "15/08/2013 14:55"
+ "esgiguard"    ""    ""    "c:\program files\enigma software group\spyhunter\esgiguard.sys"    "02/03/2011 15:14"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "03/05/2012 19:56"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"    "11/05/2009 08:26"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"    "20/04/2010 18:32"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"    "11/06/2010 00:46"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"    "06/05/2009 18:22"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"    "13/12/2005 21:47"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"    "13/07/2010 09:08"
+ "itecir"    "ITE Consumer IR Driver for eHome"    "ITE Tech. Inc. "    "c:\windows\system32\drivers\itecir.sys"    "13/07/2010 09:50"
+ "LMIInfo"    "RemotelyAnywhere Kernel Information Provider"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\rainfo.sys"    "11/01/2013 12:19"
+ "lmimirr"    "LogMeIn Mirror Miniport Driver"    "LogMeIn, Inc."    "c:\windows\system32\drivers\lmimirr.sys"    "10/04/2007 22:32"
+ "LMIRfsDriver"    "LogMeIn Rfs Drivemap Driver"    "LogMeIn, Inc."    "c:\windows\system32\drivers\lmirfsdriver.sys"    "14/07/2008 16:26"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"    "09/12/2008 22:46"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"    "19/05/2009 00:20"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"    "19/05/2009 00:31"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"    "16/04/2009 22:13"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"    "19/05/2009 01:09"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"    "19/05/2009 01:25"
+ "netr28x"    "Ralink 802.11 Wireless Adapter Driver"    "Ralink Technology, Corp."    "c:\windows\system32\drivers\netr28x.sys"    "28/11/2012 01:32"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"    "06/06/2006 21:11"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"    "19/03/2010 20:59"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"    "19/03/2010 20:45"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"    "22/01/2009 23:05"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"    "19/05/2009 01:18"
+ "RapportCerberus_59849"    ""    ""    "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\rapportcerberus64_59849.sys"    "21/09/2013 21:47"
+ "RapportEI64"    "RapportEI64"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\x64\rapportei64.sys"    "02/12/2013 16:57"
+ "RapportKE64"    "RapportKE"    "Trusteer Ltd."    "c:\windows\system32\drivers\rapportke64.sys"    "02/12/2013 16:57"
+ "RapportPG64"    "RapportPG64"    "Trusteer Ltd."    "c:\program files (x86)\trusteer\rapport\bin\x64\rapportpg64.sys"    "02/12/2013 16:57"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"    "11/11/2010 06:35"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "13/09/2006 13:18"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"    "24/09/2008 18:28"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"    "01/10/2008 21:56"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"    "17/02/2009 23:03"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"    "27/11/2012 23:38"
+ "usbfilter"    "AMD USB Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\usbfilter.sys"    "22/12/2009 08:26"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"    "13/07/2009 23:19"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"    "31/01/2009 01:18"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "20/12/2013 12:32"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "14/07/2009 01:28"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "03/01/2014 07:53"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"    "14/07/2009 01:06"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"    "20/11/2010 11:59"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "14/07/2009 04:53"
+ "LogMeIn Video Decoder"    "LogMeIn Video Codec"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\racodec.ax"    "10/12/2013 14:09"
+ "LogMeIn Video Encoder"    "LogMeIn Video Codec"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x64\racodec.ax"    "10/12/2013 14:09"
+ "MS PR Source Filter"    "PlayReady DirectShow Source Filter DLL"    "Microsoft Corporation"    "c:\program files\playready\prsource.dll"    "23/04/2009 09:11"
+ "PlayReady DMO Wrapper"    "PlayReady DirectShow DMO Wrapper Filter DLL"    "Microsoft Corporation"    "c:\program files\playready\prdmowrapper.dll"    "23/04/2009 09:11"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "14/07/2009 04:53"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "CyberLink Audio Noise Reduction"    "CLAuNR"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"    "17/10/2005 02:34"
+ "CyberLink Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"    "25/02/2005 02:41"
+ "CyberLink Audio VolumeBooster"    "CyberLink Audio Volume Booster Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"    "08/10/2004 08:36"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"    "21/01/2008 10:35"
+ "Cyberlink Dump Dispatch Filter"    "Cyberlink File Dump Dispatch Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"    "12/12/2003 07:01"
+ "Cyberlink Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"    "22/11/2006 12:15"
+ "CyberLink Editing Service 3.0 (Source)"    "CES Kernel"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"    "03/05/2007 06:18"
+ "Cyberlink File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2greader.ax"    "16/06/2003 03:35"
+ "CyberLink Load Image Filter"    "CLImage"    "CyberLink"    "c:\program files (x86)\cyberlink\shared files\climage.ax"    "07/11/2006 04:16"
+ "CyberLink M2V Writer"    "CLM2VWriter"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"    "17/08/2005 14:45"
+ "CyberLink MP3/WAV Wrapper"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"    "14/01/2008 02:30"
+ "CyberLink MPEG Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"    "29/09/2003 13:50"
+ "CyberLink MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"    "23/05/2008 07:27"
+ "CyberLink MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"    "26/10/2005 11:41"
+ "CyberLink MPEG-1 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"    "04/12/2007 03:11"
+ "CyberLink MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"    "04/12/2007 03:10"
+ "CyberLink PCM Wrapper"    "CyberLink PCM Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"    "21/03/2002 05:54"
+ "CyberLink TimeStretch Filter (CES)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"    "12/10/2004 14:32"
+ "CyberLink TL MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"    "19/10/2006 05:33"
+ "CyberLink Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"    "30/08/2005 04:01"
+ "CyberLink Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"    "28/09/2005 10:42"
+ "CyberLink Video Stabilizer"    "CLVideoDeShaking"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"    "17/10/2005 06:28"
+ "LogMeIn Video Decoder"    "LogMeIn Video Codec"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x86\racodec.ax"    "10/12/2013 13:58"
+ "LogMeIn Video Encoder"    "LogMeIn Video Codec"    "LogMeIn, Inc."    "c:\program files (x86)\logmein\x86\racodec.ax"    "10/12/2013 13:58"
+ "P2G Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"    "01/12/2006 05:59"
+ "P2G Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"    "20/12/2006 09:20"
+ "P2G Video Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"    "10/11/2005 12:36"
+ "P2G Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"    "18/06/2002 03:32"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "10/11/2010 10:21"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""    "14/07/2009 04:53"
+ "LogMeInCredProv"    "LogMeIn Remote Control Helper"    "LogMeIn, Inc."    "c:\windows\system32\lmiinit.dll"    "10/12/2013 14:08"
+ "RescueUnattendedCredProv64"    "LogMeIn Rescue"    "LogMeIn, Inc."    "c:\windows\system32\unlock64.dll"    "04/07/2012 10:59"
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"    "21/09/2010 21:47"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "11/12/2013 20:10"
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"    "31/08/2011 05:44"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"    "21/09/2010 21:00"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"    "21/09/2010 21:00"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""    "11/12/2013 20:10"
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "31/08/2011 05:53"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"    "21/09/2010 21:45"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"    "21/09/2010 21:45"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "03/01/2014 07:53"
+ "HP 5412 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinksts5412lm.dll"    "27/10/2010 10:34"
+ "HP 5C12 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinksts5c12lm.dll"    "30/08/2011 05:35"
+ "HP BC11 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinkstsbc11lm.dll"    "13/06/2012 09:23"
+ "HP Discovery Port Monitor (HP Officejet 6700)"    "HP Discovery Port Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpdiscopm5c12.dll"    "09/09/2011 23:21"
+ "HP Discovery Port Monitor (HP Photosmart 7520 series)"    "HP Discovery Port Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpdiscopmbc11.dll"    "17/10/2012 11:31"
+ "hpf3l101.dll"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpf3l101.dll"    "21/10/2009 10:09"
+ "LogMeIn Printer Port Monitor"    "RemotelyAnywhere Printer Port Monitor"    "LogMeIn, Inc."    "c:\windows\system32\lmiport.dll"    "26/04/2013 14:14"
+ "PDFC"    "PDF Complete Print Monitor"    "PDF Complete, Inc."    "c:\windows\system32\pdfc_port.dll"    "01/02/2011 07:48"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""    "14/07/2009 04:49"
+ "CbFs3"    "Virtual Network Shares CallbackFS v3"    "EldoS Corporation"    "c:\windows\system32\cbfsnetrdr3.dll"    "09/04/2012 13:27"
+ "LMIRfsClientNP"    "LogMeIn Virtual Disk Network"    "LogMeIn, Inc."    "c:\windows\system32\lmirfsclientnp.dll"    "10/12/2013 14:08"
 

 

 

As I am about to to do a malwarebytes scan and reboot I thought I would send  this information now and finish after.  Thanks



#4 tonywiseman54

tonywiseman54
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 03 January 2014 - 09:14 AM

Hi,

 

Last three logs:

 

# AdwCleaner v3.016 - Report created 03/01/2014 at 10:53:00
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Tony Wiseman - BACKOFFICE2
# Running from : C:\Users\Tony Wiseman\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\prefs.js ]


*************************

AdwCleaner[R0].txt - [893 octets] - [03/01/2014 10:42:29]
AdwCleaner[R1].txt - [932 octets] - [03/01/2014 10:52:17]
AdwCleaner[S0].txt - [955 octets] - [03/01/2014 10:44:59]
AdwCleaner[S1].txt - [854 octets] - [03/01/2014 10:53:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [913 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Professional x64
Ran by Tony Wiseman on 03/01/2014 at 10:57:14.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3630408179-580895415-1574546818-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1(10)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1(10)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1(5)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1(5)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\addlyrics1030_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\addlyrics1030_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1(10)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1(10)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1(5)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1(5)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\addlyrics1030_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\addlyrics1030_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2247CF35-00CF-491C-A1F1-5242D2EE2064}



~~~ Files

Successfully deleted: [File] "C:\Users\Tony Wiseman\appdata\locallow\SkwConfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Tony Wiseman\appdata\local\{A7589A01-99DB-499C-9DA1-B4F1CFA0DCE6}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Tony Wiseman\AppData\Roaming\mozilla\firefox\profiles\0oym3005.default-1357063066981\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/01/2014 at 11:08:29.31
End of JRT log

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Tony Wiseman :: BACKOFFICE2 [administrator]

03/01/2014 10:27:14
mbam-log-2014-01-03 (10-27-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 266214
Time elapsed: 4 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

Hopefully you can help.  Thanks



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 04 January 2014 - 04:16 AM

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

___________________-

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin xp users double click . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

 

___________________________________________-
 

 

Download, & save & then run the MS Safety scanner
Run a Full Scan
http://www.microsoft.com/security/scanner/en-us/default.aspx
Post. the result.

The safety scanner log should be called msert.txt
It should be located in the same folder as where you had msert.exe
If not there, then look for it under c:\windows

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#6 tonywiseman54

tonywiseman54
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 04 January 2014 - 03:35 PM

Hi,  Thanks again:

 

1)

 

Farbar Service Scanner Version: 05-12-2013
Ran by Tony Wiseman (administrator) on 04-01-2014 at 10:21:21
Running from "C:\Users\Tony Wiseman\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

2)

10:29:38.0610 0x1014  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
10:29:42.0531 0x1014  ============================================================
10:29:42.0531 0x1014  Current date / time: 2014/01/04 10:29:42.0531
10:29:42.0531 0x1014  SystemInfo:
10:29:42.0531 0x1014  
10:29:42.0531 0x1014  OS Version: 6.1.7601 ServicePack: 1.0
10:29:42.0531 0x1014  Product type: Workstation
10:29:42.0531 0x1014  ComputerName: BACKOFFICE2
10:29:42.0531 0x1014  UserName: Tony Wiseman
10:29:42.0532 0x1014  Windows directory: C:\Windows
10:29:42.0532 0x1014  System windows directory: C:\Windows
10:29:42.0532 0x1014  Running under WOW64
10:29:42.0532 0x1014  Processor architecture: Intel x64
10:29:42.0532 0x1014  Number of processors: 2
10:29:42.0532 0x1014  Page size: 0x1000
10:29:42.0532 0x1014  Boot type: Normal boot
10:29:42.0532 0x1014  ============================================================
10:29:42.0988 0x1014  KLMD registered as C:\Windows\system32\drivers\20655372.sys
10:29:43.0273 0x1014  System UUID: {A315D024-1309-9983-0966-C131D551447B}
10:29:44.0161 0x1014  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:29:44.0194 0x1014  Drive \Device\Harddisk2\DR2 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:29:44.0211 0x1014  ============================================================
10:29:44.0211 0x1014  \Device\Harddisk0\DR0:
10:29:44.0211 0x1014  MBR partitions:
10:29:44.0211 0x1014  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:29:44.0211 0x1014  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x37C83800
10:29:44.0211 0x1014  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37CB6000, BlocksNum 0x26CF800
10:29:44.0211 0x1014  \Device\Harddisk2\DR2:
10:29:44.0213 0x1014  MBR partitions:
10:29:44.0213 0x1014  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE8BE0
10:29:44.0213 0x1014  ============================================================
10:29:44.0225 0x1014  C: <-> \Device\Harddisk0\DR0\Partition2
10:29:44.0265 0x1014  D: <-> \Device\Harddisk0\DR0\Partition3
10:29:44.0267 0x1014  I: <-> \Device\Harddisk2\DR2\Partition1
10:29:44.0267 0x1014  ============================================================
10:29:44.0267 0x1014  Initialize success
10:29:44.0267 0x1014  ============================================================
10:30:53.0016 0x181c  ============================================================
10:30:53.0016 0x181c  Scan started
10:30:53.0016 0x181c  Mode: Manual; TDLFS;
10:30:53.0016 0x181c  ============================================================
10:30:53.0016 0x181c  KSN ping started
10:30:55.0376 0x181c  KSN ping finished: true
10:30:55.0616 0x181c  ================ Scan system memory ========================
10:30:55.0616 0x181c  System memory - ok
10:30:55.0616 0x181c  ================ Scan services =============================
10:30:55.0736 0x181c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:30:55.0746 0x181c  1394ohci - ok
10:30:55.0776 0x181c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:30:55.0786 0x181c  ACPI - ok
10:30:55.0796 0x181c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:30:55.0796 0x181c  AcpiPmi - ok
10:30:55.0886 0x181c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:30:55.0886 0x181c  AdobeARMservice - ok
10:30:55.0976 0x181c  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:55.0986 0x181c  AdobeFlashPlayerUpdateSvc - ok
10:30:56.0016 0x181c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:30:56.0036 0x181c  adp94xx - ok
10:30:56.0066 0x181c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:30:56.0076 0x181c  adpahci - ok
10:30:56.0116 0x181c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:30:56.0116 0x181c  adpu320 - ok
10:30:56.0146 0x181c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:30:56.0146 0x181c  AeLookupSvc - ok
10:30:56.0196 0x181c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
10:30:56.0206 0x181c  AERTFilters - ok
10:30:56.0246 0x181c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
10:30:56.0256 0x181c  AFD - ok
10:30:56.0276 0x181c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:30:56.0276 0x181c  agp440 - ok
10:30:56.0296 0x181c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:30:56.0296 0x181c  ALG - ok
10:30:56.0316 0x181c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:30:56.0316 0x181c  aliide - ok
10:30:56.0336 0x181c  [ CA0D6C1390F4B3BAF2A0A69D1A7F8332, 7C0D484F5A0608DB199D2C3A0855BDCF30580826F36BDCA87AD7049BF723ADAD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:30:56.0336 0x181c  AMD External Events Utility - ok
10:30:56.0356 0x181c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:30:56.0366 0x181c  amdide - ok
10:30:56.0376 0x181c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:30:56.0376 0x181c  AmdK8 - ok
10:30:56.0566 0x181c  [ 75E4BACA583AE02C11E9AC8747E2ABE0, FB39DAB5F37AB44A51126F2E04BB3901363FB0D5474F82E4FB1A770351967113 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:30:56.0756 0x181c  amdkmdag - ok
10:30:56.0796 0x181c  [ B765CF4B32F347BE747B21AE22641025, 47A580DEF9096795BE3CEB2D73A4201BF6EE05BDDAEAE035E9C65C6F5727FB85 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:30:56.0796 0x181c  amdkmdap - ok
10:30:56.0816 0x181c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:30:56.0816 0x181c  AmdPPM - ok
10:30:56.0836 0x181c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:30:56.0836 0x181c  amdsata - ok
10:30:56.0846 0x181c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:30:56.0856 0x181c  amdsbs - ok
10:30:56.0866 0x181c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:30:56.0876 0x181c  amdxata - ok
10:30:56.0906 0x181c  [ 352476C98EF3952563A14F767491BBA9, 386EE7663E04479465145CF41A9226446E4C0473EB31FBC9A81D0500166B812A ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
10:30:56.0906 0x181c  amd_sata - ok
10:30:56.0926 0x181c  [ F4805C309FE48D6939147FE5CCDB1AD4, 2F6C95401A38448460E4B0902A9026B416B2D4133239E04787E4F77152F2DE41 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
10:30:56.0926 0x181c  amd_xata - ok
10:30:56.0956 0x181c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:30:56.0956 0x181c  AppID - ok
10:30:56.0976 0x181c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:30:56.0976 0x181c  AppIDSvc - ok
10:30:57.0016 0x181c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:30:57.0016 0x181c  Appinfo - ok
10:30:57.0056 0x181c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:30:57.0056 0x181c  Apple Mobile Device - ok
10:30:57.0076 0x181c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:30:57.0076 0x181c  AppMgmt - ok
10:30:57.0106 0x181c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:30:57.0116 0x181c  arc - ok
10:30:57.0126 0x181c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:30:57.0126 0x181c  arcsas - ok
10:30:57.0206 0x181c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:30:57.0216 0x181c  aspnet_state - ok
10:30:57.0236 0x181c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:57.0236 0x181c  AsyncMac - ok
10:30:57.0266 0x181c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:30:57.0266 0x181c  atapi - ok
10:30:57.0276 0x181c  [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie         C:\Windows\system32\drivers\AtiPcie64.sys
10:30:57.0276 0x181c  AtiPcie - ok
10:30:57.0316 0x181c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:57.0336 0x181c  AudioEndpointBuilder - ok
10:30:57.0356 0x181c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:30:57.0366 0x181c  AudioSrv - ok
10:30:57.0426 0x181c  [ 086CBBB45324D56AA7239046CD86149A, 602A5F993ED0D80B521BBE8343C8ABF1D6002268E20F2C62BE7EDE54A181B207 ] AVerAVF2        C:\Windows\system32\DRIVERS\AVerAVF2.sys
10:30:57.0456 0x181c  AVerAVF2 - ok
10:30:57.0476 0x181c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:30:57.0476 0x181c  AxInstSV - ok
10:30:57.0506 0x181c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:30:57.0516 0x181c  b06bdrv - ok
10:30:57.0536 0x181c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:57.0536 0x181c  b57nd60a - ok
10:30:57.0556 0x181c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:30:57.0566 0x181c  BDESVC - ok
10:30:57.0576 0x181c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:30:57.0576 0x181c  Beep - ok
10:30:57.0616 0x181c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:30:57.0626 0x181c  BFE - ok
10:30:57.0676 0x181c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:30:57.0706 0x181c  BITS - ok
10:30:57.0716 0x181c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:30:57.0716 0x181c  blbdrive - ok
10:30:57.0756 0x181c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:30:57.0766 0x181c  Bonjour Service - ok
10:30:57.0786 0x181c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:30:57.0796 0x181c  bowser - ok
10:30:57.0826 0x181c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:30:57.0836 0x181c  BrFiltLo - ok
10:30:57.0846 0x181c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:30:57.0846 0x181c  BrFiltUp - ok
10:30:57.0866 0x181c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:30:57.0866 0x181c  BridgeMP - ok
10:30:57.0886 0x181c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:30:57.0886 0x181c  Browser - ok
10:30:57.0916 0x181c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:30:57.0916 0x181c  Brserid - ok
10:30:57.0936 0x181c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:57.0936 0x181c  BrSerWdm - ok
10:30:57.0946 0x181c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:57.0946 0x181c  BrUsbMdm - ok
10:30:57.0956 0x181c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:57.0966 0x181c  BrUsbSer - ok
10:30:57.0976 0x181c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:30:57.0976 0x181c  BTHMODEM - ok
10:30:58.0006 0x181c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:30:58.0006 0x181c  bthserv - ok
10:30:58.0126 0x181c  [ C2600EA81C3E0A9B55FD91A55FDB2307, 1DB65E10E95D2A3C81BD87A743C363CC1262D68834AF2E950DDC8E05B33A522C ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
10:30:58.0126 0x181c  CalendarSynchService - ok
10:30:58.0166 0x181c  [ 555FA105C22B1616094EDAD1CBFB0551, 3DB8EB0F95589E8CC338AE033C314256296F0BF039B338CF023FE393CF80840C ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
10:30:58.0176 0x181c  cbfs3 - ok
10:30:58.0196 0x181c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:30:58.0206 0x181c  cdfs - ok
10:30:58.0236 0x181c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:30:58.0236 0x181c  cdrom - ok
10:30:58.0266 0x181c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:30:58.0266 0x181c  CertPropSvc - ok
10:30:58.0286 0x181c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:30:58.0286 0x181c  circlass - ok
10:30:58.0306 0x181c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:30:58.0316 0x181c  CLFS - ok
10:30:58.0376 0x181c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:58.0376 0x181c  clr_optimization_v2.0.50727_32 - ok
10:30:58.0406 0x181c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:30:58.0406 0x181c  clr_optimization_v2.0.50727_64 - ok
10:30:58.0446 0x181c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:58.0496 0x181c  clr_optimization_v4.0.30319_32 - ok
10:30:58.0516 0x181c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:30:58.0536 0x181c  clr_optimization_v4.0.30319_64 - ok
10:30:58.0566 0x181c  [ D68D9F4D53010B7E84D4E80A2E485554, B39D7F5737BE7C8EF6BC33595FE4538A90374E148B39BDC618163CBC30719883 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
10:30:58.0566 0x181c  clwvd - ok
10:30:58.0576 0x181c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:30:58.0576 0x181c  CmBatt - ok
10:30:58.0596 0x181c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:30:58.0596 0x181c  cmdide - ok
10:30:58.0636 0x181c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:30:58.0646 0x181c  CNG - ok
10:30:58.0676 0x181c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:30:58.0676 0x181c  Compbatt - ok
10:30:58.0686 0x181c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:30:58.0696 0x181c  CompositeBus - ok
10:30:58.0696 0x181c  COMSysApp - ok
10:30:58.0706 0x181c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:30:58.0706 0x181c  crcdisk - ok
10:30:58.0746 0x181c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:30:58.0746 0x181c  CryptSvc - ok
10:30:58.0786 0x181c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:30:58.0806 0x181c  CSC - ok
10:30:58.0856 0x181c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:30:58.0876 0x181c  CscService - ok
10:30:58.0956 0x181c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:30:58.0976 0x181c  cvhsvc - ok
10:30:59.0006 0x181c  [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
10:30:59.0006 0x181c  dc3d - ok
10:30:59.0046 0x181c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:30:59.0066 0x181c  DcomLaunch - ok
10:30:59.0086 0x181c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:30:59.0096 0x181c  defragsvc - ok
10:30:59.0096 0x181c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:30:59.0106 0x181c  DfsC - ok
10:30:59.0126 0x181c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:30:59.0126 0x181c  Dhcp - ok
10:30:59.0156 0x181c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:30:59.0156 0x181c  discache - ok
10:30:59.0196 0x181c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:30:59.0196 0x181c  Disk - ok
10:30:59.0226 0x181c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:30:59.0226 0x181c  Dnscache - ok
10:30:59.0236 0x181c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:30:59.0246 0x181c  dot3svc - ok
10:30:59.0286 0x181c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:30:59.0286 0x181c  Dot4 - ok
10:30:59.0296 0x181c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:30:59.0306 0x181c  Dot4Print - ok
10:30:59.0316 0x181c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:30:59.0316 0x181c  dot4usb - ok
10:30:59.0326 0x181c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:30:59.0326 0x181c  DPS - ok
10:30:59.0366 0x181c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:30:59.0366 0x181c  drmkaud - ok
10:30:59.0396 0x181c  [ 0B76F56F2702BF482C3BF89A61D29812, F9A9D696183CC72B7BA0C3462E8D1D0A2989C7138500F8F17B417498C6CAC623 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
10:30:59.0406 0x181c  DTSRVC - ok
10:30:59.0456 0x181c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:30:59.0476 0x181c  DXGKrnl - ok
10:30:59.0516 0x181c  [ FE96AA1A36E76588C80DF1040286DDE1, 86EED8A0B59CD1930E6282997537ED94333FC7D45E3FE5A4D82057E1C8E5C2CD ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
10:30:59.0516 0x181c  eamonm - ok
10:30:59.0536 0x181c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:30:59.0536 0x181c  EapHost - ok
10:30:59.0646 0x181c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:30:59.0746 0x181c  ebdrv - ok
10:30:59.0776 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
10:30:59.0786 0x181c  EFS - ok
10:30:59.0806 0x181c  [ 807BA90D47F8885C09E1D6AFBB706E18, A803FE639C9C87733CA73D8F6C04A8CEB28DC45EEEA6CEC01ED3D4124C8E48EA ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
10:30:59.0806 0x181c  ehdrv - ok
10:30:59.0856 0x181c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:30:59.0876 0x181c  ehRecvr - ok
10:30:59.0896 0x181c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:30:59.0896 0x181c  ehSched - ok
10:30:59.0966 0x181c  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
10:31:00.0016 0x181c  ekrn - ok
10:31:00.0046 0x181c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:31:00.0056 0x181c  elxstor - ok
10:31:00.0076 0x181c  [ FEE856E92AFCC61DA146F186E291FFD7, 37F703320EFBA75B9AEF1969CAFFBF32463E1D3B1C4BD05DC9E4C6CA60AA81AB ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
10:31:00.0086 0x181c  epfwwfpr - ok
10:31:00.0106 0x181c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:31:00.0106 0x181c  ErrDev - ok
10:31:00.0146 0x181c  [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D, 4D9E779684D19137D43472CA18C8A955AD29C82C5F9D7C7E248A1400EE40EE59 ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:31:00.0146 0x181c  esgiguard - ok
10:31:00.0186 0x181c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:31:00.0186 0x181c  EventSystem - ok
10:31:00.0216 0x181c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:31:00.0226 0x181c  exfat - ok
10:31:00.0226 0x181c  ezSharedSvc - ok
10:31:00.0246 0x181c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:31:00.0256 0x181c  fastfat - ok
10:31:00.0276 0x181c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:31:00.0296 0x181c  Fax - ok
10:31:00.0306 0x181c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:31:00.0306 0x181c  fdc - ok
10:31:00.0316 0x181c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:31:00.0316 0x181c  fdPHost - ok
10:31:00.0326 0x181c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:31:00.0336 0x181c  FDResPub - ok
10:31:00.0346 0x181c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:31:00.0346 0x181c  FileInfo - ok
10:31:00.0366 0x181c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:31:00.0366 0x181c  Filetrace - ok
10:31:00.0386 0x181c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:31:00.0386 0x181c  flpydisk - ok
10:31:00.0406 0x181c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:31:00.0416 0x181c  FltMgr - ok
10:31:00.0476 0x181c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:31:00.0506 0x181c  FontCache - ok
10:31:00.0536 0x181c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:00.0546 0x181c  FontCache3.0.0.0 - ok
10:31:00.0556 0x181c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:31:00.0556 0x181c  FsDepends - ok
10:31:00.0586 0x181c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:31:00.0586 0x181c  Fs_Rec - ok
10:31:00.0616 0x181c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:31:00.0626 0x181c  fvevol - ok
10:31:00.0646 0x181c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:31:00.0646 0x181c  gagp30kx - ok
10:31:00.0686 0x181c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:31:00.0696 0x181c  GamesAppService - ok
10:31:00.0726 0x181c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:31:00.0726 0x181c  GEARAspiWDM - ok
10:31:00.0766 0x181c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:31:00.0786 0x181c  gpsvc - ok
10:31:00.0846 0x181c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:00.0846 0x181c  gupdate - ok
10:31:00.0856 0x181c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:00.0856 0x181c  gupdatem - ok
10:31:00.0896 0x181c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:31:00.0906 0x181c  gusvc - ok
10:31:00.0936 0x181c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:31:00.0936 0x181c  hcw85cir - ok
10:31:00.0976 0x181c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:31:00.0976 0x181c  HdAudAddService - ok
10:31:01.0006 0x181c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:31:01.0006 0x181c  HDAudBus - ok
10:31:01.0026 0x181c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:31:01.0026 0x181c  HidBatt - ok
10:31:01.0036 0x181c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:31:01.0046 0x181c  HidBth - ok
10:31:01.0056 0x181c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:31:01.0056 0x181c  HidIr - ok
10:31:01.0076 0x181c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
10:31:01.0076 0x181c  hidserv - ok
10:31:01.0116 0x181c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:31:01.0116 0x181c  HidUsb - ok
10:31:01.0136 0x181c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:31:01.0146 0x181c  hkmsvc - ok
10:31:01.0156 0x181c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:31:01.0166 0x181c  HomeGroupListener - ok
10:31:01.0196 0x181c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:31:01.0196 0x181c  HomeGroupProvider - ok
10:31:01.0216 0x181c  HP Support Assistant Service - ok
10:31:01.0256 0x181c  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
10:31:01.0276 0x181c  HPAuto - ok
10:31:01.0296 0x181c  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:31:01.0306 0x181c  HPClientSvc - ok
10:31:01.0406 0x181c  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:31:01.0406 0x181c  hpqcxs08 - ok
10:31:01.0426 0x181c  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:31:01.0426 0x181c  hpqddsvc - ok
10:31:01.0486 0x181c  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:31:01.0526 0x181c  hpqwmiex - ok
10:31:01.0536 0x181c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:31:01.0546 0x181c  HpSAMD - ok
10:31:01.0586 0x181c  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:31:01.0616 0x181c  HPSLPSVC - ok
10:31:01.0656 0x181c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:31:01.0676 0x181c  HTTP - ok
10:31:01.0686 0x181c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:31:01.0686 0x181c  hwpolicy - ok
10:31:01.0696 0x181c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:31:01.0706 0x181c  i8042prt - ok
10:31:01.0726 0x181c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:31:01.0736 0x181c  iaStorV - ok
10:31:01.0796 0x181c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:31:01.0816 0x181c  idsvc - ok
10:31:01.0816 0x181c  IEEtwCollectorService - ok
10:31:01.0996 0x181c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:31:02.0176 0x181c  igfx - ok
10:31:02.0226 0x181c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:31:02.0226 0x181c  iirsp - ok
10:31:02.0276 0x181c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:31:02.0296 0x181c  IKEEXT - ok
10:31:02.0376 0x181c  [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:31:02.0447 0x181c  IntcAzAudAddService - ok
10:31:02.0467 0x181c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:31:02.0467 0x181c  intelide - ok
10:31:02.0477 0x181c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:31:02.0487 0x181c  intelppm - ok
10:31:02.0507 0x181c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:31:02.0517 0x181c  IPBusEnum - ok
10:31:02.0537 0x181c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:31:02.0537 0x181c  IpFilterDriver - ok
10:31:02.0587 0x181c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:31:02.0597 0x181c  iphlpsvc - ok
10:31:02.0627 0x181c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:31:02.0627 0x181c  IPMIDRV - ok
10:31:02.0647 0x181c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:31:02.0647 0x181c  IPNAT - ok
10:31:02.0697 0x181c  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:31:02.0707 0x181c  iPod Service - ok
10:31:02.0717 0x181c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:31:02.0717 0x181c  IRENUM - ok
10:31:02.0727 0x181c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:31:02.0727 0x181c  isapnp - ok
10:31:02.0747 0x181c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:31:02.0757 0x181c  iScsiPrt - ok
10:31:02.0767 0x181c  [ 8D990A44B4F2B68E2C56A3724EC3EB84, 5768FC5B156FC9CEEA735C933B50ADD8AE018F5609B83634F001E847E3101ACA ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
10:31:02.0767 0x181c  itecir - ok
10:31:02.0777 0x181c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:31:02.0787 0x181c  kbdclass - ok
10:31:02.0797 0x181c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:31:02.0797 0x181c  kbdhid - ok
10:31:02.0807 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
10:31:02.0817 0x181c  KeyIso - ok
10:31:02.0857 0x181c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:31:02.0857 0x181c  KSecDD - ok
10:31:02.0867 0x181c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:31:02.0877 0x181c  KSecPkg - ok
10:31:02.0887 0x181c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:31:02.0887 0x181c  ksthunk - ok
10:31:02.0917 0x181c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:31:02.0927 0x181c  KtmRm - ok
10:31:02.0967 0x181c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:31:02.0967 0x181c  LanmanServer - ok
10:31:02.0987 0x181c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:31:02.0987 0x181c  LanmanWorkstation - ok
10:31:03.0007 0x181c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:31:03.0007 0x181c  lltdio - ok
10:31:03.0027 0x181c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:31:03.0037 0x181c  lltdsvc - ok
10:31:03.0057 0x181c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:31:03.0057 0x181c  lmhosts - ok
10:31:03.0127 0x181c  [ 0D24A12E77A115ED4B807A626EC039BE, A0903D55968994DC38323D4C2FCB849BEC10C718D4499CD79AF2F68838128115 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
10:31:03.0127 0x181c  LMIGuardianSvc - ok
10:31:03.0157 0x181c  [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
10:31:03.0157 0x181c  LMIInfo - ok
10:31:03.0177 0x181c  [ 777C479BBB31FD1F8ED80BAA75F4AEC1, E0711F4705BA593BA357F3403F7239102DC1B55CDCB09CEEA43F21AA69957469 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
10:31:03.0187 0x181c  LMIMaint - ok
10:31:03.0217 0x181c  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
10:31:03.0217 0x181c  lmimirr - ok
10:31:03.0367 0x181c  [ 3267FD57836162B3F8DA3CB9D75993C9, 153849655977C5F52E23063637949119F6BC50976B2FBD9CB8305F108590B8D5 ] LMIRescueUA_466145 C:\Users\Tony Wiseman\AppData\Local\LogMeIn Rescue Unattended\LMIR0001.tmp\unattended_srv.exe
10:31:03.0417 0x181c  LMIRescueUA_466145 - ok
10:31:03.0427 0x181c  LMIRfsClientNP - ok
10:31:03.0447 0x181c  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
10:31:03.0447 0x181c  LMIRfsDriver - ok
10:31:03.0487 0x181c  [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
10:31:03.0497 0x181c  LogMeIn - ok
10:31:03.0517 0x181c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:31:03.0517 0x181c  LSI_FC - ok
10:31:03.0527 0x181c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:31:03.0537 0x181c  LSI_SAS - ok
10:31:03.0547 0x181c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:31:03.0547 0x181c  LSI_SAS2 - ok
10:31:03.0577 0x181c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:31:03.0577 0x181c  LSI_SCSI - ok
10:31:03.0597 0x181c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:31:03.0607 0x181c  luafv - ok
10:31:03.0627 0x181c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:31:03.0627 0x181c  Mcx2Svc - ok
10:31:03.0657 0x181c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:31:03.0657 0x181c  megasas - ok
10:31:03.0677 0x181c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:31:03.0687 0x181c  MegaSR - ok
10:31:03.0697 0x181c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:31:03.0707 0x181c  MMCSS - ok
10:31:03.0717 0x181c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:31:03.0717 0x181c  Modem - ok
10:31:03.0747 0x181c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:31:03.0747 0x181c  monitor - ok
10:31:03.0757 0x181c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:31:03.0757 0x181c  mouclass - ok
10:31:03.0757 0x181c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:31:03.0767 0x181c  mouhid - ok
10:31:03.0777 0x181c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:31:03.0777 0x181c  mountmgr - ok
10:31:03.0817 0x181c  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:31:03.0817 0x181c  MozillaMaintenance - ok
10:31:03.0827 0x181c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:31:03.0827 0x181c  mpio - ok
10:31:03.0847 0x181c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:31:03.0847 0x181c  mpsdrv - ok
10:31:03.0877 0x181c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:31:03.0897 0x181c  MpsSvc - ok
10:31:03.0917 0x181c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:31:03.0927 0x181c  MRxDAV - ok
10:31:03.0947 0x181c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:31:03.0957 0x181c  mrxsmb - ok
10:31:03.0977 0x181c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:31:03.0987 0x181c  mrxsmb10 - ok
10:31:04.0017 0x181c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:31:04.0017 0x181c  mrxsmb20 - ok
10:31:04.0037 0x181c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:31:04.0037 0x181c  msahci - ok
10:31:04.0057 0x181c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:31:04.0057 0x181c  msdsm - ok
10:31:04.0077 0x181c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:31:04.0077 0x181c  MSDTC - ok
10:31:04.0107 0x181c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:31:04.0107 0x181c  Msfs - ok
10:31:04.0117 0x181c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:31:04.0117 0x181c  mshidkmdf - ok
10:31:04.0137 0x181c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:31:04.0137 0x181c  msisadrv - ok
10:31:04.0167 0x181c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:31:04.0177 0x181c  MSiSCSI - ok
10:31:04.0177 0x181c  msiserver - ok
10:31:04.0197 0x181c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:31:04.0197 0x181c  MSKSSRV - ok
10:31:04.0207 0x181c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:31:04.0207 0x181c  MSPCLOCK - ok
10:31:04.0217 0x181c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:31:04.0217 0x181c  MSPQM - ok
10:31:04.0237 0x181c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:31:04.0247 0x181c  MsRPC - ok
10:31:04.0257 0x181c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:31:04.0257 0x181c  mssmbios - ok
10:31:04.0277 0x181c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:31:04.0277 0x181c  MSTEE - ok
10:31:04.0287 0x181c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:31:04.0287 0x181c  MTConfig - ok
10:31:04.0297 0x181c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:31:04.0297 0x181c  Mup - ok
10:31:04.0337 0x181c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:31:04.0347 0x181c  napagent - ok
10:31:04.0367 0x181c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:31:04.0367 0x181c  NativeWifiP - ok
10:31:04.0427 0x181c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:31:04.0457 0x181c  NDIS - ok
10:31:04.0468 0x181c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:31:04.0468 0x181c  NdisCap - ok
10:31:04.0478 0x181c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:31:04.0478 0x181c  NdisTapi - ok
10:31:04.0488 0x181c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:31:04.0498 0x181c  Ndisuio - ok
10:31:04.0508 0x181c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:31:04.0518 0x181c  NdisWan - ok
10:31:04.0528 0x181c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:31:04.0528 0x181c  NDProxy - ok
10:31:04.0548 0x181c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:31:04.0548 0x181c  Net Driver HPZ12 - ok
10:31:04.0558 0x181c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:31:04.0568 0x181c  NetBIOS - ok
10:31:04.0578 0x181c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:31:04.0588 0x181c  NetBT - ok
10:31:04.0598 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
10:31:04.0598 0x181c  Netlogon - ok
10:31:04.0638 0x181c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:31:04.0648 0x181c  Netman - ok
10:31:04.0678 0x181c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:04.0688 0x181c  NetMsmqActivator - ok
10:31:04.0688 0x181c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:04.0698 0x181c  NetPipeActivator - ok
10:31:04.0718 0x181c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:31:04.0728 0x181c  netprofm - ok
10:31:04.0828 0x181c  [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:31:04.0888 0x181c  netr28x - ok
10:31:04.0898 0x181c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:04.0908 0x181c  NetTcpActivator - ok
10:31:04.0908 0x181c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:04.0918 0x181c  NetTcpPortSharing - ok
10:31:04.0928 0x181c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:31:04.0928 0x181c  nfrd960 - ok
10:31:04.0968 0x181c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:31:04.0978 0x181c  NlaSvc - ok
10:31:04.0988 0x181c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:31:04.0988 0x181c  Npfs - ok
10:31:04.0998 0x181c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:31:04.0998 0x181c  nsi - ok
10:31:05.0018 0x181c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:31:05.0018 0x181c  nsiproxy - ok
10:31:05.0088 0x181c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:31:05.0138 0x181c  Ntfs - ok
10:31:05.0158 0x181c  [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
10:31:05.0168 0x181c  NuidFltr - ok
10:31:05.0178 0x181c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:31:05.0178 0x181c  Null - ok
10:31:05.0208 0x181c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:31:05.0208 0x181c  nvraid - ok
10:31:05.0218 0x181c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:31:05.0228 0x181c  nvstor - ok
10:31:05.0248 0x181c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:31:05.0258 0x181c  nv_agp - ok
10:31:05.0268 0x181c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:31:05.0268 0x181c  ohci1394 - ok
10:31:05.0298 0x181c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:05.0308 0x181c  ose - ok
10:31:05.0458 0x181c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:31:05.0598 0x181c  osppsvc - ok
10:31:05.0638 0x181c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:31:05.0648 0x181c  p2pimsvc - ok
10:31:05.0668 0x181c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:31:05.0678 0x181c  p2psvc - ok
10:31:05.0698 0x181c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:31:05.0698 0x181c  Parport - ok
10:31:05.0728 0x181c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:31:05.0728 0x181c  partmgr - ok
10:31:05.0748 0x181c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:31:05.0748 0x181c  PcaSvc - ok
10:31:05.0768 0x181c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:31:05.0768 0x181c  pci - ok
10:31:05.0788 0x181c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:31:05.0788 0x181c  pciide - ok
10:31:05.0818 0x181c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:31:05.0818 0x181c  pcmcia - ok
10:31:05.0848 0x181c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:31:05.0848 0x181c  pcw - ok
10:31:05.0868 0x181c  pdfcDispatcher - ok
10:31:05.0888 0x181c  [ C7801DEF1C78747996A52C1F4C473E6F, B19FB226C1E0330695B4BCD768C6C92A5671A4EE2209A854F8952D6F6810E29C ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
10:31:05.0888 0x181c  PdiService - ok
10:31:05.0918 0x181c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:31:05.0928 0x181c  PEAUTH - ok
10:31:05.0978 0x181c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:31:06.0018 0x181c  PeerDistSvc - ok
10:31:06.0078 0x181c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:31:06.0078 0x181c  PerfHost - ok
10:31:06.0138 0x181c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:31:06.0178 0x181c  pla - ok
10:31:06.0258 0x181c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:31:06.0268 0x181c  PlugPlay - ok
10:31:06.0278 0x181c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:31:06.0288 0x181c  Pml Driver HPZ12 - ok
10:31:06.0298 0x181c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:31:06.0298 0x181c  PNRPAutoReg - ok
10:31:06.0308 0x181c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:31:06.0318 0x181c  PNRPsvc - ok
10:31:06.0358 0x181c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:31:06.0368 0x181c  PolicyAgent - ok
10:31:06.0408 0x181c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:31:06.0408 0x181c  Power - ok
10:31:06.0438 0x181c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:31:06.0438 0x181c  PptpMiniport - ok
10:31:06.0458 0x181c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:31:06.0458 0x181c  Processor - ok
10:31:06.0498 0x181c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:31:06.0498 0x181c  ProfSvc - ok
10:31:06.0508 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:31:06.0508 0x181c  ProtectedStorage - ok
10:31:06.0528 0x181c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:31:06.0528 0x181c  Psched - ok
10:31:06.0588 0x181c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:31:06.0638 0x181c  ql2300 - ok
10:31:06.0648 0x181c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:31:06.0658 0x181c  ql40xx - ok
10:31:06.0688 0x181c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:31:06.0688 0x181c  QWAVE - ok
10:31:06.0698 0x181c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:31:06.0708 0x181c  QWAVEdrv - ok
10:31:06.0808 0x181c  [ 000D82CC258E2D341605A6F350C4D1E6, 59EC5BA95D8B9EC739BC7D0BBE0E244CA2AE2DF01A8B65BFF7741DFBE38C2940 ] RapportCerberus_59849 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys
10:31:06.0828 0x181c  RapportCerberus_59849 - ok
10:31:06.0888 0x181c  [ 65F38060719F254E445EBC33E42BF1AF, 3A101571ABAF5BAD37105A3E47490118BD050FB6AE1FBEFA2A5B448ECAD441A4 ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
10:31:06.0888 0x181c  RapportEI64 - ok
10:31:06.0938 0x181c  [ 0C9F7D59A83DF19897B60742E0D3F205, 7DB9B1A6FD9E9D8F9C836F22396AEDB0DBFD2687F532FBC57363C163A9D710A7 ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
10:31:06.0948 0x181c  RapportKE64 - ok
10:31:07.0008 0x181c  [ AD5B5C2C88A4D7E8D5AAA68576CB79C2, EBED14980CF4BC34839D81C49CE34DBBEA12282FBA890DF0DC90C013E70B41B2 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
10:31:07.0058 0x181c  RapportMgmtService - ok
10:31:07.0078 0x181c  [ 400FC02504B250B86AA374689884B92B, 822D6F8BEBF5BBD78192BB688069F624F28EE195E23427BABFC56408D28002EC ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
10:31:07.0088 0x181c  RapportPG64 - ok
10:31:07.0108 0x181c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:31:07.0108 0x181c  RasAcd - ok
10:31:07.0128 0x181c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:31:07.0128 0x181c  RasAgileVpn - ok
10:31:07.0168 0x181c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:31:07.0168 0x181c  RasAuto - ok
10:31:07.0178 0x181c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:31:07.0188 0x181c  Rasl2tp - ok
10:31:07.0208 0x181c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:31:07.0218 0x181c  RasMan - ok
10:31:07.0238 0x181c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:31:07.0238 0x181c  RasPppoe - ok
10:31:07.0258 0x181c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:31:07.0258 0x181c  RasSstp - ok
10:31:07.0278 0x181c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:31:07.0278 0x181c  rdbss - ok
10:31:07.0288 0x181c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:31:07.0288 0x181c  rdpbus - ok
10:31:07.0298 0x181c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:31:07.0298 0x181c  RDPCDD - ok
10:31:07.0318 0x181c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:31:07.0328 0x181c  RDPDR - ok
10:31:07.0338 0x181c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:31:07.0338 0x181c  RDPENCDD - ok
10:31:07.0348 0x181c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:31:07.0358 0x181c  RDPREFMP - ok
10:31:07.0408 0x181c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:31:07.0408 0x181c  RdpVideoMiniport - ok
10:31:07.0448 0x181c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:31:07.0448 0x181c  RDPWD - ok
10:31:07.0469 0x181c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:31:07.0479 0x181c  rdyboost - ok
10:31:07.0499 0x181c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:31:07.0509 0x181c  RemoteAccess - ok
10:31:07.0529 0x181c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:31:07.0529 0x181c  RemoteRegistry - ok
10:31:07.0549 0x181c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:31:07.0549 0x181c  RpcEptMapper - ok
10:31:07.0569 0x181c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:31:07.0569 0x181c  RpcLocator - ok
10:31:07.0589 0x181c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:31:07.0599 0x181c  RpcSs - ok
10:31:07.0629 0x181c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:31:07.0629 0x181c  rspndr - ok
10:31:07.0669 0x181c  [ FCAF9C2C9EADF8F397C3350760EF500F, E9E60A54ED6ACD028F9CF541EAB75E7F04FA835FC78C9DC554B87136B7438D5A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:31:07.0679 0x181c  RTL8167 - ok
10:31:07.0689 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
10:31:07.0689 0x181c  SamSs - ok
10:31:07.0709 0x181c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:31:07.0719 0x181c  sbp2port - ok
10:31:07.0729 0x181c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:31:07.0739 0x181c  SCardSvr - ok
10:31:07.0749 0x181c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:31:07.0749 0x181c  scfilter - ok
10:31:07.0789 0x181c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:31:07.0829 0x181c  Schedule - ok
10:31:07.0859 0x181c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:31:07.0859 0x181c  SCPolicySvc - ok
10:31:07.0869 0x181c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:31:07.0869 0x181c  SDRSVC - ok
10:31:07.0889 0x181c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:31:07.0889 0x181c  secdrv - ok
10:31:07.0899 0x181c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:31:07.0899 0x181c  seclogon - ok
10:31:07.0919 0x181c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
10:31:07.0919 0x181c  SENS - ok
10:31:07.0939 0x181c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:31:07.0939 0x181c  SensrSvc - ok
10:31:07.0969 0x181c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:31:07.0979 0x181c  Serenum - ok
10:31:07.0989 0x181c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:31:07.0989 0x181c  Serial - ok
10:31:08.0009 0x181c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:31:08.0019 0x181c  sermouse - ok
10:31:08.0049 0x181c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:31:08.0049 0x181c  SessionEnv - ok
10:31:08.0059 0x181c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:31:08.0059 0x181c  sffdisk - ok
10:31:08.0069 0x181c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:31:08.0069 0x181c  sffp_mmc - ok
10:31:08.0079 0x181c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:31:08.0079 0x181c  sffp_sd - ok
10:31:08.0089 0x181c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:31:08.0089 0x181c  sfloppy - ok
10:31:08.0129 0x181c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
10:31:08.0149 0x181c  Sftfs - ok
10:31:08.0219 0x181c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:31:08.0229 0x181c  sftlist - ok
10:31:08.0249 0x181c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:31:08.0259 0x181c  Sftplay - ok
10:31:08.0269 0x181c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:31:08.0279 0x181c  Sftredir - ok
10:31:08.0289 0x181c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
10:31:08.0289 0x181c  Sftvol - ok
10:31:08.0299 0x181c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:31:08.0309 0x181c  sftvsa - ok
10:31:08.0349 0x181c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:31:08.0359 0x181c  SharedAccess - ok
10:31:08.0409 0x181c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:31:08.0419 0x181c  ShellHWDetection - ok
10:31:08.0429 0x181c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:31:08.0439 0x181c  SiSRaid2 - ok
10:31:08.0459 0x181c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:31:08.0459 0x181c  SiSRaid4 - ok
10:31:08.0480 0x181c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:31:08.0490 0x181c  Smb - ok
10:31:08.0510 0x181c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:31:08.0510 0x181c  SNMPTRAP - ok
10:31:08.0530 0x181c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:31:08.0530 0x181c  spldr - ok
10:31:08.0580 0x181c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:31:08.0590 0x181c  Spooler - ok
10:31:08.0710 0x181c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:31:08.0820 0x181c  sppsvc - ok
10:31:08.0870 0x181c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:31:08.0870 0x181c  sppuinotify - ok
10:31:08.0910 0x181c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:31:08.0920 0x181c  srv - ok
10:31:08.0930 0x181c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:31:08.0950 0x181c  srv2 - ok
10:31:08.0960 0x181c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:31:08.0960 0x181c  srvnet - ok
10:31:08.0980 0x181c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:31:08.0980 0x181c  SSDPSRV - ok
10:31:09.0000 0x181c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:31:09.0010 0x181c  SstpSvc - ok
10:31:09.0020 0x181c  Steam Client Service - ok
10:31:09.0040 0x181c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:31:09.0040 0x181c  stexstor - ok
10:31:09.0070 0x181c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
10:31:09.0070 0x181c  StillCam - ok
10:31:09.0120 0x181c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:31:09.0130 0x181c  stisvc - ok
10:31:09.0140 0x181c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:31:09.0150 0x181c  StorSvc - ok
10:31:09.0160 0x181c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:31:09.0160 0x181c  swenum - ok
10:31:09.0180 0x181c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:31:09.0200 0x181c  swprv - ok
10:31:09.0260 0x181c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:31:09.0310 0x181c  SysMain - ok
10:31:09.0330 0x181c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:31:09.0330 0x181c  TabletInputService - ok
10:31:09.0350 0x181c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:31:09.0360 0x181c  TapiSrv - ok
10:31:09.0370 0x181c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:31:09.0380 0x181c  TBS - ok
10:31:09.0450 0x181c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:31:09.0490 0x181c  Tcpip - ok
10:31:09.0550 0x181c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:31:09.0590 0x181c  TCPIP6 - ok
10:31:09.0640 0x181c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:31:09.0640 0x181c  tcpipreg - ok
10:31:09.0660 0x181c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:31:09.0670 0x181c  TDPIPE - ok
10:31:09.0700 0x181c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:31:09.0700 0x181c  TDTCP - ok
10:31:09.0710 0x181c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:31:09.0720 0x181c  tdx - ok
10:31:09.0730 0x181c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:31:09.0730 0x181c  TermDD - ok
10:31:09.0760 0x181c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:31:09.0780 0x181c  TermService - ok
10:31:09.0790 0x181c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:31:09.0800 0x181c  Themes - ok
10:31:09.0820 0x181c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:31:09.0820 0x181c  THREADORDER - ok
10:31:09.0840 0x181c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:31:09.0840 0x181c  TrkWks - ok
10:31:09.0880 0x181c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:31:09.0890 0x181c  TrustedInstaller - ok
10:31:09.0920 0x181c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:09.0930 0x181c  tssecsrv - ok
10:31:09.0960 0x181c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:31:09.0960 0x181c  TsUsbFlt - ok
10:31:09.0990 0x181c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:31:09.0990 0x181c  TsUsbGD - ok
10:31:10.0010 0x181c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:31:10.0020 0x181c  tunnel - ok
10:31:10.0040 0x181c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:31:10.0050 0x181c  uagp35 - ok
10:31:10.0060 0x181c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:31:10.0070 0x181c  udfs - ok
10:31:10.0090 0x181c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:31:10.0100 0x181c  UI0Detect - ok
10:31:10.0110 0x181c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:31:10.0110 0x181c  uliagpkx - ok
10:31:10.0130 0x181c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:31:10.0130 0x181c  umbus - ok
10:31:10.0140 0x181c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:31:10.0150 0x181c  UmPass - ok
10:31:10.0160 0x181c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:31:10.0170 0x181c  UmRdpService - ok
10:31:10.0200 0x181c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:31:10.0200 0x181c  upnphost - ok
10:31:10.0240 0x181c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:31:10.0240 0x181c  USBAAPL64 - ok
10:31:10.0280 0x181c  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:31:10.0280 0x181c  usbccgp - ok
10:31:10.0300 0x181c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:31:10.0300 0x181c  usbcir - ok
10:31:10.0320 0x181c  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:31:10.0330 0x181c  usbehci - ok
10:31:10.0340 0x181c  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\drivers\usbfilter.sys
10:31:10.0340 0x181c  usbfilter - ok
10:31:10.0370 0x181c  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:31:10.0370 0x181c  usbhub - ok
10:31:10.0390 0x181c  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:31:10.0390 0x181c  usbohci - ok
10:31:10.0420 0x181c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:31:10.0420 0x181c  usbprint - ok
10:31:10.0440 0x181c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:31:10.0440 0x181c  usbscan - ok
10:31:10.0460 0x181c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:10.0460 0x181c  USBSTOR - ok
10:31:10.0470 0x181c  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:31:10.0470 0x181c  usbuhci - ok
10:31:10.0490 0x181c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:31:10.0490 0x181c  usbvideo - ok
10:31:10.0520 0x181c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:31:10.0520 0x181c  UxSms - ok
10:31:10.0540 0x181c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
10:31:10.0540 0x181c  VaultSvc - ok
10:31:10.0550 0x181c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:31:10.0560 0x181c  vdrvroot - ok
10:31:10.0580 0x181c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:31:10.0600 0x181c  vds - ok
10:31:10.0630 0x181c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:31:10.0630 0x181c  vga - ok
10:31:10.0640 0x181c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:31:10.0640 0x181c  VgaSave - ok
10:31:10.0670 0x181c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:31:10.0680 0x181c  vhdmp - ok
10:31:10.0700 0x181c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:31:10.0700 0x181c  viaide - ok
10:31:10.0720 0x181c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:31:10.0720 0x181c  volmgr - ok
10:31:10.0740 0x181c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:31:10.0750 0x181c  volmgrx - ok
10:31:10.0780 0x181c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:31:10.0790 0x181c  volsnap - ok
10:31:10.0810 0x181c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:31:10.0810 0x181c  vsmraid - ok
10:31:10.0870 0x181c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:31:10.0900 0x181c  VSS - ok
10:31:10.0930 0x181c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:31:10.0940 0x181c  vwifibus - ok
10:31:10.0950 0x181c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:31:10.0950 0x181c  vwififlt - ok
10:31:10.0970 0x181c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:31:10.0970 0x181c  vwifimp - ok
10:31:10.0990 0x181c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:31:11.0000 0x181c  W32Time - ok
10:31:11.0050 0x181c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:31:11.0050 0x181c  WacomPen - ok
10:31:11.0070 0x181c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:31:11.0070 0x181c  WANARP - ok
10:31:11.0080 0x181c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:31:11.0080 0x181c  Wanarpv6 - ok
10:31:11.0150 0x181c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:31:11.0190 0x181c  WatAdminSvc - ok
10:31:11.0260 0x181c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:31:11.0310 0x181c  wbengine - ok
10:31:11.0320 0x181c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:31:11.0330 0x181c  WbioSrvc - ok
10:31:11.0350 0x181c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:31:11.0360 0x181c  wcncsvc - ok
10:31:11.0380 0x181c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:31:11.0380 0x181c  WcsPlugInService - ok
10:31:11.0400 0x181c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:31:11.0400 0x181c  Wd - ok
10:31:11.0460 0x181c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:31:11.0480 0x181c  Wdf01000 - ok
10:31:11.0490 0x181c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:31:11.0491 0x181c  WdiServiceHost - ok
10:31:11.0501 0x181c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:31:11.0501 0x181c  WdiSystemHost - ok
10:31:11.0531 0x181c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:31:11.0541 0x181c  WebClient - ok
10:31:11.0561 0x181c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:31:11.0571 0x181c  Wecsvc - ok
10:31:11.0601 0x181c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:31:11.0601 0x181c  wercplsupport - ok
10:31:11.0621 0x181c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:31:11.0621 0x181c  WerSvc - ok
10:31:11.0641 0x181c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:31:11.0651 0x181c  WfpLwf - ok
10:31:11.0661 0x181c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:31:11.0661 0x181c  WIMMount - ok
10:31:11.0691 0x181c  WinDefend - ok
10:31:11.0701 0x181c  WinHttpAutoProxySvc - ok
10:31:11.0751 0x181c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:31:11.0761 0x181c  Winmgmt - ok
10:31:11.0821 0x181c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:31:11.0881 0x181c  WinRM - ok
10:31:11.0931 0x181c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:31:11.0941 0x181c  WinUsb - ok
10:31:11.0971 0x181c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:31:12.0001 0x181c  Wlansvc - ok
10:31:12.0051 0x181c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:31:12.0051 0x181c  wlcrasvc - ok
10:31:12.0151 0x181c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:31:12.0211 0x181c  wlidsvc - ok
10:31:12.0231 0x181c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:31:12.0241 0x181c  WmiAcpi - ok
10:31:12.0271 0x181c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:31:12.0271 0x181c  wmiApSrv - ok
10:31:12.0291 0x181c  WMPNetworkSvc - ok
10:31:12.0311 0x181c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:31:12.0321 0x181c  WPCSvc - ok
10:31:12.0331 0x181c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:31:12.0331 0x181c  WPDBusEnum - ok
10:31:12.0351 0x181c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:31:12.0351 0x181c  ws2ifsl - ok
10:31:12.0371 0x181c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
10:31:12.0371 0x181c  wscsvc - ok
10:31:12.0391 0x181c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:31:12.0391 0x181c  WSDPrintDevice - ok
10:31:12.0431 0x181c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
10:31:12.0431 0x181c  WSDScan - ok
10:31:12.0441 0x181c  WSearch - ok
10:31:12.0541 0x181c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:31:12.0581 0x181c  wuauserv - ok
10:31:12.0641 0x181c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:31:12.0641 0x181c  WudfPf - ok
10:31:12.0661 0x181c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:31:12.0661 0x181c  WUDFRd - ok
10:31:12.0681 0x181c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:31:12.0691 0x181c  wudfsvc - ok
10:31:12.0711 0x181c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:31:12.0721 0x181c  WwanSvc - ok
10:31:12.0741 0x181c  ================ Scan global ===============================
10:31:12.0781 0x181c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:31:12.0821 0x181c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:31:12.0831 0x181c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:31:12.0871 0x181c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:31:12.0901 0x181c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:31:12.0911 0x181c  [ Global ] - ok
10:31:12.0911 0x181c  ================ Scan MBR ==================================
10:31:12.0911 0x181c  [ A18B8C644E427F49A3312CCA149B7137 ] \Device\Harddisk0\DR0
10:31:13.0111 0x181c  \Device\Harddisk0\DR0 - ok
10:31:13.0121 0x181c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:31:13.0211 0x181c  \Device\Harddisk2\DR2 - ok
10:31:13.0211 0x181c  ================ Scan VBR ==================================
10:31:13.0271 0x181c  [ D1C87EC9327EC66AED10F28A74FA1C2A ] \Device\Harddisk0\DR0\Partition1
10:31:13.0271 0x181c  \Device\Harddisk0\DR0\Partition1 - ok
10:31:13.0284 0x181c  [ AC27206F778513AE8A1CEFC3FD703CD5 ] \Device\Harddisk0\DR0\Partition2
10:31:13.0286 0x181c  \Device\Harddisk0\DR0\Partition2 - ok
10:31:13.0311 0x181c  [ EC06FBD97DF8FA55E6E3E2FF5CF39C55 ] \Device\Harddisk0\DR0\Partition3
10:31:13.0311 0x181c  \Device\Harddisk0\DR0\Partition3 - ok
10:31:13.0321 0x181c  [ CCBE83F6415BBACB243B13637FA32833 ] \Device\Harddisk2\DR2\Partition1
10:31:13.0321 0x181c  \Device\Harddisk2\DR2\Partition1 - ok
10:31:13.0321 0x181c  Waiting for KSN requests completion. In queue: 63
10:31:14.0321 0x181c  Waiting for KSN requests completion. In queue: 63
10:31:15.0321 0x181c  Waiting for KSN requests completion. In queue: 63
10:31:16.0351 0x181c  AV detected via SS2: ESET NOD32 Antivirus 7.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
10:31:16.0421 0x181c  Win FW state via NFP2: enabled
10:31:18.0801 0x181c  ============================================================
10:31:18.0801 0x181c  Scan finished
10:31:18.0801 0x181c  ============================================================
10:31:18.0801 0x19fc  Detected object count: 0
10:31:18.0801 0x19fc  Actual detected object count: 0

 

3)

 

No viruses found. Cannot find msert.txt anywhere

 

4)

 

No threats found.

 

 

I will see whether I get any pop-ups etc and report back.  Many thanks for your help.
 



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 04 January 2014 - 08:30 PM

Ok keep us posted.



#8 tonywiseman54

tonywiseman54
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 14 January 2014 - 03:12 AM

Hi,

 

Have watched situation for few days. Computer generally working ok but still getting ad pop-ups especially from the udmserve site and still, occasionally, getting this infernal spaceship going across the screen firing missiles. It looks as if we still haven't uninstalled the udmserve application. Any other ideas?

 

Thanks for the help so far



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 14 January 2014 - 09:09 AM

Please download HitmanPro. to your desktop.

  • Launch the program by double clicking on HitmanPro.exe. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • Click on the next button and choose the option activate free license
  • Click on the next button and the infections where will be deleted.
  • Click now on the Save Log option and save this log to your desktop.
  • Click on the next button and restart the computer.
  • Copy the information of HitmanPro_20130116_1239.log in your next reply

 

Perform a full online scan with  SUPERAntiSpyware.com - Online Scanner  post back the result after removing everything found in your next repy and tell me if you are still having any issues.

 

 

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Win 7 Vista User's Right Click and run as Admin.
Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.
Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.
Once it has finished select the Report tab.
Select the Detected threats report from the left and press the Save button.
Save it to your Desktop and post the contents in your next reply.



#10 tonywiseman54

tonywiseman54
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 21 January 2014 - 02:37 PM

Hi,

 

I have run the three latest programs. Only the first one found anything and produced a log:

 

HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : BACKOFFICE2
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : BACKOFFICE2\Tony Wiseman
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-01-20 23:07:40
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 35s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 16

   Objects scanned . . . : 1,648,677
   Files scanned . . . . : 25,657
   Remnants scanned  . . : 441,369 files / 1,181,651 keys

Cookies _____________________________________________________________________

   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
   C:\Users\Tony Wiseman\AppData\Roaming\Microsoft\Windows\Cookies\174WAA6E.txt
   C:\Users\Tony Wiseman\AppData\Roaming\Microsoft\Windows\Cookies\9IRX0UP8.txt
   C:\Users\Tony Wiseman\AppData\Roaming\Microsoft\Windows\Cookies\U7KJI5ED.txt
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:ads.yahoo.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:at.atwola.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:atdmt.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:collective-media.net
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:doubleclick.net
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:media6degrees.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:ru4.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:serving-sys.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:tribalfusion.com
   C:\Users\Tony Wiseman\AppData\Roaming\Mozilla\Firefox\Profiles\0oym3005.default-1357063066981\cookies.sqlite:zedo.com

 

The last two didn't find anything (Kaspersky actually took 8 1/2 hrs). Unfortunately I have immediately got a pop up from udmserve.net. Not had the spaceship firing shots yet but did get it after running Hitman Pro after restarting computer as instructed. As the last 2 programs didn't do anything I assume it is still there somewhere. Have you heard of this adware before? It seems incredibly hard to locate. Should I uninstall firefox and reinstall it? Haven't seen whether it affects any other browsers. Thanks for your help



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 21 January 2014 - 03:42 PM

Yes try and uninstall and re install firefox and tell me if the issue remains. :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users