Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CMD pops-then-disappears, DDS "can't run in compatibility mode"


  • This topic is locked This topic is locked
7 replies to this topic

#1 falrecon

falrecon

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 20 March 2014 - 07:49 AM

There's a cmd popup that DISAPPEARS FAST I couldn't see if it even has something written. This is a new problem that I've not gotten to observe. First popup was middle of browsing and gaming, then after restart, second(or the second popup I noticed), it was after I logged into my computer.

 

DDS won't run, says "DDS is not mean to run in 'Compatibility Mode'.

The program shall now exit."

*btw, this is my 2nd bleep here, last 2 months ago DDS ran properly.

 

Help, please detect if there's backdoor PLEASE.

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 AM

Posted 20 March 2014 - 08:47 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 falrecon

falrecon
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 20 March 2014 - 09:01 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Leyla (administrator) on M6-EISEN-REGEN on 21-03-2014 09:51:25
Running from C:\Users\Pocholo\Desktop
Windows 8.1 Single Language (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
() C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Windows\system32\valWBFPolicyService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Gaming Mouse\Monitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-03] (IDT, Inc.)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-22] (Intel Corporation)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-20] (IVT Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Gaming mouse] - C:\Program Files (x86)\Gaming Mouse\Monitor.exe [495616 2013-12-02] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1824000 2014-02-11] (Valve Corporation)
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\Run: [GarenaPlus] - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9890608 2013-12-12] ()
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\RunOnce: [Uninstall C:\Users\Pocholo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] - C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pocholo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\MountPoints2: {84e941e7-ab8a-11e3-bef8-6c3be589b280} - "F:\AutoRun.exe"
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\MountPoints2: {b381ada3-fa5f-11e2-be9f-6c3be589b280} - "F:\AutoRun.exe"
HKU\S-1-5-21-3665814049-2692689912-1343586199-1001\...\MountPoints2: {b381b2a3-fa5f-11e2-be9f-6c3be589b280} - "F:\AutoRun.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://twitter.com/WarframeAlerts
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/33
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.wotpro.com/guides
http://en.wikipedia.org/wiki/Cthulhu_Mythos_deities
http://openstudy.com/study#/groups/Mathematics
http://www.play-asia.com/paOS-00-3-wholesale-49-en.html
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/33
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/33
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4824-154358-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4824-154358-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4824-154358-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {C228AEDD-FC47-11D3-AF87-D128A9381404} http://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 192.168.254.254

Chrome:
=======
CHR HomePage: chrome://bookmarks/#1
CHR DefaultSearchKeyword: google.com.ph
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
CHR Extension: (Chitose Shirasawa Chrome Theme) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppdjclgiebmmegmddiebbibpdkgodcl [2013-06-30]
CHR Extension: (Google Wallet) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-25]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) =================

S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-27] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-20] (IVT Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
S2 Globe Tattoo Broadband. RunOuc; C:\Program Files (x86)\Globe Tattoo Broadband\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-06] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-13] (Advanced Micro Devices, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-03] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [242688 2012-12-22] (Huawei Technologies Co., Ltd.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-06] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-06] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-09-01] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-21 09:51 - 2014-03-21 09:51 - 00017632 _____ () C:\Users\Pocholo\Desktop\FRST.txt
2014-03-21 09:51 - 2014-03-21 09:51 - 00000000 ____D () C:\FRST
2014-03-21 09:50 - 2014-03-21 09:50 - 02157056 _____ (Farbar) C:\Users\Pocholo\Desktop\FRST64.exe
2014-03-21 09:41 - 2014-03-21 09:41 - 00003496 _____ () C:\WINDOWS\System32\Tasks\gg_uac_daemon_Leyla
2014-03-20 21:03 - 2014-03-20 21:03 - 06190463 _____ () C:\Users\Pocholo\Desktop\final pact.mp4
2014-03-20 20:27 - 2014-03-20 20:27 - 00688992 _____ (Swearware) C:\Users\Pocholo\Desktop\dds (1).com
2014-03-20 19:56 - 2014-03-20 20:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pocholo\Desktop\mbam-setup-1-75-0-1300 (1).exe
2014-03-20 15:24 - 2014-03-20 15:24 - 00000000 ____D () C:\WINDOWS\en
2014-03-20 15:23 - 2014-03-20 15:23 - 00003108 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3665814049-2692689912-1343586199-1001
2014-03-20 15:20 - 2014-02-22 20:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-20 15:20 - 2014-02-22 19:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-20 10:41 - 2014-03-20 10:41 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-19 11:42 - 2014-03-19 11:42 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-03-19 11:42 - 2014-03-19 11:42 - 00000000 ____D () C:\Users\Pocholo\Documents\CyberLink
2014-03-17 12:10 - 2014-03-17 13:41 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Darksiders2
2014-03-17 12:09 - 2014-03-17 12:09 - 00002069 _____ () C:\Users\Public\Desktop\Darksiders II.lnk
2014-03-15 16:48 - 2014-03-15 16:48 - 00001322 _____ () C:\Users\Public\Desktop\Crysis.lnk
2014-03-14 13:33 - 2014-03-14 13:43 - 00000000 ____D () C:\Program Files (x86)\Chivalry Medieval Warfare
2014-03-14 03:40 - 2014-03-01 14:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-14 03:40 - 2014-03-01 12:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-14 03:40 - 2014-03-01 12:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-14 03:40 - 2014-03-01 12:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-14 03:40 - 2014-03-01 11:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-14 03:40 - 2014-03-01 11:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-14 03:40 - 2014-03-01 11:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-14 03:40 - 2014-03-01 11:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-14 03:40 - 2014-03-01 11:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-14 03:40 - 2014-03-01 11:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-14 03:40 - 2014-03-01 11:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-14 03:40 - 2014-03-01 10:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-14 03:40 - 2014-03-01 10:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-14 03:40 - 2014-03-01 10:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-14 03:40 - 2014-03-01 10:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-14 03:40 - 2014-03-01 10:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-14 03:40 - 2014-03-01 10:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-14 03:40 - 2014-02-01 00:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-14 03:40 - 2014-02-01 00:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-14 03:40 - 2014-02-01 00:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-14 03:40 - 2014-01-31 21:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-14 03:40 - 2014-01-31 17:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-14 03:40 - 2014-01-29 17:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-14 03:40 - 2014-01-29 16:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-14 03:40 - 2014-01-29 16:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-14 03:40 - 2014-01-29 16:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-14 03:40 - 2014-01-29 16:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-14 03:40 - 2014-01-29 15:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-14 03:40 - 2014-01-29 15:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-14 03:40 - 2014-01-29 15:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-14 03:40 - 2014-01-29 14:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-14 03:40 - 2014-01-29 08:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-14 03:40 - 2014-01-28 03:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-14 03:40 - 2014-01-28 03:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-14 03:40 - 2014-01-28 03:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-14 03:40 - 2014-01-28 02:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-14 03:40 - 2014-01-28 02:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-14 03:40 - 2014-01-28 02:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-14 03:40 - 2014-01-28 02:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-14 03:40 - 2014-01-28 02:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-14 03:40 - 2014-01-28 01:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-14 03:40 - 2014-01-28 01:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-14 03:40 - 2014-01-28 01:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-14 03:40 - 2014-01-27 23:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-14 03:40 - 2014-01-27 23:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-14 03:40 - 2014-01-27 19:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-14 03:40 - 2014-01-18 07:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-14 03:40 - 2014-01-18 05:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 03:40 - 2013-12-21 22:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-14 03:40 - 2013-12-21 16:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-14 03:32 - 2014-02-11 11:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-14 03:32 - 2013-10-31 08:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-14 03:32 - 2013-10-31 08:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-14 03:32 - 2013-10-31 08:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-14 00:04 - 2013-12-20 18:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-14 00:04 - 2013-12-20 18:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-13 23:05 - 2014-02-11 10:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-13 23:05 - 2014-02-11 10:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-11 21:33 - 2014-03-11 21:33 - 00000000 ____D () C:\Users\Pocholo\.swt
2014-03-10 09:36 - 2014-03-10 09:54 - 00066235 _____ () C:\Users\Pocholo\Desktop\How to invest in Mutual Funds.pptx
2014-03-06 23:07 - 2014-03-07 00:27 - 00000000 ____D () C:\Users\Pocholo\Desktop\CS130lecture
2014-03-06 21:46 - 2014-03-06 21:47 - 10247168 _____ () C:\Users\Pocholo\Desktop\9781111528705_PPT_ch06.ppt
2014-03-04 17:38 - 2014-03-04 17:38 - 00000000 ___SH () C:\Users\Pocholo\AppData\Local\LumaEmu
2014-03-04 17:36 - 2014-03-04 17:36 - 00000000 ____D () C:\Program Files (x86)\Games
2014-03-04 16:55 - 2014-03-03 15:38 - 302607459 _____ () C:\Users\Pocholo\Desktop\M4H00741.MP4
2014-03-04 16:49 - 2014-01-23 14:50 - 1535069454 ____R () C:\Users\Pocholo\Desktop\Frozen 2013 DVDScr XViD AC3-FiNGERBLaST.avi
2014-03-03 12:30 - 2014-03-12 16:13 - 00000000 ____D () C:\Users\Pocholo\Desktop\Killing Floor
2014-02-27 22:06 - 2014-02-27 22:06 - 00000132 _____ () C:\Users\Pocholo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-26 09:30 - 2014-02-26 09:30 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{B958C4DE-452A-41A4-A385-D068C6A33215}
2014-02-26 09:30 - 2014-02-26 09:30 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{0203B655-25DA-44F7-97FB-7A0B18E0AAD3}
2014-02-24 00:03 - 2014-02-24 00:03 - 00000000 ____D () C:\Users\Pocholo\Desktop\New folder
2014-02-23 23:47 - 2014-02-23 23:47 - 00000000 ____D () C:\Users\Pocholo\Desktop\Project
2014-02-23 07:47 - 2014-02-23 08:05 - 00000000 ____D () C:\Users\Pocholo\Desktop\shexview-x64
2014-02-23 07:45 - 2014-02-23 07:46 - 00096439 _____ () C:\Users\Pocholo\Desktop\shexview-x64.zip
2014-02-23 07:40 - 2014-02-23 07:40 - 00050029 _____ () C:\Users\Pocholo\Desktop\sfcdetails.txt
2014-02-23 00:58 - 2014-02-23 00:59 - 09249192 _____ (Wargaming.net ) C:\Users\Pocholo\Desktop\WoT_internet_install_sea.exe
2014-02-22 13:02 - 2014-02-22 13:02 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\Ubisoft
2014-02-22 13:02 - 2014-02-22 13:02 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-02-22 12:36 - 2014-02-22 12:36 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-22 11:09 - 2014-02-22 11:09 - 00002138 _____ () C:\Users\Public\Desktop\Medieval II Total War.lnk
2014-02-22 10:49 - 2014-02-22 10:49 - 00000000 ____D () C:\Program Files (x86)\SEGA
2014-02-19 22:37 - 2014-02-19 22:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\Microsoft Game Studios
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Microsoft Game Studios
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\ProgramData\Microsoft Games

==================== One Month Modified Files and Folders =======

2014-03-21 09:51 - 2014-03-21 09:51 - 00017632 _____ () C:\Users\Pocholo\Desktop\FRST.txt
2014-03-21 09:51 - 2014-03-21 09:51 - 00000000 ____D () C:\FRST
2014-03-21 09:50 - 2014-03-21 09:50 - 02157056 _____ (Farbar) C:\Users\Pocholo\Desktop\FRST64.exe
2014-03-21 09:50 - 2014-01-05 23:30 - 01256960 ___SH () C:\Users\Pocholo\Desktop\Thumbs.db
2014-03-21 09:45 - 2013-06-17 23:11 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3665814049-2692689912-1343586199-1001
2014-03-21 09:43 - 2014-01-05 22:42 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{21ED3873-8459-4635-A066-43BBEB3C8393}
2014-03-21 09:41 - 2014-03-21 09:41 - 00003496 _____ () C:\WINDOWS\System32\Tasks\gg_uac_daemon_Leyla
2014-03-21 09:41 - 2014-02-11 16:35 - 00000444 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-03-21 09:41 - 2013-06-18 12:13 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-21 09:40 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-20 22:40 - 2013-06-18 12:13 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 21:03 - 2014-03-20 21:03 - 06190463 _____ () C:\Users\Pocholo\Desktop\final pact.mp4
2014-03-20 20:44 - 2013-11-14 15:24 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-20 20:43 - 2013-09-15 16:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeyla
2014-03-20 20:43 - 2013-09-15 16:58 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLeyla.job
2014-03-20 20:38 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-20 20:38 - 2013-08-22 21:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-20 20:38 - 2013-04-04 12:35 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-03-20 20:38 - 2012-09-27 00:53 - 00000950 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-03-20 20:27 - 2014-03-20 20:27 - 00688992 _____ (Swearware) C:\Users\Pocholo\Desktop\dds (1).com
2014-03-20 20:06 - 2014-01-05 17:34 - 01072222 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-20 20:04 - 2013-06-20 13:59 - 00000966 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001UA.job
2014-03-20 20:00 - 2014-03-20 19:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pocholo\Desktop\mbam-setup-1-75-0-1300 (1).exe
2014-03-20 18:47 - 2013-08-11 20:06 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-03-20 17:25 - 2013-06-19 12:10 - 00000000 ___RD () C:\Aazes$Heat$Haze$Daze$Faize$Days
2014-03-20 17:02 - 2013-06-19 14:03 - 00000000 ___RD () C:\Users\Pocholo\Desktop\Adobe
2014-03-20 15:24 - 2014-03-20 15:24 - 00000000 ____D () C:\WINDOWS\en
2014-03-20 15:24 - 2012-12-02 05:00 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-03-20 15:23 - 2014-03-20 15:23 - 00003108 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3665814049-2692689912-1343586199-1001
2014-03-20 15:23 - 2013-12-15 18:01 - 00410698 _____ () C:\WINDOWS\DirectX.log
2014-03-20 14:03 - 2013-06-20 13:58 - 00000944 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001Core.job
2014-03-20 10:43 - 2012-12-02 05:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-03-20 10:42 - 2012-12-02 04:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-20 10:42 - 2012-12-02 04:49 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-20 10:41 - 2014-03-20 10:41 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-20 10:40 - 2012-12-02 05:03 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-20 10:39 - 2012-08-04 08:02 - 00000000 ____D () C:\SWSetup
2014-03-20 00:32 - 2013-07-13 15:55 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-20 00:30 - 2013-06-18 01:32 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 22:37 - 2013-06-19 16:41 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-03-19 22:37 - 2013-06-19 16:41 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-19 11:42 - 2014-03-19 11:42 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-03-19 11:42 - 2014-03-19 11:42 - 00000000 ____D () C:\Users\Pocholo\Documents\CyberLink
2014-03-19 11:42 - 2013-06-17 23:38 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\CyberLink
2014-03-19 11:42 - 2013-06-17 23:38 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\CyberLink
2014-03-19 11:17 - 2014-01-11 13:25 - 00027488 _____ () C:\WINDOWS\setupact.log
2014-03-17 13:41 - 2014-03-17 12:10 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Darksiders2
2014-03-17 12:10 - 2013-06-20 16:34 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\SKIDROW
2014-03-17 12:10 - 2013-06-19 12:10 - 00000000 ____D () C:\Users\Pocholo\Documents\My Games
2014-03-17 12:09 - 2014-03-17 12:09 - 00002069 _____ () C:\Users\Public\Desktop\Darksiders II.lnk
2014-03-17 12:06 - 2013-06-27 17:39 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-03-17 07:42 - 2013-07-03 14:25 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\Azureus
2014-03-17 00:22 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-16 23:05 - 2013-09-22 13:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-16 16:29 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-16 16:26 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-15 16:48 - 2014-03-15 16:48 - 00001322 _____ () C:\Users\Public\Desktop\Crysis.lnk
2014-03-15 16:32 - 2013-06-19 14:21 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-14 23:10 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-14 17:00 - 2013-08-22 22:44 - 05064976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 16:55 - 2014-01-05 17:03 - 00000000 ____D () C:\Users\Pocholo
2014-03-14 16:54 - 2013-11-14 15:17 - 00004166 _____ () C:\WINDOWS\PFRO.log
2014-03-14 16:54 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 16:54 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 16:54 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 16:54 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 13:54 - 2013-07-20 10:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 13:45 - 2013-06-27 16:15 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-03-14 13:43 - 2014-03-14 13:33 - 00000000 ____D () C:\Program Files (x86)\Chivalry Medieval Warfare
2014-03-12 16:13 - 2014-03-03 12:30 - 00000000 ____D () C:\Users\Pocholo\Desktop\Killing Floor
2014-03-11 22:38 - 2013-07-03 14:25 - 00000000 ____D () C:\Program Files\Vuze
2014-03-11 21:33 - 2014-03-11 21:33 - 00000000 ____D () C:\Users\Pocholo\.swt
2014-03-10 10:28 - 2014-02-17 10:19 - 00000000 ____D () C:\Users\Pocholo\Desktop\SS12
2014-03-10 09:54 - 2014-03-10 09:36 - 00066235 _____ () C:\Users\Pocholo\Desktop\How to invest in Mutual Funds.pptx
2014-03-07 00:27 - 2014-03-06 23:07 - 00000000 ____D () C:\Users\Pocholo\Desktop\CS130lecture
2014-03-06 21:47 - 2014-03-06 21:46 - 10247168 _____ () C:\Users\Pocholo\Desktop\9781111528705_PPT_ch06.ppt
2014-03-06 10:56 - 2013-12-03 22:37 - 00000000 ____D () C:\Users\Pocholo\Desktop\C++
2014-03-05 06:53 - 2013-08-22 23:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 06:53 - 2013-08-22 23:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 17:38 - 2014-03-04 17:38 - 00000000 ___SH () C:\Users\Pocholo\AppData\Local\LumaEmu
2014-03-04 17:36 - 2014-03-04 17:36 - 00000000 ____D () C:\Program Files (x86)\Games
2014-03-04 11:50 - 2013-11-18 16:41 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Windows Live
2014-03-03 15:38 - 2014-03-04 16:55 - 302607459 _____ () C:\Users\Pocholo\Desktop\M4H00741.MP4
2014-03-01 14:05 - 2014-03-14 03:40 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 12:58 - 2014-03-14 03:40 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 12:30 - 2014-03-14 03:40 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 12:17 - 2014-03-14 03:40 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 11:54 - 2014-03-14 03:40 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 11:47 - 2014-03-14 03:40 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 11:42 - 2014-03-14 03:40 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 11:18 - 2014-03-14 03:40 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 11:14 - 2014-03-14 03:40 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 11:10 - 2014-03-14 03:40 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 11:03 - 2014-03-14 03:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 10:57 - 2014-03-14 03:40 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 10:54 - 2013-06-19 12:10 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Wings of Prey
2014-03-01 10:38 - 2014-03-14 03:40 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 10:32 - 2014-03-14 03:40 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 10:27 - 2014-03-14 03:40 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 10:25 - 2014-03-14 03:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 10:25 - 2014-03-14 03:40 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-28 22:19 - 2014-02-16 22:10 - 00000000 ____D () C:\Users\Pocholo\Desktop\CS130L
2014-02-27 22:06 - 2014-02-27 22:06 - 00000132 _____ () C:\Users\Pocholo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-26 09:30 - 2014-02-26 09:30 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{B958C4DE-452A-41A4-A385-D068C6A33215}
2014-02-26 09:30 - 2014-02-26 09:30 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{0203B655-25DA-44F7-97FB-7A0B18E0AAD3}
2014-02-24 00:03 - 2014-02-24 00:03 - 00000000 ____D () C:\Users\Pocholo\Desktop\New folder
2014-02-23 23:47 - 2014-02-23 23:47 - 00000000 ____D () C:\Users\Pocholo\Desktop\Project
2014-02-23 08:05 - 2014-02-23 07:47 - 00000000 ____D () C:\Users\Pocholo\Desktop\shexview-x64
2014-02-23 08:04 - 2014-01-31 00:15 - 00000000 ____D () C:\Users\Pocholo\Desktop\Env_x64
2014-02-23 07:46 - 2014-02-23 07:45 - 00096439 _____ () C:\Users\Pocholo\Desktop\shexview-x64.zip
2014-02-23 07:40 - 2014-02-23 07:40 - 00050029 _____ () C:\Users\Pocholo\Desktop\sfcdetails.txt
2014-02-23 07:09 - 2013-04-04 12:35 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-02-23 01:00 - 2013-11-18 16:12 - 00000000 ____D () C:\Games
2014-02-23 00:59 - 2014-02-23 00:58 - 09249192 _____ (Wargaming.net ) C:\Users\Pocholo\Desktop\WoT_internet_install_sea.exe
2014-02-22 20:16 - 2014-03-20 15:20 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-02-22 19:24 - 2014-03-20 15:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-02-22 13:02 - 2014-02-22 13:02 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\Ubisoft
2014-02-22 13:02 - 2014-02-22 13:02 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-02-22 12:36 - 2014-02-22 12:36 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-22 11:09 - 2014-02-22 11:09 - 00002138 _____ () C:\Users\Public\Desktop\Medieval II Total War.lnk
2014-02-22 10:49 - 2014-02-22 10:49 - 00000000 ____D () C:\Program Files (x86)\SEGA
2014-02-22 09:20 - 2014-01-25 09:39 - 00018452 _____ () C:\Users\Pocholo\Desktop\H U M A N I T I E S.txt
2014-02-20 11:51 - 2013-12-10 23:54 - 00000000 ____D () C:\Users\Pocholo\Desktop\bg
2014-02-19 22:37 - 2014-02-19 22:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\Users\Pocholo\AppData\Roaming\Microsoft Game Studios
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\Users\Pocholo\AppData\Local\Microsoft Game Studios
2014-02-19 22:36 - 2014-02-19 22:36 - 00000000 ____D () C:\ProgramData\Microsoft Games

Some content of TEMP:
====================
C:\Users\Pocholo\AppData\Local\Temp\Extract.exe
C:\Users\Pocholo\AppData\Local\Temp\SP63302.exe
C:\Users\Pocholo\AppData\Local\Temp\sp64126.exe
C:\Users\Pocholo\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Pocholo\AppData\Local\Temp\_is4EBA.exe
C:\Users\Pocholo\AppData\Local\Temp\_is97F6.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 03:40] - [2014-02-01 00:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02

 

LastRegBack: 2014-03-20 21:12

==================== End Of Log ============================

 

 

 

>>>The ADDITION

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Leyla at 2014-03-21 09:52:29
Running from C:\Users\Pocholo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Activision® (x32 Version: 1.0 - Activision) Hidden
Activision® (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Age of Empires II HD (HKLM-x32\...\Age of Empires II HD_is1) (Version: 2.8 - compiled by testncrash)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anomaly 2 (HKLM-x32\...\Anomaly 2_is1) (Version: 1.0.0.0 - 11 bit studios)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Battlefield 2™ (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version:  - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Blades of Time (HKLM-x32\...\Blades of Time_is1) (Version: 1.0.0.0 - Konami)
Blitzkrieg Anthology: BH - RT (HKLM-x32\...\BH - RT) (Version:  - )
Blitzkrieg Anthology: Blitzkrieg (HKLM-x32\...\Blitzkrieg) (Version:  - )
Blizkrieg II: Liberation (HKLM-x32\...\{79ABDCBE-BFF4-4722-850F-D858C10580CE}) (Version: 1.00 - <Publisher>)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® - World at War™ (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® - World at War™ (x32 Version: 1.0 - Activision) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Chivalry Medieval Warfare CU2P1.2 (HKLM-x32\...\Chivalry Medieval Warfare_is1) (Version:  - )
Combined Community Codec Pack 2013-05-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.05.30.0 - CCCP Project)
Command & Conquer™ Red Alert™ 3 Uprising (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - )
Content Manager Assistant for PlayStation® (HKLM-x32\...\{32C46540-7693-49E1-A81E-121B09C8303B}) (Version: 3.00.7187.47 - Sony Computer Entertainment Inc.)
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.5901 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4528 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.5.5811 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version:  - )
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.5.3 - )
DirectVobSub 2.41.7259 (5d3641a) Beta (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.7259 - MPC-HC Team)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: Dishonored - )
DREADOUT Demo (HKLM-x32\...\{AC1BFC52-016B-4F2A-8604-C9F1A0181F4C}_is1) (Version: 1.0.107 - DIGITAL HAPPINESS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Freemake Video Converter version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Gaming Mouse Driver (HKLM-x32\...\{2F9C99E1-A1D2-4ADB-AFA0-3A1ED9471811}) (Version:  - )
Globe Tattoo Broadband (HKLM-x32\...\Globe Tattoo Broadband) (Version: 23.009.11.01.158 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version:  - Microsoft Game Studios)
Halo 2 for Windows Vista (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Haunt 1.1 64bit (HKCU\...\Haunt 1.1 64bit) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HF pAppLoc version 1.0 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{92E8BC5B-6023-4846-8151-415351A4FAFF}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 8.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.1.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27025 - Realtek Semiconductor Corp.)
Rusty Hearts PWE (HKLM-x32\...\{417E8AF0-DAED-4807-82CD-0E4232EFA559}) (Version: 1.00.0000 - Perfect World Entertainment, Inc.)
Sid Meier's Civilization V (HKLM-x32\...\{76B7A6DB-87B1-4943-8E03-BCC49061E1B9}_is1) (Version:  - 2K Games)
Spider-Man™ - Shattered Dimensions (HKLM-x32\...\InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Syndicate (HKLM-x32\...\Syndicate_is1) (Version: 1.0.0.0 - EA Games)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.109 - KMP Media co., Ltd)
The Saboteur™ (HKLM-x32\...\{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}) (Version: 1.0.0.0 - Electronic Arts)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{83661BA0-9CAD-48C4-AF53-E420C729ACC0}) (Version: 15.0.1157 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
VOCALOID3 build 3.0.4.0 (HKLM-x32\...\VOCALOID3 build 3.0.4.0) (Version: build 3.0.4.0 - Voronov Nikolay)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.1.0.0 - Azureus Software, Inc.)
VY1V3 Vocaloid3 Library (HKLM-x32\...\VY1V3 Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)
War Thunder Launcher 1.0.1.267 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Warframe (HKLM-x32\...\{259538CF-28DE-4A33-811D-E044DE698A93}) (Version: 1.0.0 - Digital Extremes)
White Day (HKLM-x32\...\White Day) (Version:  - )
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Wings of Prey 1.0.3.2 (HKLM-x32\...\{bd8defa4-19fa-4964-9692-f1112d8a62d9}}_is1) (Version: 1.0.3.2 - Gaijin Entertainment, Corp.)
World in Conflict (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.0.0 - Massive Entertainment AB)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version:  - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812SEA}_is1) (Version:  - Wargaming.net)
xy-VSFilter 3.0.0.211 (64-bit) (HKLM\...\xy-VSFilter (64-bit)_is1) (Version: 3.0.0.211 - xy-VSFilter Team)
東方心綺楼 Ver1.33 (HKLM-x32\...\{B641E348-377C-4819-B92F-03F1D35A7EE3}_is1) (Version:  - 黄昏フロンティア)

==================== Restore Points  =========================

03-03-2014 04:15:15 Windows Defender Checkpoint
10-03-2014 13:36:01 Scheduled Checkpoint
14-03-2014 05:52:26 Windows Update
15-03-2014 07:52:10 Installed DirectX
19-03-2014 16:30:07 Windows Update

==================== Hosts content: ==========================

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0682BFCE-8CF5-4F20-9576-225AC3A27C6C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001UA => C:\Users\Pocholo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {070F2599-8BC5-4BE9-AB96-77E3A0AC4E1D} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F6B7B92-20A2-46B1-A9E3-B0823D010EF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {309F8CFA-C184-4D11-8409-36B79087BBD4} - System32\Tasks\HPCeeScheduleForLeyla => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {63E63C20-D589-4208-B726-48B84F08BE01} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B17C5F4-98A6-4BC5-9030-0EDB54B9756B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001Core => C:\Users\Pocholo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {7C04CE29-731D-421B-BD55-D344AF6C7D5D} - System32\Tasks\gg_uac_daemon_Leyla => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2013-07-10] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9B474191-0105-459A-9D07-8F8ECAF528E6} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {9C7B2310-DB3B-413B-B062-C463DAD63CF8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3665814049-2692689912-1343586199-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A919C822-93C5-4D0A-B61E-83EC08A4450C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {B69C0FDF-CBFB-4F12-BA59-9AD221E75A85} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C336F1BF-B0F3-43A0-AC67-E9662904E92C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-13] (CyberLink)
Task: {C46F7E4D-38A7-4113-82CA-2CDFFBF3D63D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CD90065F-E907-4C5E-AEFD-466816201863} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-20] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD70CB46-6B71-46FF-96C7-51EAEB086DF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EAA2707A-B704-4C63-9BD1-74F9C7D5535C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {ED07B82E-998B-4E7D-B16F-B167E1499F38} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-25] (Synaptics Incorporated)
Task: {F7CBAB57-F981-4480-99EE-FFD7436C206E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-azure.regen@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001Core.job => C:\Users\Pocholo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3665814049-2692689912-1343586199-1001UA.job => C:\Users\Pocholo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeyla.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-08-06 00:06 - 2012-11-12 13:59 - 00657504 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe
2011-03-14 23:27 - 2011-03-14 23:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-09-06 16:47 - 2012-09-06 16:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2012-10-13 09:22 - 2012-10-13 09:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-13 09:22 - 2012-10-13 09:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-13 09:22 - 2012-10-13 09:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-12-15 05:27 - 2013-07-10 03:54 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2013-02-07 09:19 - 2013-02-07 09:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2014-02-27 20:53 - 2014-02-27 20:53 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-15 23:01 - 2013-12-02 18:15 - 00495616 _____ () C:\Program Files (x86)\Gaming Mouse\Monitor.exe
2012-08-10 16:36 - 2012-08-10 16:36 - 00255336 _____ () C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
2013-08-06 00:06 - 2013-08-06 00:05 - 00011362 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\mingwm10.dll
2013-08-06 00:06 - 2013-08-06 00:05 - 00043008 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2013-08-06 00:06 - 2012-10-31 17:11 - 02417152 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtCore4.dll
2013-08-06 00:06 - 2012-10-31 17:14 - 01148416 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtNetwork4.dll
2013-08-06 00:06 - 2012-11-12 11:48 - 00843264 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QueryStrategy.dll
2013-08-06 00:06 - 2012-10-31 17:11 - 00398336 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtXml4.dll
2013-04-04 12:24 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-02-07 09:19 - 2013-02-07 09:19 - 00019240 _____ () C:\Program Files (x86)\HP SimplePass\DownloadManager.dll
2013-12-15 05:27 - 2013-08-23 01:10 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2014-02-15 23:01 - 2013-11-29 15:11 - 00057344 _____ () C:\Program Files (x86)\Gaming Mouse\lan.dll
2014-02-15 23:01 - 2013-11-01 12:57 - 00049152 _____ () C:\Program Files (x86)\Gaming Mouse\hiddriver.dll
2013-06-27 08:41 - 2012-06-08 11:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2014 10:20:28 PM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (03/20/2014 08:39:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x7f4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (03/20/2014 07:52:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: BsHelpCSps.dll, version: 1.0.0.0, time stamp: 0x50599864
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x7c0
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (03/20/2014 04:47:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: bsp.exe, version: 1.0.0.0, time stamp: 0x49d24917
Faulting module name: Wpc.dll_unloaded, version: 6.3.9600.16384, time stamp: 0x52157f36
Exception code: 0xc0000005
Fault offset: 0x0006803c
Faulting process id: 0x2478
Faulting application start time: 0xbsp.exe0
Faulting application path: bsp.exe1
Faulting module path: bsp.exe2
Report Id: bsp.exe3
Faulting package full name: bsp.exe4
Faulting package-relative application ID: bsp.exe5

Error: (03/20/2014 03:23:22 PM) (Source: Microsoft-Windows-RestartManager) (User: M6-EISEN-REGEN)
Description: Application or service 'Movie Maker' could not be shut down.

Error: (03/20/2014 03:17:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x3fec
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (03/20/2014 03:15:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x3b64
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (03/20/2014 03:14:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x3ed4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5

Error: (03/20/2014 01:55:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: M6-EISEN-REGEN)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/20/2014 01:54:56 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

System errors:
=============
Error: (03/21/2014 09:41:05 AM) (Source: ipnathlp) (User: )
Description: 192.168.254.100192.168.137.0255.255.255.0

Error: (03/21/2014 09:41:05 AM) (Source: ipnathlp) (User: )
Description:

Error: (03/20/2014 08:39:15 PM) (Source: ipnathlp) (User: )
Description: 192.168.254.100192.168.137.0255.255.255.0

Error: (03/20/2014 08:39:15 PM) (Source: ipnathlp) (User: )
Description:

Error: (03/20/2014 08:39:15 PM) (Source: ipnathlp) (User: )
Description:

Error: (03/20/2014 08:39:15 PM) (Source: ipnathlp) (User: )
Description:

Error: (03/20/2014 08:39:13 PM) (Source: Service Control Manager) (User: )
Description: The BlueSoleilCS service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/20/2014 08:38:55 PM) (Source: Service Control Manager) (User: )
Description: The Globe Tattoo Broadband. OUC service failed to start due to the following error:
%%1053

Error: (03/20/2014 08:38:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Globe Tattoo Broadband. OUC service to connect.

Error: (03/20/2014 07:52:48 PM) (Source: ipnathlp) (User: )
Description: 192.168.254.100192.168.137.0255.255.255.0

Microsoft Office Sessions:
=========================
Error: (03/20/2014 10:20:28 PM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d

Error: (03/20/2014 08:39:05 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll_unloaded0.0.0.0505fc6a9c00000940000d53d7f401cf443953932c74C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll9f40f27d-b02c-11e3-befb-b8763f39aa31

Error: (03/20/2014 07:52:23 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe9.0.723.05062b290BsHelpCSps.dll1.0.0.050599864c00000940000d53d7c001cf4432ce260049C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Windows\SYSTEM32\BsHelpCSps.dll18d43eba-b026-11e3-befa-b8763f39aa31

Error: (03/20/2014 04:47:05 PM) (Source: Application Error)(User: )
Description: bsp.exe1.0.0.049d24917Wpc.dll_unloaded6.3.9600.1638452157f36c00000050006803c247801cf4418f72ebb82C:\Program Files (x86)\Battlestations Pacific\bsp.exeWpc.dll364fa3ac-b00c-11e3-bef9-6c3be589b280

Error: (03/20/2014 03:23:22 PM) (Source: Microsoft-Windows-RestartManager)(User: M6-EISEN-REGEN)
Description: 11C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exeMovie Maker011117157880

Error: (03/20/2014 03:17:27 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll0.0.0.0505fc6a9c00000940000d53d3fec01cf440c6e50e374C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dllb04e91c7-afff-11e3-bef9-6c3be589b280

Error: (03/20/2014 03:15:16 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll0.0.0.0505fc6a9c00000940000d53d3b6401cf440c2054e32fC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll6256c171-afff-11e3-bef9-6c3be589b280

Error: (03/20/2014 03:14:06 PM) (Source: Application Error)(User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll0.0.0.0505fc6a9c00000940000d53d3ed401cf440bf4aacb53C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll38fbe24a-afff-11e3-bef9-6c3be589b280

Error: (03/20/2014 01:55:16 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: M6-EISEN-REGEN)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (03/20/2014 01:54:56 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

CodeIntegrity Errors:
===================================
  Date: 2014-03-21 09:51:27.362
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-21 09:51:27.275
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-17 19:59:12.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-03-17 19:59:12.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-05 19:48:36.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pocholo\Desktop\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-11-05 19:47:50.247
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pocholo\Desktop\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8088.27 MB
Available physical RAM: 5942.18 MB
Total Pagefile: 25223.38 MB
Available Pagefile: 22905.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:903.08 GB) (Free:476.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:27.32 GB) (Free:3.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2F5252C3)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 falrecon

falrecon
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 20 March 2014 - 09:12 PM

10:06:09.0456 0x17dc  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
10:06:09.0456 0x17dc  UEFI system
10:06:30.0701 0x17dc  ============================================================
10:06:30.0701 0x17dc  Current date / time: 2014/03/21 10:06:30.0701
10:06:30.0701 0x17dc  SystemInfo:
10:06:30.0701 0x17dc 
10:06:30.0701 0x17dc  OS Version: 6.3.9600 ServicePack: 0.0
10:06:30.0701 0x17dc  Product type: Workstation
10:06:30.0701 0x17dc  ComputerName: M6-EISEN-REGEN
10:06:30.0702 0x17dc  UserName: Leyla
10:06:30.0702 0x17dc  Windows directory: C:\WINDOWS
10:06:30.0702 0x17dc  System windows directory: C:\WINDOWS
10:06:30.0702 0x17dc  Running under WOW64
10:06:30.0702 0x17dc  Processor architecture: Intel x64
10:06:30.0702 0x17dc  Number of processors: 8
10:06:30.0702 0x17dc  Page size: 0x1000
10:06:30.0702 0x17dc  Boot type: Normal boot
10:06:30.0702 0x17dc  ============================================================
10:06:31.0356 0x17dc  KLMD registered as C:\WINDOWS\system32\drivers\19532764.sys
10:06:31.0677 0x17dc  System UUID: {26463650-7EE8-4273-F760-ACAD7E550F4C}
10:06:33.0261 0x17dc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:06:33.0268 0x17dc  ============================================================
10:06:33.0268 0x17dc  \Device\Harddisk0\DR0:
10:06:33.0269 0x17dc  GPT partitions:
10:06:33.0269 0x17dc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {30F11AED-2CCD-4A98-90B4-6367E93F7BC5}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
10:06:33.0269 0x17dc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {64960674-1F0E-4E7F-A2DD-3249AFD22C1C}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
10:06:33.0269 0x17dc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1AD4CFE3-2CB5-43A2-A25C-7374C7000A24}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
10:06:33.0269 0x17dc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7CDFFBF5-6427-4E40-BEF9-B009B9C8E6EE}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x70E27000
10:06:33.0269 0x17dc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8B123DC1-BFDA-4A82-BF2A-165947D24A3B}, Name: , StartLBA 0x70FB1800, BlocksNum 0xAF000
10:06:33.0270 0x17dc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F0F6C439-FE6D-447F-9E95-B3D347129F98}, Name: Basic data partition, StartLBA 0x71060800, BlocksNum 0x36A3800
10:06:33.0270 0x17dc  MBR partitions:
10:06:33.0270 0x17dc  ============================================================
10:06:33.0306 0x17dc  C: <-> \Device\Harddisk0\DR0\Partition4
10:06:33.0348 0x17dc  D: <-> \Device\Harddisk0\DR0\Partition6
10:06:33.0348 0x17dc  ============================================================
10:06:33.0348 0x17dc  Initialize success
10:06:33.0348 0x17dc  ============================================================
10:06:37.0032 0x21a8  ============================================================
10:06:37.0032 0x21a8  Scan started
10:06:37.0032 0x21a8  Mode: Manual;
10:06:37.0032 0x21a8  ============================================================
10:06:37.0032 0x21a8  KSN ping started
10:06:40.0063 0x21a8  KSN ping finished: true
10:06:40.0414 0x21a8  ================ Scan system memory ========================
10:06:40.0414 0x21a8  System memory - ok
10:06:40.0416 0x21a8  ================ Scan services =============================
10:06:40.0639 0x21a8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:06:40.0647 0x21a8  1394ohci - ok
10:06:40.0675 0x21a8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
10:06:40.0679 0x21a8  3ware - ok
10:06:40.0733 0x21a8  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
10:06:40.0735 0x21a8  Accelerometer - ok
10:06:40.0805 0x21a8  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:06:40.0823 0x21a8  ACPI - ok
10:06:40.0865 0x21a8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:06:40.0868 0x21a8  acpiex - ok
10:06:40.0886 0x21a8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:06:40.0887 0x21a8  acpipagr - ok
10:06:40.0904 0x21a8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
10:06:40.0905 0x21a8  AcpiPmi - ok
10:06:40.0919 0x21a8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:06:40.0920 0x21a8  acpitime - ok
10:06:40.0988 0x21a8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:06:41.0014 0x21a8  ADP80XX - ok
10:06:41.0055 0x21a8  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
10:06:41.0063 0x21a8  AeLookupSvc - ok
10:06:41.0098 0x21a8  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
10:06:41.0117 0x21a8  AFD - ok
10:06:41.0156 0x21a8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
10:06:41.0159 0x21a8  agp440 - ok
10:06:41.0195 0x21a8  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:06:41.0198 0x21a8  ahcache - ok
10:06:41.0239 0x21a8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
10:06:41.0242 0x21a8  ALG - ok
10:06:41.0293 0x21a8  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:06:41.0302 0x21a8  AMD External Events Utility - ok
10:06:41.0321 0x21a8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
10:06:41.0325 0x21a8  AmdK8 - ok
10:06:41.0909 0x21a8  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
10:06:42.0347 0x21a8  amdkmdag - ok
10:06:42.0439 0x21a8  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
10:06:42.0460 0x21a8  amdkmdap - ok
10:06:42.0494 0x21a8  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
10:06:42.0496 0x21a8  amdkmpfd - ok
10:06:42.0519 0x21a8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:06:42.0523 0x21a8  AmdPPM - ok
10:06:42.0563 0x21a8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
10:06:42.0566 0x21a8  amdsata - ok
10:06:42.0595 0x21a8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:06:42.0604 0x21a8  amdsbs - ok
10:06:42.0627 0x21a8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
10:06:42.0629 0x21a8  amdxata - ok
10:06:42.0694 0x21a8  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
10:06:42.0697 0x21a8  AppHostSvc - ok
10:06:42.0716 0x21a8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
10:06:42.0720 0x21a8  AppID - ok
10:06:42.0754 0x21a8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:06:42.0756 0x21a8  AppIDSvc - ok
10:06:42.0781 0x21a8  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
10:06:42.0785 0x21a8  Appinfo - ok
10:06:42.0826 0x21a8  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:06:42.0844 0x21a8  AppReadiness - ok
10:06:42.0943 0x21a8  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
10:06:42.0987 0x21a8  AppXSvc - ok
10:06:43.0011 0x21a8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:06:43.0015 0x21a8  arcsas - ok
10:06:43.0140 0x21a8  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:06:43.0142 0x21a8  aspnet_state - ok
10:06:43.0162 0x21a8  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:06:43.0164 0x21a8  AsyncMac - ok
10:06:43.0206 0x21a8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
10:06:43.0208 0x21a8  atapi - ok
10:06:43.0266 0x21a8  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:06:43.0273 0x21a8  AudioEndpointBuilder - ok
10:06:43.0342 0x21a8  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:06:43.0370 0x21a8  Audiosrv - ok
10:06:43.0416 0x21a8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:06:43.0420 0x21a8  AxInstSV - ok
10:06:43.0484 0x21a8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
10:06:43.0502 0x21a8  b06bdrv - ok
10:06:43.0521 0x21a8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:06:43.0524 0x21a8  BasicDisplay - ok
10:06:43.0545 0x21a8  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
10:06:43.0547 0x21a8  BasicRender - ok
10:06:43.0591 0x21a8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:06:43.0592 0x21a8  bcmfn2 - ok
10:06:43.0648 0x21a8  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:06:43.0660 0x21a8  BDESVC - ok
10:06:43.0708 0x21a8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:06:43.0709 0x21a8  Beep - ok
10:06:43.0781 0x21a8  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
10:06:43.0812 0x21a8  BFE - ok
10:06:43.0893 0x21a8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
10:06:43.0931 0x21a8  BITS - ok
10:06:44.0097 0x21a8  [ 00EAE93627CCB2BC07795A3087916A5D, 64018AF7A7277EB114BFBCE14A81479D7EBADD35497CB07D5BD4FEAA279640AB ] BlueSoleilCS    C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
10:06:44.0152 0x21a8  BlueSoleilCS - ok
10:06:44.0241 0x21a8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:06:44.0257 0x21a8  Bonjour Service - ok
10:06:44.0275 0x21a8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:06:44.0279 0x21a8  bowser - ok
10:06:44.0322 0x21a8  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:06:44.0331 0x21a8  BrokerInfrastructure - ok
10:06:44.0369 0x21a8  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
10:06:44.0374 0x21a8  Browser - ok
10:06:44.0408 0x21a8  [ 3D8A3CC74E86F8D61D418D74A0194E5F, 35E6859B4673951DEBA25C7BB52D99F1D104DCE49E319C363F5CBB9D69A06FA2 ] BsHelpCS        C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
10:06:44.0414 0x21a8  BsHelpCS - ok
10:06:44.0467 0x21a8  [ 34AAF6FD68B8403E76F0D08A8C1C1DA3, 2255F88C04E89AA80231B67287D81271DC226007F01CFCB55EB1EBF640C6FCF5 ] BtAudioBusSrv   C:\WINDOWS\System32\Drivers\BtAudioBus.sys
10:06:44.0469 0x21a8  BtAudioBusSrv - ok
10:06:44.0511 0x21a8  [ 8F7A6409A76914E203423A384A4E1C11, 567D1B456F6457C2D2612D048B7E59C41504565E67BB7F349530249274BF3C3B ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
10:06:44.0516 0x21a8  BthA2DP - ok
10:06:44.0534 0x21a8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:06:44.0536 0x21a8  BthAvrcpTg - ok
10:06:44.0558 0x21a8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:06:44.0561 0x21a8  BthEnum - ok
10:06:44.0575 0x21a8  [ E4A1863A32606C95F993345F1D28C86C, 3BED422D932A22F0CB923FE7FFDA0A8EC6E01AD1FB8F616F39E016A19221AD6F ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
10:06:44.0577 0x21a8  BthHFAud - ok
10:06:44.0601 0x21a8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
10:06:44.0603 0x21a8  BthHFEnum - ok
10:06:44.0623 0x21a8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:06:44.0625 0x21a8  bthhfhid - ok
10:06:44.0681 0x21a8  [ 52AB4FA794AE775BDAF63BBF28ADE65D, DB8C9DA9A2F7E96110C793A35AC7CFA8E324173DAEDEFCC700A9652E389D46FE ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
10:06:44.0693 0x21a8  BthHFSrv - ok
10:06:44.0723 0x21a8  [ 9C09D5F1257F1748A4EAB0E8584FAF61, 2BD1109682AD5DC2AA6BABFB4759162BD160CDB2D6632FD28B4D942798936631 ] BthL2caScoIfSrv C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys
10:06:44.0725 0x21a8  BthL2caScoIfSrv - ok
10:06:44.0777 0x21a8  [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
10:06:44.0785 0x21a8  BthLEEnum - ok
10:06:44.0818 0x21a8  [ 8E601CA574B33308F3C95C89B75F0EED, BE2B3EB9F2E62E9DD070E7CC0BCB9F7A594E3BA5A12E53FFA502BFA210800008 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:06:44.0820 0x21a8  BTHMODEM - ok
10:06:44.0840 0x21a8  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:06:44.0844 0x21a8  BthPan - ok
10:06:44.0948 0x21a8  [ 10EDF9E0838BA4578FFFFF274632D454, 7719C161A3A05DF62124177A8EC97800DFE855D2B738C443F1B44E8643A4CF44 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
10:06:44.0990 0x21a8  BTHPORT - ok
10:06:45.0030 0x21a8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
10:06:45.0034 0x21a8  bthserv - ok
10:06:45.0068 0x21a8  [ 7CE47096397B38975D02FB5358248C8E, 4AEB11B1328355B33B2BCF8630107E1391D82E99216AEDEE58FD49A86FBE6ACF ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
10:06:45.0071 0x21a8  BTHUSB - ok
10:06:45.0087 0x21a8  [ 84E24744627E1547B02699D1DAE4BF0E, AD740C7B7309D54C923E08C49526D3260DF2F23CDB0B2EE95942AB45D03DF147 ] btUrbFilterDrv  C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys
10:06:45.0089 0x21a8  btUrbFilterDrv - ok
10:06:45.0112 0x21a8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:06:45.0115 0x21a8  cdfs - ok
10:06:45.0154 0x21a8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
10:06:45.0160 0x21a8  cdrom - ok
10:06:45.0214 0x21a8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
10:06:45.0220 0x21a8  CertPropSvc - ok
10:06:45.0266 0x21a8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:06:45.0268 0x21a8  circlass - ok
10:06:45.0297 0x21a8  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:06:45.0309 0x21a8  CLFS - ok
10:06:45.0366 0x21a8  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
10:06:45.0370 0x21a8  CLVirtualDrive - ok
10:06:45.0384 0x21a8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:06:45.0386 0x21a8  CmBatt - ok
10:06:45.0446 0x21a8  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
10:06:45.0465 0x21a8  CNG - ok
10:06:45.0491 0x21a8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
10:06:45.0493 0x21a8  CompositeBus - ok
10:06:45.0500 0x21a8  COMSysApp - ok
10:06:45.0518 0x21a8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:06:45.0520 0x21a8  condrv - ok
10:06:45.0625 0x21a8  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
10:06:45.0636 0x21a8  cphs - ok
10:06:45.0686 0x21a8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:06:45.0691 0x21a8  CryptSvc - ok
10:06:45.0711 0x21a8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
10:06:45.0714 0x21a8  dam - ok
10:06:45.0779 0x21a8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:06:45.0807 0x21a8  DcomLaunch - ok
10:06:45.0860 0x21a8  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
10:06:45.0875 0x21a8  defragsvc - ok
10:06:45.0924 0x21a8  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:06:45.0939 0x21a8  DeviceAssociationService - ok
10:06:45.0998 0x21a8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
10:06:46.0005 0x21a8  DeviceInstall - ok
10:06:46.0039 0x21a8  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:06:46.0044 0x21a8  Dfsc - ok
10:06:46.0100 0x21a8  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:06:46.0113 0x21a8  Dhcp - ok
10:06:46.0138 0x21a8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
10:06:46.0142 0x21a8  disk - ok
10:06:46.0198 0x21a8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
10:06:46.0199 0x21a8  dmvsc - ok
10:06:46.0237 0x21a8  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:06:46.0247 0x21a8  Dnscache - ok
10:06:46.0302 0x21a8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:06:46.0312 0x21a8  dot3svc - ok
10:06:46.0339 0x21a8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
10:06:46.0346 0x21a8  DPS - ok
10:06:46.0364 0x21a8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:06:46.0365 0x21a8  drmkaud - ok
10:06:46.0406 0x21a8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:06:46.0413 0x21a8  DsmSvc - ok
10:06:46.0511 0x21a8  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:06:46.0562 0x21a8  DXGKrnl - ok
10:06:46.0607 0x21a8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
10:06:46.0612 0x21a8  Eaphost - ok
10:06:46.0788 0x21a8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
10:06:46.0913 0x21a8  ebdrv - ok
10:06:46.0955 0x21a8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
10:06:46.0959 0x21a8  EFS - ok
10:06:47.0005 0x21a8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
10:06:47.0008 0x21a8  EhStorClass - ok
10:06:47.0029 0x21a8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:06:47.0033 0x21a8  EhStorTcgDrv - ok
10:06:47.0057 0x21a8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:06:47.0058 0x21a8  ErrDev - ok
10:06:47.0126 0x21a8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
10:06:47.0142 0x21a8  EventSystem - ok
10:06:47.0168 0x21a8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
10:06:47.0172 0x21a8  ew_hwusbdev - ok
10:06:47.0193 0x21a8  [ 5222D99C7E3245882E864D2EA7011387, 184E36074C765243783F69B7073FB2FAFC53BB18209ECD5030514CC513A47C8B ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
10:06:47.0194 0x21a8  ew_usbenumfilter - ok
10:06:47.0223 0x21a8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
10:06:47.0230 0x21a8  exfat - ok
10:06:47.0281 0x21a8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
10:06:47.0288 0x21a8  fastfat - ok
10:06:47.0374 0x21a8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:06:47.0397 0x21a8  Fax - ok
10:06:47.0413 0x21a8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
10:06:47.0414 0x21a8  fdc - ok
10:06:47.0456 0x21a8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
10:06:47.0458 0x21a8  fdPHost - ok
10:06:47.0492 0x21a8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:06:47.0495 0x21a8  FDResPub - ok
10:06:47.0515 0x21a8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
10:06:47.0520 0x21a8  fhsvc - ok
10:06:47.0558 0x21a8  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:06:47.0561 0x21a8  FileInfo - ok
10:06:47.0572 0x21a8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
10:06:47.0574 0x21a8  Filetrace - ok
10:06:47.0597 0x21a8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:06:47.0598 0x21a8  flpydisk - ok
10:06:47.0632 0x21a8  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:06:47.0648 0x21a8  FltMgr - ok
10:06:47.0745 0x21a8  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
10:06:47.0792 0x21a8  FontCache - ok
10:06:47.0914 0x21a8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:47.0916 0x21a8  FontCache3.0.0.0 - ok
10:06:48.0070 0x21a8  [ 3A5C8F2F3500833F614BB509A1270971, 8B48B9F7C194831FA003B7ABD34BA7ECB05417338A3CADDBAAB8BB58ADBDC396 ] FPLService      C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
10:06:48.0124 0x21a8  FPLService - ok
10:06:48.0202 0x21a8  [ 3CFED0CB6D12B5B0760A4842F742D766, F3BB237FE6522B2B1989102F32B4918A45D9FF5E7F2C98377B5DBDC395535929 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
10:06:48.0206 0x21a8  Freemake Improver - ok
10:06:48.0247 0x21a8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
10:06:48.0251 0x21a8  FsDepends - ok
10:06:48.0274 0x21a8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:06:48.0275 0x21a8  Fs_Rec - ok
10:06:48.0336 0x21a8  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:06:48.0355 0x21a8  fvevol - ok
10:06:48.0390 0x21a8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
10:06:48.0392 0x21a8  FxPPM - ok
10:06:48.0413 0x21a8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
10:06:48.0416 0x21a8  gagp30kx - ok
10:06:48.0448 0x21a8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:06:48.0449 0x21a8  gencounter - ok
10:06:48.0546 0x21a8  [ 0191F314838056CF1A5A7BDE4346812F, BCECC6944FF3CE2793107443259F242FAE894A814688685E3056709CFE1B7AA7 ] Globe Tattoo Broadband. RunOuc C:\Program Files (x86)\Globe Tattoo Broadband\UpdateDog\ouc.exe
10:06:48.0568 0x21a8  Globe Tattoo Broadband. RunOuc - ok
10:06:48.0609 0x21a8  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:06:48.0615 0x21a8  GPIOClx0101 - ok
10:06:48.0701 0x21a8  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
10:06:48.0746 0x21a8  gpsvc - ok
10:06:48.0792 0x21a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:48.0796 0x21a8  gupdate - ok
10:06:48.0807 0x21a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:48.0812 0x21a8  gupdatem - ok
10:06:48.0851 0x21a8  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:06:48.0854 0x21a8  HDAudBus - ok
10:06:48.0868 0x21a8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
10:06:48.0870 0x21a8  HidBatt - ok
10:06:48.0913 0x21a8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:06:48.0917 0x21a8  HidBth - ok
10:06:48.0933 0x21a8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:06:48.0935 0x21a8  hidi2c - ok
10:06:48.0958 0x21a8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
10:06:48.0960 0x21a8  HidIr - ok
10:06:48.0992 0x21a8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
10:06:48.0995 0x21a8  hidserv - ok
10:06:49.0037 0x21a8  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:06:49.0039 0x21a8  HidUsb - ok
10:06:49.0120 0x21a8  [ 40D4080D722AE8E163FAE3508DC692A2, A2331085EF20B83C01F04D58952728C2E1D1F3BF0A303DBD1588293C90D3E9CF ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
10:06:49.0121 0x21a8  HiPatchService - ok
10:06:49.0174 0x21a8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
10:06:49.0179 0x21a8  hkmsvc - ok
10:06:49.0217 0x21a8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:06:49.0227 0x21a8  HomeGroupListener - ok
10:06:49.0283 0x21a8  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:06:49.0299 0x21a8  HomeGroupProvider - ok
10:06:49.0390 0x21a8  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:06:49.0394 0x21a8  HP Support Assistant Service - ok
10:06:49.0429 0x21a8  [ 4F88FA114D15504E1B17978A8DA4165E, FB3876525BC82B20D1CD159F1DC2CCBA63CAAA755A97E5C97089B09DEA6DD790 ] HPConnectedRemote C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
10:06:49.0431 0x21a8  HPConnectedRemote - ok
10:06:49.0491 0x21a8  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
10:06:49.0493 0x21a8  hpdskflt - ok
10:06:49.0588 0x21a8  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:06:49.0626 0x21a8  hpqwmiex - ok
10:06:49.0672 0x21a8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:06:49.0675 0x21a8  HpSAMD - ok
10:06:49.0696 0x21a8  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
10:06:49.0698 0x21a8  hpsrv - ok
10:06:49.0761 0x21a8  [ 974A1F783ED34588B45FAD6375077BA6, 03AA0664E3C5A6CE0CA9BCE4EDB0FC11F70A6E3DD15124BDA5E2E659879230FF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
10:06:49.0763 0x21a8  HPSupportSolutionsFrameworkService - ok
10:06:49.0800 0x21a8  [ 3C5B2067338E4EFDADE94E4A72728F23, 72E21FA1E660F9405A5E39B0F89AB21C60F20BAC13247567EF7139AC130F1897 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:06:49.0802 0x21a8  HPWMISVC - ok
10:06:49.0862 0x21a8  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:06:49.0895 0x21a8  HTTP - ok
10:06:49.0928 0x21a8  [ 4205571B46BAF3A43D43A9804810DF9A, 65F971AD054810113EE5057E3B4FFF611BBE299671C8017E6E5B0F16FC4D58AE ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
10:06:49.0932 0x21a8  huawei_cdcacm - ok
10:06:49.0978 0x21a8  [ F6C1661C55EAAD2DD9FBB37D5DF1A011, 8511A28F6FAECCBB86342B9490158C2E1031B6161DAD702D0DC2991366DB28DA ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
10:06:49.0982 0x21a8  huawei_enumerator - ok
10:06:49.0996 0x21a8  [ F7D991E5EA0433DBAEEE186CAD2BEBC9, D051ECAABFEBFCBBA548964DCCDD29DD996814AF4B01AE11B244584BD0FBD82B ] huawei_ext_ctrl C:\WINDOWS\System32\drivers\ew_juextctrl.sys
10:06:49.0998 0x21a8  huawei_ext_ctrl - ok
10:06:50.0028 0x21a8  [ 69CEACB169069B17A9383A734FF0BE1D, 3D3872008924126F620AADD6D50068C6E1E218C5FF0F0AAB2D4117DA6961361A ] huawei_wwanecm  C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys
10:06:50.0036 0x21a8  huawei_wwanecm - ok
10:06:50.0114 0x21a8  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
10:06:50.0126 0x21a8  HWDeviceService64.exe - ok
10:06:50.0160 0x21a8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:06:50.0161 0x21a8  hwpolicy - ok
10:06:50.0187 0x21a8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:06:50.0188 0x21a8  hyperkbd - ok
10:06:50.0226 0x21a8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
10:06:50.0228 0x21a8  HyperVideo - ok
10:06:50.0252 0x21a8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:06:50.0256 0x21a8  i8042prt - ok
10:06:50.0273 0x21a8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:06:50.0274 0x21a8  iaLPSSi_GPIO - ok
10:06:50.0300 0x21a8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:06:50.0304 0x21a8  iaLPSSi_I2C - ok
10:06:50.0362 0x21a8  [ 60F6526DB3297C7324957EF3143F88FF, F0D4AF7E66CD42793C5137B4F5E66AFCE13253C3FF8D397921EA23CD04D49763 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
10:06:50.0384 0x21a8  iaStorA - ok
10:06:50.0458 0x21a8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:06:50.0481 0x21a8  iaStorAV - ok
10:06:50.0598 0x21a8  [ 9D7AFC77C928460336642D6EFDB5BDEA, 9CF555B94A21D7A518B9228B6BE86679200FEC4219156D7D2183CDC906BA4548 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:06:50.0599 0x21a8  IAStorDataMgrSvc - ok
10:06:50.0630 0x21a8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
10:06:50.0644 0x21a8  iaStorV - ok
10:06:50.0651 0x21a8  IEEtwCollectorService - ok
10:06:50.0870 0x21a8  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:06:51.0010 0x21a8  igfx - ok
10:06:51.0098 0x21a8  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:06:51.0136 0x21a8  IKEEXT - ok
10:06:51.0186 0x21a8  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
10:06:51.0188 0x21a8  intaud_WaveExtensible - ok
10:06:51.0238 0x21a8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:06:51.0250 0x21a8  IntcDAud - ok
10:06:51.0320 0x21a8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:06:51.0341 0x21a8  Intel® Capability Licensing Service Interface - ok
10:06:51.0386 0x21a8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:06:51.0388 0x21a8  intelide - ok
10:06:51.0423 0x21a8  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:06:51.0425 0x21a8  intelpep - ok
10:06:51.0446 0x21a8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:06:51.0450 0x21a8  intelppm - ok
10:06:51.0468 0x21a8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:06:51.0471 0x21a8  IpFilterDriver - ok
10:06:51.0541 0x21a8  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:06:51.0572 0x21a8  iphlpsvc - ok
10:06:51.0628 0x21a8  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:06:51.0632 0x21a8  IPMIDRV - ok
10:06:51.0666 0x21a8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
10:06:51.0671 0x21a8  IPNAT - ok
10:06:51.0703 0x21a8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:06:51.0704 0x21a8  IRENUM - ok
10:06:51.0720 0x21a8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:06:51.0721 0x21a8  isapnp - ok
10:06:51.0778 0x21a8  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:06:51.0787 0x21a8  iScsiPrt - ok
10:06:51.0821 0x21a8  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
10:06:51.0822 0x21a8  iwdbus - ok
10:06:51.0923 0x21a8  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
10:06:51.0929 0x21a8  jhi_service - ok
10:06:51.0971 0x21a8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:06:51.0973 0x21a8  kbdclass - ok
10:06:51.0995 0x21a8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:06:51.0997 0x21a8  kbdhid - ok
10:06:52.0012 0x21a8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
10:06:52.0013 0x21a8  kdnic - ok
10:06:52.0033 0x21a8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:06:52.0037 0x21a8  KeyIso - ok
10:06:52.0073 0x21a8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:06:52.0077 0x21a8  KSecDD - ok
10:06:52.0106 0x21a8  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:06:52.0113 0x21a8  KSecPkg - ok
10:06:52.0133 0x21a8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
10:06:52.0135 0x21a8  ksthunk - ok
10:06:52.0181 0x21a8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
10:06:52.0196 0x21a8  KtmRm - ok
10:06:52.0242 0x21a8  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:06:52.0256 0x21a8  LanmanServer - ok
10:06:52.0278 0x21a8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:06:52.0290 0x21a8  LanmanWorkstation - ok
10:06:52.0355 0x21a8  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
10:06:52.0374 0x21a8  lfsvc - ok
10:06:52.0421 0x21a8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
10:06:52.0423 0x21a8  lltdio - ok
10:06:52.0465 0x21a8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
10:06:52.0476 0x21a8  lltdsvc - ok
10:06:52.0520 0x21a8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
10:06:52.0523 0x21a8  lmhosts - ok
10:06:52.0577 0x21a8  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:06:52.0587 0x21a8  LMS - ok
10:06:52.0632 0x21a8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
10:06:52.0636 0x21a8  LSI_SAS - ok
10:06:52.0652 0x21a8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
10:06:52.0655 0x21a8  LSI_SAS2 - ok
10:06:52.0674 0x21a8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
10:06:52.0677 0x21a8  LSI_SAS3 - ok
10:06:52.0698 0x21a8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
10:06:52.0702 0x21a8  LSI_SSS - ok
10:06:52.0766 0x21a8  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
10:06:52.0792 0x21a8  LSM - ok
10:06:52.0811 0x21a8  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
10:06:52.0815 0x21a8  luafv - ok
10:06:52.0850 0x21a8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
10:06:52.0853 0x21a8  megasas - ok
10:06:52.0898 0x21a8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:06:52.0917 0x21a8  megasr - ok
10:06:52.0960 0x21a8  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
10:06:52.0963 0x21a8  MEIx64 - ok
10:06:53.0008 0x21a8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
10:06:53.0012 0x21a8  MMCSS - ok
10:06:53.0055 0x21a8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
10:06:53.0057 0x21a8  Modem - ok
10:06:53.0078 0x21a8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
10:06:53.0080 0x21a8  monitor - ok
10:06:53.0099 0x21a8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:06:53.0102 0x21a8  mouclass - ok
10:06:53.0141 0x21a8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:06:53.0142 0x21a8  mouhid - ok
10:06:53.0158 0x21a8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:06:53.0162 0x21a8  mountmgr - ok
10:06:53.0185 0x21a8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:06:53.0188 0x21a8  mpsdrv - ok
10:06:53.0269 0x21a8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:06:53.0300 0x21a8  MpsSvc - ok
10:06:53.0345 0x21a8  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:06:53.0350 0x21a8  MRxDAV - ok
10:06:53.0396 0x21a8  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:06:53.0410 0x21a8  mrxsmb - ok
10:06:53.0435 0x21a8  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:06:53.0445 0x21a8  mrxsmb10 - ok
10:06:53.0474 0x21a8  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:06:53.0481 0x21a8  mrxsmb20 - ok
10:06:53.0524 0x21a8  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
10:06:53.0528 0x21a8  MsBridge - ok
10:06:53.0567 0x21a8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:06:53.0575 0x21a8  MSDTC - ok
10:06:53.0600 0x21a8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:06:53.0602 0x21a8  Msfs - ok
10:06:53.0625 0x21a8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:06:53.0627 0x21a8  msgpiowin32 - ok
10:06:53.0643 0x21a8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:06:53.0644 0x21a8  mshidkmdf - ok
10:06:53.0655 0x21a8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
10:06:53.0657 0x21a8  mshidumdf - ok
10:06:53.0681 0x21a8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:06:53.0682 0x21a8  msisadrv - ok
10:06:53.0722 0x21a8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
10:06:53.0729 0x21a8  MSiSCSI - ok
10:06:53.0736 0x21a8  msiserver - ok
10:06:53.0756 0x21a8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:06:53.0757 0x21a8  MSKSSRV - ok
10:06:53.0801 0x21a8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
10:06:53.0804 0x21a8  MsLldp - ok
10:06:53.0826 0x21a8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:06:53.0827 0x21a8  MSPCLOCK - ok
10:06:53.0859 0x21a8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:06:53.0860 0x21a8  MSPQM - ok
10:06:53.0887 0x21a8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
10:06:53.0900 0x21a8  MsRPC - ok
10:06:53.0928 0x21a8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:06:53.0929 0x21a8  mssmbios - ok
10:06:53.0939 0x21a8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:06:53.0940 0x21a8  MSTEE - ok
10:06:53.0962 0x21a8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:06:53.0963 0x21a8  MTConfig - ok
10:06:53.0984 0x21a8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
10:06:53.0987 0x21a8  Mup - ok
10:06:54.0008 0x21a8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:06:54.0011 0x21a8  mvumis - ok
10:06:54.0073 0x21a8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
10:06:54.0090 0x21a8  napagent - ok
10:06:54.0148 0x21a8  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:06:54.0163 0x21a8  NativeWifiP - ok
10:06:54.0207 0x21a8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:06:54.0215 0x21a8  NcaSvc - ok
10:06:54.0234 0x21a8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:06:54.0241 0x21a8  NcbService - ok
10:06:54.0258 0x21a8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:06:54.0263 0x21a8  NcdAutoSetup - ok
10:06:54.0352 0x21a8  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:06:54.0395 0x21a8  NDIS - ok
10:06:54.0438 0x21a8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
10:06:54.0440 0x21a8  NdisCap - ok
10:06:54.0461 0x21a8  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
10:06:54.0465 0x21a8  NdisImPlatform - ok
10:06:54.0501 0x21a8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:06:54.0502 0x21a8  NdisTapi - ok
10:06:54.0527 0x21a8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:06:54.0530 0x21a8  Ndisuio - ok
10:06:54.0542 0x21a8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:06:54.0544 0x21a8  NdisVirtualBus - ok
10:06:54.0595 0x21a8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:06:54.0603 0x21a8  NdisWan - ok
10:06:54.0615 0x21a8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:06:54.0623 0x21a8  NdisWanLegacy - ok
10:06:54.0639 0x21a8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:06:54.0642 0x21a8  NDProxy - ok
10:06:54.0666 0x21a8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
10:06:54.0670 0x21a8  Ndu - ok
10:06:54.0689 0x21a8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:06:54.0691 0x21a8  NetBIOS - ok
10:06:54.0715 0x21a8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:06:54.0725 0x21a8  NetBT - ok
10:06:54.0744 0x21a8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:06:54.0748 0x21a8  Netlogon - ok
10:06:54.0792 0x21a8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
10:06:54.0802 0x21a8  Netman - ok
10:06:54.0862 0x21a8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:06:54.0882 0x21a8  netprofm - ok
10:06:55.0017 0x21a8  [ 76E90502D9001077DA92F81126D06C9B, 9E5B6DD3F1DAF49D303A7B3F6763A25C5F55F1E67A33AA8572204E9105B092EF ] netr28x         C:\WINDOWS\system32\DRIVERS\netr28x.sys
10:06:55.0104 0x21a8  netr28x - ok
10:06:55.0183 0x21a8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:55.0189 0x21a8  NetTcpPortSharing - ok
10:06:55.0234 0x21a8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
10:06:55.0237 0x21a8  netvsc - ok
10:06:55.0289 0x21a8  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:06:55.0304 0x21a8  NlaSvc - ok
10:06:55.0325 0x21a8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:06:55.0328 0x21a8  Npfs - ok
10:06:55.0373 0x21a8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
10:06:55.0375 0x21a8  npsvctrig - ok
10:06:55.0415 0x21a8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
10:06:55.0418 0x21a8  nsi - ok
10:06:55.0433 0x21a8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:06:55.0436 0x21a8  nsiproxy - ok
10:06:55.0564 0x21a8  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:06:55.0632 0x21a8  Ntfs - ok
10:06:55.0655 0x21a8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:06:55.0656 0x21a8  Null - ok
10:06:55.0694 0x21a8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:06:55.0700 0x21a8  nvraid - ok
10:06:55.0717 0x21a8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:06:55.0723 0x21a8  nvstor - ok
10:06:55.0743 0x21a8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
10:06:55.0747 0x21a8  nv_agp - ok
10:06:55.0819 0x21a8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:06:55.0824 0x21a8  ose - ok
10:06:56.0125 0x21a8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:06:56.0290 0x21a8  osppsvc - ok
10:06:56.0378 0x21a8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:06:56.0393 0x21a8  p2pimsvc - ok
10:06:56.0445 0x21a8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:06:56.0462 0x21a8  p2psvc - ok
10:06:56.0494 0x21a8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
10:06:56.0498 0x21a8  Parport - ok
10:06:56.0521 0x21a8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
10:06:56.0524 0x21a8  partmgr - ok
10:06:56.0580 0x21a8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:06:56.0598 0x21a8  PcaSvc - ok
10:06:56.0630 0x21a8  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
10:06:56.0640 0x21a8  pci - ok
10:06:56.0653 0x21a8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:06:56.0655 0x21a8  pciide - ok
10:06:56.0696 0x21a8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:06:56.0701 0x21a8  pcmcia - ok
10:06:56.0722 0x21a8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
10:06:56.0724 0x21a8  pcw - ok
10:06:56.0746 0x21a8  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
10:06:56.0750 0x21a8  pdc - ok
10:06:56.0814 0x21a8  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:06:56.0837 0x21a8  PEAUTH - ok
10:06:56.0936 0x21a8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:06:56.0939 0x21a8  PerfHost - ok
10:06:57.0059 0x21a8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
10:06:57.0109 0x21a8  pla - ok
10:06:57.0153 0x21a8  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:06:57.0160 0x21a8  PlugPlay - ok
10:06:57.0172 0x21a8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
10:06:57.0175 0x21a8  PNRPAutoReg - ok
10:06:57.0212 0x21a8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
10:06:57.0227 0x21a8  PNRPsvc - ok
10:06:57.0273 0x21a8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
10:06:57.0288 0x21a8  PolicyAgent - ok
10:06:57.0317 0x21a8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
10:06:57.0323 0x21a8  Power - ok
10:06:57.0363 0x21a8  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:06:57.0367 0x21a8  PptpMiniport - ok
10:06:57.0558 0x21a8  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:06:57.0655 0x21a8  PrintNotify - ok
10:06:57.0693 0x21a8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
10:06:57.0697 0x21a8  Processor - ok
10:06:57.0740 0x21a8  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
10:06:57.0750 0x21a8  ProfSvc - ok
10:06:57.0787 0x21a8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
10:06:57.0793 0x21a8  Psched - ok
10:06:57.0825 0x21a8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
10:06:57.0837 0x21a8  QWAVE - ok
10:06:57.0853 0x21a8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:06:57.0855 0x21a8  QWAVEdrv - ok
10:06:57.0895 0x21a8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:06:57.0897 0x21a8  RasAcd - ok
10:06:57.0944 0x21a8  [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
10:06:57.0948 0x21a8  RasAgileVpn - ok
10:06:57.0989 0x21a8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:06:57.0995 0x21a8  RasAuto - ok
10:06:58.0019 0x21a8  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:06:58.0024 0x21a8  Rasl2tp - ok
10:06:58.0071 0x21a8  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:06:58.0091 0x21a8  RasMan - ok
10:06:58.0106 0x21a8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:06:58.0109 0x21a8  RasPppoe - ok
10:06:58.0131 0x21a8  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
10:06:58.0135 0x21a8  RasSstp - ok
10:06:58.0183 0x21a8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:06:58.0197 0x21a8  rdbss - ok
10:06:58.0212 0x21a8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:06:58.0214 0x21a8  rdpbus - ok
10:06:58.0262 0x21a8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
10:06:58.0269 0x21a8  RDPDR - ok
10:06:58.0289 0x21a8  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:06:58.0290 0x21a8  RdpVideoMiniport - ok
10:06:58.0319 0x21a8  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:06:58.0328 0x21a8  rdyboost - ok
10:06:58.0421 0x21a8  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
10:06:58.0452 0x21a8  ReFS - ok
10:06:58.0508 0x21a8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:06:58.0518 0x21a8  RemoteAccess - ok
10:06:58.0557 0x21a8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:06:58.0565 0x21a8  RemoteRegistry - ok
10:06:58.0598 0x21a8  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:06:58.0604 0x21a8  RFCOMM - ok
10:06:58.0641 0x21a8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:06:58.0647 0x21a8  RpcEptMapper - ok
10:06:58.0691 0x21a8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:06:58.0693 0x21a8  RpcLocator - ok
10:06:58.0747 0x21a8  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:06:58.0775 0x21a8  RpcSs - ok
10:06:58.0828 0x21a8  [ DCEBA2327CE4F5B735B80BEC9E9CEE72, 959F5DFB7126B77A29BB264C62716A77EE87D06907BE17BD0A5A253B34BC6BF9 ] RSBASTOR        C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
10:06:58.0838 0x21a8  RSBASTOR - ok
10:06:58.0878 0x21a8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
10:06:58.0882 0x21a8  rspndr - ok
10:06:58.0964 0x21a8  [ 3B7A94926B52D171C5B515EDECC2118E, 4D3A8F24AAA8DD155BE2B5814701FFE67C367BB29D31D615685277D2DEF0DB0A ] rtbth           C:\WINDOWS\System32\drivers\rtbth.sys
10:06:59.0005 0x21a8  rtbth - ok
10:06:59.0080 0x21a8  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
10:06:59.0103 0x21a8  RTL8168 - ok
10:06:59.0143 0x21a8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
10:06:59.0144 0x21a8  s3cap - ok
10:06:59.0177 0x21a8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:06:59.0181 0x21a8  SamSs - ok
10:06:59.0218 0x21a8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:06:59.0222 0x21a8  sbp2port - ok
10:06:59.0264 0x21a8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:06:59.0273 0x21a8  SCardSvr - ok
10:06:59.0295 0x21a8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:06:59.0302 0x21a8  ScDeviceEnum - ok
10:06:59.0340 0x21a8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:06:59.0342 0x21a8  scfilter - ok
10:06:59.0421 0x21a8  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:06:59.0464 0x21a8  Schedule - ok
10:06:59.0514 0x21a8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
10:06:59.0520 0x21a8  SCPolicySvc - ok
10:06:59.0586 0x21a8  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
10:06:59.0595 0x21a8  sdbus - ok
10:06:59.0638 0x21a8  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:06:59.0642 0x21a8  sdstor - ok
10:06:59.0660 0x21a8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
10:06:59.0661 0x21a8  secdrv - ok
10:06:59.0706 0x21a8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:06:59.0727 0x21a8  seclogon - ok
10:06:59.0769 0x21a8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
10:06:59.0774 0x21a8  SENS - ok
10:06:59.0841 0x21a8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:06:59.0850 0x21a8  SensrSvc - ok
10:06:59.0867 0x21a8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
10:06:59.0870 0x21a8  SerCx - ok
10:06:59.0921 0x21a8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:06:59.0927 0x21a8  SerCx2 - ok
10:06:59.0943 0x21a8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
10:06:59.0945 0x21a8  Serenum - ok
10:06:59.0991 0x21a8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:06:59.0994 0x21a8  Serial - ok
10:07:00.0011 0x21a8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:07:00.0013 0x21a8  sermouse - ok
10:07:00.0070 0x21a8  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:07:00.0084 0x21a8  SessionEnv - ok
10:07:00.0098 0x21a8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
10:07:00.0100 0x21a8  sfloppy - ok
10:07:00.0159 0x21a8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:07:00.0175 0x21a8  SharedAccess - ok
10:07:00.0222 0x21a8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:07:00.0245 0x21a8  ShellHWDetection - ok
10:07:00.0283 0x21a8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:07:00.0285 0x21a8  SiSRaid2 - ok
10:07:00.0307 0x21a8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:07:00.0311 0x21a8  SiSRaid4 - ok
10:07:00.0339 0x21a8  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
10:07:00.0341 0x21a8  SmbDrv - ok
10:07:00.0377 0x21a8  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
10:07:00.0379 0x21a8  SmbDrvI - ok
10:07:00.0414 0x21a8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
10:07:00.0417 0x21a8  smphost - ok
10:07:00.0469 0x21a8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:07:00.0473 0x21a8  SNMPTRAP - ok
10:07:00.0532 0x21a8  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
10:07:00.0546 0x21a8  spaceport - ok
10:07:00.0582 0x21a8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
10:07:00.0585 0x21a8  SpbCx - ok
10:07:00.0636 0x21a8  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
10:07:00.0666 0x21a8  Spooler - ok
10:07:00.0974 0x21a8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:07:01.0187 0x21a8  sppsvc - ok
10:07:01.0248 0x21a8  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:07:01.0264 0x21a8  srv - ok
10:07:01.0303 0x21a8  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:07:01.0326 0x21a8  srv2 - ok
10:07:01.0349 0x21a8  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:07:01.0357 0x21a8  srvnet - ok
10:07:01.0413 0x21a8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:07:01.0423 0x21a8  SSDPSRV - ok
10:07:01.0465 0x21a8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
10:07:01.0472 0x21a8  SstpSvc - ok
10:07:01.0589 0x21a8  [ 897C1273B7D74E19DDA7EBF495BF0133, CF344C0ABB11FF1D4FFE09426A42F9C320985F83FC0472E64F92EAACBFAAEFE9 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
10:07:01.0601 0x21a8  STacSV - ok
10:07:01.0702 0x21a8  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:07:01.0722 0x21a8  Steam Client Service - ok
10:07:01.0737 0x21a8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:07:01.0738 0x21a8  stexstor - ok
10:07:01.0806 0x21a8  [ A883937A943DCE237B19E4A5558FCBE6, 5DC1D621CC246290CD575E394BDBDE962F1783D08ECA5411FF766406C5C4762F ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
10:07:01.0825 0x21a8  STHDA - ok
10:07:01.0887 0x21a8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:07:01.0911 0x21a8  stisvc - ok
10:07:01.0954 0x21a8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:07:01.0958 0x21a8  storahci - ok
10:07:01.0978 0x21a8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
10:07:01.0981 0x21a8  storflt - ok
10:07:02.0000 0x21a8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:07:02.0003 0x21a8  stornvme - ok
10:07:02.0050 0x21a8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
10:07:02.0054 0x21a8  StorSvc - ok
10:07:02.0095 0x21a8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
10:07:02.0098 0x21a8  storvsc - ok
10:07:02.0135 0x21a8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
10:07:02.0139 0x21a8  svsvc - ok
10:07:02.0160 0x21a8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:07:02.0161 0x21a8  swenum - ok
10:07:02.0238 0x21a8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:07:02.0256 0x21a8  SwitchBoard - ok
10:07:02.0321 0x21a8  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\WINDOWS\System32\swprv.dll
10:07:02.0347 0x21a8  swprv - ok
10:07:02.0407 0x21a8  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:07:02.0422 0x21a8  SynTP - ok
10:07:02.0547 0x21a8  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
10:07:02.0591 0x21a8  SysMain - ok
10:07:02.0637 0x21a8  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:07:02.0649 0x21a8  SystemEventsBroker - ok
10:07:02.0696 0x21a8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:07:02.0703 0x21a8  TabletInputService - ok
10:07:02.0728 0x21a8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:07:02.0741 0x21a8  TapiSrv - ok
10:07:02.0873 0x21a8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
10:07:02.0958 0x21a8  Tcpip - ok
10:07:03.0068 0x21a8  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:07:03.0152 0x21a8  TCPIP6 - ok
10:07:03.0229 0x21a8  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:07:03.0231 0x21a8  tcpipreg - ok
10:07:03.0270 0x21a8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
10:07:03.0275 0x21a8  tdx - ok
10:07:03.0298 0x21a8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:07:03.0300 0x21a8  terminpt - ok
10:07:03.0370 0x21a8  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
10:07:03.0407 0x21a8  TermService - ok
10:07:03.0429 0x21a8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:07:03.0434 0x21a8  Themes - ok
10:07:03.0475 0x21a8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
10:07:03.0480 0x21a8  THREADORDER - ok
10:07:03.0532 0x21a8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
10:07:03.0543 0x21a8  TimeBroker - ok
10:07:03.0597 0x21a8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
10:07:03.0603 0x21a8  TPM - ok
10:07:03.0627 0x21a8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:07:03.0634 0x21a8  TrkWks - ok
10:07:03.0741 0x21a8  [ 6BFB75B76411CC57A72FCC1D0201E166, 8F3A97E7651501F58018EB6081178B2A05ADFBF48C6126E0176FE231A261893E ] TrueService     C:\Program Files\Common Files\AuthenTec\TrueService.exe
10:07:03.0755 0x21a8  TrueService - ok
10:07:03.0817 0x21a8  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:07:03.0821 0x21a8  TrustedInstaller - ok
10:07:03.0845 0x21a8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
10:07:03.0848 0x21a8  TsUsbFlt - ok
10:07:03.0864 0x21a8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:07:03.0866 0x21a8  TsUsbGD - ok
10:07:03.0918 0x21a8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
10:07:03.0924 0x21a8  tunnel - ok
10:07:03.0947 0x21a8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
10:07:03.0950 0x21a8  uagp35 - ok
10:07:03.0999 0x21a8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:07:04.0002 0x21a8  UASPStor - ok
10:07:04.0052 0x21a8  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
10:07:04.0059 0x21a8  UCX01000 - ok
10:07:04.0093 0x21a8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:07:04.0104 0x21a8  udfs - ok
10:07:04.0130 0x21a8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:07:04.0131 0x21a8  UEFI - ok
10:07:04.0185 0x21a8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
10:07:04.0189 0x21a8  UI0Detect - ok
10:07:04.0226 0x21a8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
10:07:04.0229 0x21a8  uliagpkx - ok
10:07:04.0241 0x21a8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
10:07:04.0243 0x21a8  umbus - ok
10:07:04.0262 0x21a8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:07:04.0263 0x21a8  UmPass - ok
10:07:04.0312 0x21a8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:07:04.0325 0x21a8  UmRdpService - ok
10:07:04.0434 0x21a8  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:07:04.0446 0x21a8  UNS - ok
10:07:04.0494 0x21a8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:07:04.0511 0x21a8  upnphost - ok
10:07:04.0580 0x21a8  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
10:07:04.0586 0x21a8  usbccgp - ok
10:07:04.0603 0x21a8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:07:04.0607 0x21a8  usbcir - ok
10:07:04.0642 0x21a8  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
10:07:04.0646 0x21a8  usbehci - ok
10:07:04.0683 0x21a8  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:07:04.0699 0x21a8  usbhub - ok
10:07:04.0740 0x21a8  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
10:07:04.0757 0x21a8  USBHUB3 - ok
10:07:04.0778 0x21a8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
10:07:04.0780 0x21a8  usbohci - ok
10:07:04.0797 0x21a8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:07:04.0799 0x21a8  usbprint - ok
10:07:04.0830 0x21a8  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:07:04.0835 0x21a8  USBSTOR - ok
10:07:04.0878 0x21a8  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
10:07:04.0879 0x21a8  usbuhci - ok
10:07:04.0926 0x21a8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
10:07:04.0933 0x21a8  usbvideo - ok
10:07:04.0971 0x21a8  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:07:04.0982 0x21a8  USBXHCI - ok
10:07:05.0011 0x21a8  [ 49F2693BC3D821FA13AD6E7D5C5FEAFF, E0E109CAB6B19C77A870C5A0D8A99769F5B99C19C2E35A0615D91F87B25229A3 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
10:07:05.0015 0x21a8  valWBFPolicyService - ok
10:07:05.0033 0x21a8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:07:05.0037 0x21a8  VaultSvc - ok
10:07:05.0059 0x21a8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:07:05.0061 0x21a8  vdrvroot - ok
10:07:05.0147 0x21a8  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
10:07:05.0192 0x21a8  vds - ok
10:07:05.0251 0x21a8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
10:07:05.0257 0x21a8  VerifierExt - ok
10:07:05.0326 0x21a8  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
10:07:05.0346 0x21a8  vhdmp - ok
10:07:05.0366 0x21a8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
10:07:05.0368 0x21a8  viaide - ok
10:07:05.0389 0x21a8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
10:07:05.0393 0x21a8  vmbus - ok
10:07:05.0434 0x21a8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:07:05.0435 0x21a8  VMBusHID - ok
10:07:05.0488 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
10:07:05.0507 0x21a8  vmicguestinterface - ok
10:07:05.0534 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
10:07:05.0553 0x21a8  vmicheartbeat - ok
10:07:05.0579 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
10:07:05.0597 0x21a8  vmickvpexchange - ok
10:07:05.0622 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
10:07:05.0644 0x21a8  vmicrdv - ok
10:07:05.0670 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
10:07:05.0688 0x21a8  vmicshutdown - ok
10:07:05.0715 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
10:07:05.0734 0x21a8  vmictimesync - ok
10:07:05.0758 0x21a8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
10:07:05.0776 0x21a8  vmicvss - ok
10:07:05.0830 0x21a8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:07:05.0834 0x21a8  volmgr - ok
10:07:05.0880 0x21a8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
10:07:05.0894 0x21a8  volmgrx - ok
10:07:05.0941 0x21a8  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
10:07:05.0952 0x21a8  volsnap - ok
10:07:05.0992 0x21a8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:07:05.0995 0x21a8  vpci - ok
10:07:06.0047 0x21a8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
10:07:06.0053 0x21a8  vsmraid - ok
10:07:06.0134 0x21a8  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
10:07:06.0185 0x21a8  VSS - ok
10:07:06.0214 0x21a8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:07:06.0225 0x21a8  VSTXRAID - ok
10:07:06.0268 0x21a8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:07:06.0269 0x21a8  vwifibus - ok
10:07:06.0290 0x21a8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
10:07:06.0293 0x21a8  vwififlt - ok
10:07:06.0308 0x21a8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
10:07:06.0310 0x21a8  vwifimp - ok
10:07:06.0357 0x21a8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
10:07:06.0373 0x21a8  W32Time - ok
10:07:06.0440 0x21a8  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
10:07:06.0444 0x21a8  w3logsvc - ok
10:07:06.0484 0x21a8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:07:06.0486 0x21a8  WacomPen - ok
10:07:06.0503 0x21a8  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:07:06.0506 0x21a8  Wanarp - ok
10:07:06.0515 0x21a8  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:07:06.0519 0x21a8  Wanarpv6 - ok
10:07:06.0592 0x21a8  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:07:06.0611 0x21a8  WAS - ok
10:07:06.0711 0x21a8  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:07:06.0765 0x21a8  wbengine - ok
10:07:06.0823 0x21a8  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:07:06.0841 0x21a8  WbioSrvc - ok
10:07:06.0874 0x21a8  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:07:06.0889 0x21a8  Wcmsvc - ok
10:07:06.0947 0x21a8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
10:07:06.0965 0x21a8  wcncsvc - ok
10:07:06.0981 0x21a8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:07:06.0985 0x21a8  WcsPlugInService - ok
10:07:07.0012 0x21a8  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:07:07.0014 0x21a8  WdBoot - ok
10:07:07.0045 0x21a8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
10:07:07.0047 0x21a8  WDC_SAM - ok
10:07:07.0099 0x21a8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:07:07.0127 0x21a8  Wdf01000 - ok
10:07:07.0166 0x21a8  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:07:07.0174 0x21a8  WdFilter - ok
10:07:07.0219 0x21a8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:07:07.0225 0x21a8  WdiServiceHost - ok
10:07:07.0234 0x21a8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
10:07:07.0241 0x21a8  WdiSystemHost - ok
10:07:07.0278 0x21a8  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:07:07.0283 0x21a8  WdNisDrv - ok
10:07:07.0310 0x21a8  WdNisSvc - ok
10:07:07.0357 0x21a8  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:07:07.0367 0x21a8  WebClient - ok
10:07:07.0395 0x21a8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:07:07.0405 0x21a8  Wecsvc - ok
10:07:07.0424 0x21a8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:07:07.0427 0x21a8  WEPHOSTSVC - ok
10:07:07.0451 0x21a8  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
10:07:07.0456 0x21a8  wercplsupport - ok
10:07:07.0472 0x21a8  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:07:07.0478 0x21a8  WerSvc - ok
10:07:07.0545 0x21a8  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
10:07:07.0552 0x21a8  WFPLWFS - ok
10:07:07.0589 0x21a8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:07:07.0594 0x21a8  WiaRpc - ok
10:07:07.0631 0x21a8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:07:07.0633 0x21a8  WIMMount - ok
10:07:07.0640 0x21a8  WinDefend - ok
10:07:07.0724 0x21a8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:07:07.0753 0x21a8  WinHttpAutoProxySvc - ok
10:07:07.0834 0x21a8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:07:07.0841 0x21a8  Winmgmt - ok
10:07:07.0983 0x21a8  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:07:08.0068 0x21a8  WinRM - ok
10:07:08.0118 0x21a8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUSB.sys
10:07:08.0122 0x21a8  WinUsb - ok
10:07:08.0168 0x21a8  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
10:07:08.0169 0x21a8  WirelessButtonDriver - ok
10:07:08.0269 0x21a8  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
10:07:08.0322 0x21a8  WlanSvc - ok
10:07:08.0431 0x21a8  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
10:07:08.0485 0x21a8  wlidsvc - ok
10:07:08.0532 0x21a8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
10:07:08.0533 0x21a8  WmiAcpi - ok
10:07:08.0575 0x21a8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:07:08.0582 0x21a8  wmiApSrv - ok
10:07:08.0616 0x21a8  WMPNetworkSvc - ok
10:07:08.0716 0x21a8  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:07:08.0771 0x21a8  workfolderssvc - ok
10:07:08.0808 0x21a8  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
10:07:08.0811 0x21a8  wpcfltr - ok
10:07:08.0854 0x21a8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
10:07:08.0858 0x21a8  WPCSvc - ok
10:07:08.0881 0x21a8  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:07:08.0887 0x21a8  WPDBusEnum - ok
10:07:08.0899 0x21a8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:07:08.0900 0x21a8  WpdUpFltr - ok
10:07:08.0938 0x21a8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:07:08.0939 0x21a8  ws2ifsl - ok
10:07:08.0983 0x21a8  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:07:08.0990 0x21a8  wscsvc - ok
10:07:08.0997 0x21a8  WSearch - ok
10:07:09.0175 0x21a8  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
10:07:09.0292 0x21a8  WSService - ok
10:07:09.0484 0x21a8  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:07:09.0606 0x21a8  wuauserv - ok
10:07:09.0658 0x21a8  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:07:09.0663 0x21a8  WudfPf - ok
10:07:09.0686 0x21a8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
10:07:09.0695 0x21a8  WUDFRd - ok
10:07:09.0736 0x21a8  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
10:07:09.0742 0x21a8  wudfsvc - ok
10:07:09.0759 0x21a8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:07:09.0768 0x21a8  WUDFWpdFs - ok
10:07:09.0783 0x21a8  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:07:09.0792 0x21a8  WUDFWpdMtp - ok
10:07:09.0826 0x21a8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
10:07:09.0846 0x21a8  WwanSvc - ok
10:07:09.0876 0x21a8  ================ Scan global ===============================
10:07:09.0918 0x21a8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
10:07:09.0968 0x21a8  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
10:07:09.0989 0x21a8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
10:07:10.0026 0x21a8  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
10:07:10.0042 0x21a8  [ Global ] - ok
10:07:10.0043 0x21a8  ================ Scan MBR ==================================
10:07:10.0052 0x21a8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:07:10.0060 0x21a8  \Device\Harddisk0\DR0 - ok
10:07:10.0062 0x21a8  ================ Scan VBR ==================================
10:07:10.0065 0x21a8  [ 63DA092A1A33F6E47F636AA2964B13AD ] \Device\Harddisk0\DR0\Partition1
10:07:10.0135 0x21a8  \Device\Harddisk0\DR0\Partition1 - ok
10:07:10.0149 0x21a8  [ 8EB643A610F5578F422EE5477290AA2A ] \Device\Harddisk0\DR0\Partition2
10:07:10.0196 0x21a8  \Device\Harddisk0\DR0\Partition2 - ok
10:07:10.0211 0x21a8  [ BF761B3DD9E25783DB104BF1382F5571 ] \Device\Harddisk0\DR0\Partition3
10:07:10.0211 0x21a8  \Device\Harddisk0\DR0\Partition3 - ok
10:07:10.0229 0x21a8  [ B1AF8FE33C25F46D72C7409448FECF90 ] \Device\Harddisk0\DR0\Partition4
10:07:10.0279 0x21a8  \Device\Harddisk0\DR0\Partition4 - ok
10:07:10.0296 0x21a8  [ FEC12E228BAE483B44E71F30EB76A88D ] \Device\Harddisk0\DR0\Partition5
10:07:10.0304 0x21a8  \Device\Harddisk0\DR0\Partition5 - ok
10:07:10.0323 0x21a8  [ 91CC3C6EAED53040E44F0FE96FD98CB4 ] \Device\Harddisk0\DR0\Partition6
10:07:10.0335 0x21a8  \Device\Harddisk0\DR0\Partition6 - ok
10:07:10.0336 0x21a8  Waiting for KSN requests completion. In queue: 98
10:07:11.0337 0x21a8  Waiting for KSN requests completion. In queue: 98
10:07:12.0338 0x21a8  Waiting for KSN requests completion. In queue: 98
10:07:13.0339 0x21a8  Waiting for KSN requests completion. In queue: 98
10:07:14.0397 0x21a8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x61100 ( enabled : updated )
10:07:14.0402 0x21a8  Win FW state via NFP2: enabled
10:07:17.0057 0x21a8  ============================================================
10:07:17.0057 0x21a8  Scan finished
10:07:17.0057 0x21a8  ============================================================
10:07:17.0076 0x2940  Detected object count: 0
10:07:17.0077 0x2940  Actual detected object count: 0
10:10:20.0134 0x0f18  Deinitialize success
 



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 AM

Posted 21 March 2014 - 06:43 AM

Nothing to see...

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 falrecon

falrecon
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 22 March 2014 - 08:28 PM

Uhm, can I delay everything just for one day? I have some things to do, but I promise I'll scan everything tomorrow. Sorry.



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 AM

Posted 23 March 2014 - 12:25 PM

No problem! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 AM

Posted 27 March 2014 - 04:46 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users