Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan, malware??


  • Please log in to reply
17 replies to this topic

#1 Vulcan Moon

Vulcan Moon

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 26 March 2014 - 03:39 PM

I managed to find and remove a couple of Trojans along with disabling what was seemingly a startup Trojan (?) from Ulfhmedia, managed to locate the folder and at least delete the files within it as well.

 

 

However, I'm unsure on something and I feel a bad vibe about it due to the double file extension, to be honest.

 

The problem is that it appears in the msconfig startup tab as listed as belonging to Microsoft Windows (both with the *Registered Trademark symbol following each of the names), so in the msconfig, it reads as:

 

Microsoft* Windows*  Microsoft Corporation  regsvr32.exe "C:\ProgramData\oxekst.dat"

 

In the area HKEY_User...Microsoft,Windows,Currentversions,Run, it appears as:

oxekst  regsvr32.exe "C:\ProgramData\oxekst.dat"

 

 

When the Autoruns Program lists the code, it only states the latter half and shows highlighted in pink, obviously:

C:\ProgramData\oxekst.dat

 

 

So, all the same, for the most part:

 

The issue, I have, apart from the fact of the double file name ending, which I believe can indicate a problem, is that in the autoruns program it is not listed as a verified program at all, not even with Microsoft, yet the msconfig informs me that it is most definitely a Microsoft program; this is very confusing. On disabling it in the autoruns program and through the msconfig, it replicated (for want of a better term) and would not permit itself to be disabled, even whilst not connected to the internet.

 

The msconfig area does state that some programs will not shut down even if disabled because they are required running programs, a safeguard I assume (not very computer savvy, in that sense), but the entire coding and the fact that it is not even recognised by autoruns as a verifiable Microsoft Program are making me seriously question whether this is a Trojan/worm/malware within our set-up.

 

 

The system has been running slow and occasionally the internet will come up with "not responding" and all tabs will close.

We are running Windows 7.

 

 

 

 

I hope I covered everything.

 

We just ran a Mcafee Stinger which stated that the following was deleted:

 

Trojan - FDWP!FCC4BCBEE758 from the file $RZ7XQQD.dll

 

Which I believe was the one that I had removed from the folder after I had disabled the startup coding of:

Ulfhmedia  regsvr32.exeC:\Users\Dave\AppData\Local\Ulfhmedia\PNGIO.dll

 

 

 

 

As I say though, it's the oxekst.dat startup program that I have serious doubts about and if it is indeed not a known routine/program, how do I get rid of it since disabling and/or deleting does not work?

 

On attempting to check the background to the program, via Autoruns search via their jump to the internet search option, nothing came up, which bothers me a lot.

 

 

Can anyone tell me what the coding permits the program to do, is it sending data, storing data or something else?

 

 

 

Many thanks.

 

PS: I'm not computer savvy, as such, so print screen etc isn't going to be an easy option; I got certified in COBOL may years ago but have never used it, as I ended up in a different profession, and the language used on Microsoft is nothing like COBOL but I've learned quite a bit in the past few days. :warrior:


Edited by Vulcan Moon, 26 March 2014 - 05:42 PM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:16 PM

Posted 27 March 2014 - 04:06 AM

Hello -

I do not know where you have found these problems, but "the oxekst.dat startup program" and "Ulfhmedia" are untracable items.

After using all trace methods I could find, these all seem to only be Self Created items.

 

However, we may pick up some ideas from these programs.

Download these programs to Desktop to run them, and Copy and Paste all logs.

 

FIRST -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

NEXT -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

 

NEXT -

Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer if required after you post the log.
To remove all "found items" you can follow the steps in this Malwarebytes illustrated blog post:
http://blog.malwarebytes.org/news/2013/09/selecting-all-pups/

 

 

NEXT -

* Please download AdwCleaner by Xplode and save to your Desktop.
- NOTE : Please close or save all work, as the computer will be Rebooted
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button. (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
* If you see any which you do not want removed, remove the check mark next to it. 

* If you are not sure, post the [R0].txt Log back here first.
* Next: Click on the Clean button (only once) to remove the selected items. 
* You will receive a message telling you that all programs will be close so that the infections can be removed. 
* Click on OK, and then OK again to confirm the reboot.
* When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
* Please copy and the paste this log in your next post.

* A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



#3 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 28 March 2014 - 10:19 AM

Many, many thanks, for your quick response and assistance, Aussie Addict.

 

Hubby did all the downloads as we went through the steps together, better we both know what we're doing, the MBAM Download located the file/Trojan that I've not been able to get rid of up to this point in time. We have all the results, which is a good few pages (about 32, I think) of Word Documents, which I can still post up if required; this, however, is the result from the MBAM, in which the Trojan is referenced:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 28/03/2014

Scan Time: 14:31:51

Logfile:

Administrator: Yes

 

Version: 2.00.0.1000

Malware Database: v2014.03.28.04

Rootkit Database: v2014.03.27.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Robara

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 258143

Time Elapsed: 17 min, 33 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 1

Trojan.Ransom.Gend, HKU\S-1-5-21-740914990-2471810360-2352195847-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|oxekst, regsvr32.exe "C:\ProgramData\oxekst.dat", , [3d67798f374467cf7e0126dc9c65da26]

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 2

Trojan.Ransom.Gend, C:\ProgramData\oxekst.dat, , [3d67798f374467cf7e0126dc9c65da26],

PUP.Optional.Conduit, C:\Users\Robara\Downloads\FLV_Runner.exe, , [980c1eeae59657df8bf19897c63a6b95],

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

 

 

 

 

I have since checked in both the Autoruns and the msconfig, and touch wood (or thank God) the oxekst reference is no longer appearing, at this point in time.

 

 

If you would like the rest of the logs posted, that's not a problem, I wasn't sure since we were trying to work out what the problem was and the MBAM managed to locate it, so thought you (the readers) may like to cut straight to the relevant information that was turned up: but let me know, if you'd like to see the rest anyway.

 

 

 

 

I have a few more questions which I'll start another thread off with because they won't be malware/Trojan related, at least, I hope they won't. :warrior:


Edited by Vulcan Moon, 28 March 2014 - 10:22 AM.


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:16 PM

Posted 28 March 2014 - 04:56 PM

Hello and thanks for your update.

 

This seems to be the main related problem, and looks like a typical Ransomware infection.

Trojan.Ransom.Gend, C:\ProgramData\oxekst.dat

There are many programs that the bad guys "morph" or slightly alter as the infections spread much wider.

Due to this it often comes back with a slightly altered name, as well as a slightly altered process.

 

If and When you do have time, I would like to run these 2 scans.The first is quicker, but it will have a longer output, while the second will run for (on average) at least 2 hours, and may run for up to ? 5 ? hours for a first scan.

I run it monthly, and it takes a bit over 1 hour on my clean computers.

 

 

As you did not reply with any other details, I do not know what browser you use or what is updated (except MBAM).

Do not forget that you downloaded the MBAM License: Trial Version, so you will get a "nag screen" asking to purchase it, but this can be ignored and it will revert to the Free Version only.

 

 

 

First -

Download TDSSKiller and save it to your desktop.

* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt.

Please copy and paste the contents of that file here.

 

 

Second -

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virus
This scan is best performed with Internet Explorer, as it uses ActiveX

If you will not / do not use Internet Explorer, then please read item 3 in this post

1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop. Vista /Win7 & 8 users right click and select Run as administrator.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology

9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer).
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please just tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive detection, and just cleaning up.

 

 

If you did scan with AdwCleaner, please re open the program and this time hit Uninstall.

Confirm with OK (if asked) and it will reboot your computer again.

This is to fully remove the program and any infections held in its Removal area.

Note that the program can not be updated, so you download and only do a single run each time.



#5 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 01 April 2014 - 10:08 AM

Sorry for the delay...okay, just finished running the above two programs:

 

TDSSKiller

Ran, no threats found.

 

ESET Report

C:\AdwCleaner\Quarantine\C\Program Files (x86)\uniblue\SpeedUpMyPC\speedupmypc.exe.vir            Win32/SpeedUpMyPC potentially unwanted application     deleted - quarantined

C:\Users\Robara\AppData\Local\Temp\is-ENMFN.tmp\SpeedUpMyPC-standalone-setup.exe            Win32/SpeedUpMyPC potentially unwanted application     deleted - quarantined

C:\Users\Robara\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\2345ee44-14166bc9        a variant of Java/Exploit.Agent.RDU trojan         cleaned by deleting - quarantined

C:\Users\Robara\Downloads\AdvancedFix_Setup.exe          a variant of Win32/RegistryNuke application            cleaned by deleting – quarantined

 

 

 

 

Is it possible to remove some of these programs (or all of them)? Autoruns, which was running fine a couple of days ago, will not respond, at the moment; whether this is just a clash of programs, I don't know. Any advice in this area would be of great help.

 

 

Many thanks, so far.



#6 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 01 April 2014 - 11:29 AM

Removed the AdWare program and Autoruns worked fine :thumbup2:

 

I took some program information from Autoruns which I'd like to run past you (or elsewhere on the forum, I'm not sure where it should go) in case any of it is linked to the viruses/Trojans that we've had issues with; most of the stuff is disabled, at this time, until I can establish what it is in fact supposed to do, especially since I'm sure that between 4-6 of the items appeared when we'd had no downloads but were attempting to eradicate the Trojan that was being stubborn.

 

If you could just let me know whether to post the information in this thread or to start another and which subforum would be best, that would be great.

 

Many thanks, once again.



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:16 PM

Posted 01 April 2014 - 03:57 PM

For Autoruns, see below =>

 

Download Autoruns to your desktop
Double click on Autoruns exe.
Allow the program to fully populate (Note : this will take a few minutes).
Go > File > Save > Save as Autoruns.txt > File Type > All Files
Save to Desktop
Copy and Paste the Autoruns.txt back here.



#8 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 07 April 2014 - 10:29 AM

Apologies for the delay, I'm still coming off the back of an illness, so haven't been on in a few days...here's the information that you requested, I have it set, at present, to exclude all Microsoft entries:


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "14/07/2009 05:49"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "28/12/2013 04:57"
+ "Acer ePower Management" "" "" "File not found: T\EPOWERTRAY.EXE" ""
+ "AdobeAAMUpdater-1.0" "" "" "File not found: FILES\ADOBE\OOBE\PDAPP\UWA\UPDATERSTARTUPUTILITY.EXE"" ""
+ "btbb_McciTrayApp" "" "" "File not found: OTIFIER.EXE"" ""
+ "ETDWare" "" "" "File not found: TECH\ETDCTRL.EXE" ""
+ "HotKeysCmds" "" "" "File not found: DOWS\SYSTEM32\HKCMD.EXE" ""
+ "IgfxTray" "" "" "File not found: DOWS\SYSTEM32\IGFXTRAY.EXE" ""
+ "mwlDaemon" "" "" "File not found: .EXE" ""
+ "Persistence" "" "" "File not found: DOWS\SYSTEM32\IGFXPERS.EXE" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "06/04/2014 19:16"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "(Verified) Adobe Systems" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" "21/11/2013 17:56"
+ "APSDaemon" "Apple Push" "(Verified) Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "06/02/2014 06:09"
+ "BackupManagerTray" "Acer Backup Manager" "(Verified) NewTech Infosystems" "c:\program files (x86)\newtech infosystems\acer backup manager\backupmanagertray.exe" "28/06/2010 07:41"
+ "BDRegion" "brs" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\shared files\brs.exe" "23/05/2010 05:18"
+ "CLMLServer" "CyberLink MediaLibray Service" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\clmlsvc.exe" "03/06/2009 13:46"
+ "EEventManager" "EEventManager Application" "(Verified) SEIKO EPSON Corporation" "c:\program files (x86)\epson software\event manager\eeventmanager.exe" "12/10/2010 05:55"
+ "EgisTecPMMUpdate" "PMM Update Application" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec ips\pmmupdate.exe" "10/03/2010 15:03"
+ "EgisUpdate" "EgisUpdate Release Application" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec ips\egisupdate.exe" "10/03/2010 15:04"
+ "IAStorIcon" "IAStorIcon" "(Verified) Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" "13/04/2010 17:52"
+ "iTunesHelper" "iTunesHelper" "(Verified) Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe" "21/02/2014 12:19"
+ "LManager" "Launch Manager" "(Verified) Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe" "10/08/2010 10:05"
+ "mcpltui_exe" "McAfee Security Center" "(Verified) McAfee" "c:\program files\mcafee.com\agent\mcagent.exe" "28/01/2014 06:58"
+ "mcui_exe" "McAfee Security Center" "(Verified) McAfee" "c:\program files\mcafee.com\agent\mcagent.exe" "28/01/2014 06:58"
+ "MDS_Menu" "MUI StartMenu Application" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\mediashow5\muitransfer\muistartmenu.exe" "19/05/2009 07:41"
+ "Norton Online Backup" "Norton Online Backup Service" "(Verified) Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuclient.exe" "01/06/2010 20:33"
+ "QuickTime Task" "QuickTime Task" "(Not verified) Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "14/01/2014 02:15"
+ "RemoteControl9" "PowerDVD RC Service" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\pdvd9serv.exe" "06/07/2009 07:21"
+ "SuiteTray" "SuiteTray" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe" "26/05/2010 12:58"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "(Verified) Sun Microsystems" "c:\program files (x86)\common files\java\java update\jusched.exe" "09/06/2011 21:06"
+ "UpdatePPShortCut" "MUI StartMenu Application" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "19/05/2009 07:41"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "17/11/2010 13:50"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "27/09/2012 01:08"
+ "Google Update" "Google Installer" "(Verified) Google Inc" "c:\users\robara\appdata\local\google\update\googleupdate.exe" "09/03/2010 07:10"
+ "swg" "GoogleToolbarNotifier" "(Verified) Google Inc" "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe" "12/05/2008 19:14"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "14/07/2009 05:53"
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "(Verified) McAfee" "c:\program files\mcafee\msc\mcsniepl64.dll" "28/01/2014 06:56"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" "" "14/07/2009 05:53"
+ "dssrequest" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll" "24/01/2014 22:26"
+ "sacore" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll" "24/01/2014 22:26"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "EDSshellExt" "Shell Extention" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll" "26/05/2010 12:35"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "(Verified) McAfee" "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll" "28/01/2014 06:58"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "EDSshellExt" "Shell Extention" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll" "26/05/2010 12:31"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "ShredderContextMenu" "ShredderContextMenu" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll" "02/04/2010 07:05"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "ShredderContextMenu" "ShredderContextMenu" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll" "02/04/2010 07:03"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "EDSshellExt" "Shell Extention" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll" "26/05/2010 12:35"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 05:53"
+ "EDSshellExt" "Shell Extention" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll" "26/05/2010 12:31"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "12/10/2011 13:24"
+ "PDF Shell Extension" "PDF Shell Extension" "(Verified) Adobe Systems" "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "18/12/2013 18:07"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "12/10/2011 13:24"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "(Verified) McAfee" "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll" "28/01/2014 06:58"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "12/10/2011 12:36"
+ "egisPSDP" "PSD DragDrop Protection" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x64\psdprotect.dll" "26/05/2010 12:34"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "06/04/2014 19:16"
+ "egisPSDP" "PSD DragDrop Protection" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x86\psdprotect.dll" "26/05/2010 12:30"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "12/10/2011 12:36"
+ "Easy Photo Print" "Epson Easy Photo Print (TBL x64)" "(Not verified) SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\easy photo print\eptbl.dll" "26/01/2011 10:29"
+ "Google Toolbar Helper" "Google Toolbar" "(Verified) Google Inc" "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "11/03/2014 18:28"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "(Verified) Sun Microsystems" "c:\program files\java\jre6\bin\jp2ssv.dll" "19/07/2011 11:45"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll" "24/01/2014 22:26"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "06/04/2014 19:16"
+ "Google Toolbar Helper" "Google Toolbar" "(Verified) Google Inc" "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "11/03/2014 18:43"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "(Verified) Sun Microsystems" "c:\program files (x86)\java\jre6\bin\jp2ssv.dll" "19/07/2011 14:05"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll" "24/01/2014 22:25"
+ "SSVHelper Class" "Java™ Platform SE binary" "(Verified) Sun Microsystems" "c:\program files (x86)\java\jre6\bin\ssv.dll" "19/07/2011 14:05"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" "" "25/03/2014 18:25"
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll" "24/01/2014 22:26"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" "" "13/03/2014 16:41"
+ "EPTBL" "Epson Easy Photo Print (TBL x64)" "(Not Verified) SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\easy photo print\eptbl.dll" "26/01/2011 10:29"
+ "Google Toolbar" "Google Toolbar" "(Verified) Google Inc" "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "11/03/2014 18:28"
+ "McAfee SiteAdvisor" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll" "24/01/2014 22:26"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "13/03/2014 16:41"
+ "Google Toolbar" "Google Toolbar" "(Verified) Google Inc" "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "11/03/2014 18:43"
+ "McAfee SiteAdvisor" "SiteAdvisor" "(Verified) McAfee" "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll" "24/01/2014 22:25"
"Task Scheduler" "" "" "" ""
+ "\AdobeAAMUpdater-1.0-Robara-PC-Robara" "Adobe Updater Startup Utility" "(Verified) Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "06/05/2011 11:48"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "(Verified) Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "02/06/2011 01:46"
+ "\GoogleUpdateTaskUserS-1-5-21-740914990-2471810360-2352195847-1000Core" "Google Installer" "(Verified) Google Inc" "c:\users\robara\appdata\local\google\update\googleupdate.exe" "09/03/2010 07:10"
+ "\GoogleUpdateTaskUserS-1-5-21-740914990-2471810360-2352195847-1000UA1cef27784d07288" "Google Installer" "(Verified) Google Inc" "c:\users\robara\appdata\local\google\update\googleupdate.exe" "09/03/2010 07:10"
"HKLM\System\CurrentControlSet\Services" "" "" "" "06/04/2014 19:19"
+ "ABBYY.Licensing.FineReader.Sprint.9.0" "This service is required for the operation of the ABBYY FineReader 9.0 Express Edition licensing mechanism." "(Verified) ABBYY SOLUTIONS LIMITED" "c:\program files (x86)\common files\abbyy\finereadersprint\9.00\licensing\networklicenseserver.exe" "14/05/2009 15:07"
+ "AdobeActiveFileMonitor10.0" "Tracks files that are managed by Elements Organizer" "(Verified) Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\photoshopelementsfileagent.exe" "31/08/2011 19:45"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "(Verified) Adobe Systems" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "21/11/2013 17:55"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "(Verified) Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "03/03/2014 22:44"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "(Verified) Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "11/02/2014 14:26"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "(Verified) Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "31/08/2011 06:52"
+ "CLKMSVC10_9EC60124" "CyberLink KM Service" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\kmsvc.exe" "29/04/2010 03:25"
+ "DsiWMIService" "Dritek WMI Service" "(Verified) Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe" "10/08/2010 10:05"
+ "ePowerSvc" "Acer ePower Service" "(Verified) Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe" "11/06/2010 06:43"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "(Verified) Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" "10/04/2008 17:51"
+ "GREGService" "Global Registration Service" "(Verified) Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe" "12/11/2009 10:18"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "(Verified) Google Inc" "c:\program files (x86)\google\update\googleupdate.exe" "09/03/2010 07:10"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "(Verified) Google Inc" "c:\program files (x86)\google\update\googleupdate.exe" "09/03/2010 07:10"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "(Verified) Google Inc" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe" "02/03/2012 22:13"
+ "HomeNetSvc" "Allows McAfee applications to communicate securely on the local network." "(Verified) McAfee" "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" "30/07/2013 16:41"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "(Verified) Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe" "13/04/2010 17:52"
+ "iPod Service" "iPod hardware management services" "(Verified) Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "21/02/2014 12:20"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "(Verified) Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe" "03/03/2010 23:33"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "(Verified) Malwarebytes Corporation" "c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe" "05/02/2014 20:43"
+ "MBAMService" "Malwarebytes Anti-Malware service" "(Verified) Malwarebytes Corporation" "c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe" "20/02/2014 16:05"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "(Verified) McAfee" "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" "31/08/2012 18:18"
+ "McAPExe" "McAfee AP Service" "(Verified) McAfee" "c:\program files\mcafee\msc\mcapexe.exe" "28/01/2014 07:01"
+ "McciCMService" "mcci+McciCMService" "(Not verified) Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe" "07/08/2009 21:45"
+ "McciCMService64" "mcci+McciCMService" "(Not verified) Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe" "26/01/2010 20:52"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "(Verified) McAfee" "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" "30/07/2013 16:41"
+ "McNaiAnn" "McAfee VirusScan Announcer" "(Verified) McAfee" "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" "30/07/2013 16:41"
+ "McODS" "McAfee Scanner" "(Verified) McAfee" "c:\program files\mcafee\virusscan\mcods.exe" "02/08/2013 22:28"
+ "mcpltsvc" "McAfee Platform Services" "(Verified) McAfee" "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" "30/07/2013 16:41"
+ "McProxy" "McAfee Proxy Service" "(Verified) McAfee" "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe" "30/07/2013 16:41"
+ "mfecore" "McAfee OnAccess Scanner" "(Verified) McAfee" "c:\program files\common files\mcafee\amcore\mcshield.exe" "17/01/2014 21:55"
+ "mfefire" "Provides firewall services to McAfee products" "(Verified) McAfee" "c:\program files\common files\mcafee\systemcore\mfefire.exe" "21/01/2014 19:34"
+ "mfevtp" "Provides validation trust protection services" "(Verified) McAfee" "c:\windows\system32\mfevtps.exe" "21/01/2014 19:30"
+ "MWLService" "MyWinLocker Service" "(Verified) EGIS TECHNOLOGY INC." "c:\program files (x86)\egistec mywinlocker\x86\mwlservice.exe" "26/05/2010 12:31"
+ "NOBU" "Norton Online Backup Service" "(Verified) Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuagent.exe" "01/06/2010 20:31"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "(Verified) NewTech Infosystems" "c:\program files (x86)\newtech infosystems\acer backup manager\ischedulesvc.exe" "28/06/2010 07:43"
X "RichVideo" "RichVideo Module" "" "c:\program files (x86)\cyberlink\shared files\richvideo.exe" "30/05/2008 07:46"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "(Verified) Valve" "c:\program files (x86)\common files\steam\steamservice.exe" "31/07/2012 21:42"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "(Verified) Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe" "03/03/2010 23:35"
+ "Updater Service" "Updater Service" "(Verified) Acer Incorporated" "c:\program files\acer\acer updater\updaterservice.exe" "28/01/2010 08:44"
"HKLM\System\CurrentControlSet\Services" "" "" "" "06/04/2014 19:19"
+ "HipShieldK" "McAfee HIP IPS Driver" "(Verified) McAfee" "c:\windows\system32\drivers\hipshieldk.sys" "23/09/2013 21:13"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "(Verified) Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys" "30/10/2013 17:11"
+ "MBAMSwissArmy" "Malwarebytes Anti-Malware" "(Verified) Malwarebytes Corporation" "c:\windows\system32\drivers\mbamswissarmy.sys" "21/02/2014 00:49"
+ "MBAMWebAccessControl" "Malwarebytes Web Access Control" "(Verified) Malwarebytes Corporation" "c:\windows\system32\drivers\mwac.sys" "04/03/2014 16:45"
X "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "(Not verified) Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys" "19/11/2005 09:13"
X "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS" ""
X "MREMPR5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS" ""
X "MRENDIS5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS" ""
X "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "(Not verified) Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys" "19/11/2005 09:13"
X "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS" ""
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "(Verified) NewTech Infosystems" "c:\windows\system32\drivers\ntidrvr.sys" "20/04/2010 02:37"
+ "UBHelper" "NTI CD-ROM Filter Driver" "(Verified) NewTech Infosystems" "c:\windows\system32\drivers\ubhelper.sys" "06/07/2010 05:19"
"HKLM\Software\Classes\Filter" "" "" "" "26/03/2014 13:22"
X "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "(Not verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "27/07/2011 04:43"
X "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "(Not verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax" "27/07/2011 04:44"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "14/07/2009 05:53"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claudcm.ax" "25/05/2005 08:57"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_claud.ax" "07/12/2009 04:31"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax" "23/03/2010 10:12"
+ "CyberLink Audio Decoder(PDVD9 UPnP)" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\claud.ax" "16/02/2007 09:17"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax" "09/12/2009 03:51"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax" "17/10/2005 03:34"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax" "25/02/2005 03:41"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax" "09/11/2009 11:02"
+ "CyberLink Audio Spectrum Analyzer(PDVD9 UPnP)" "CLAudSpa.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\claudspa.ax" "24/09/2004 12:08"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvb.ax" "08/10/2004 09:36"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax" "14/08/2009 14:26"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax" "21/01/2008 11:35"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax" "16/05/2007 04:29"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clavchdnav.ax" "05/10/2009 11:13"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cldemuxer.ax" "30/06/2009 12:20"
+ "CyberLink Demultiplexer(PDVD9 UPnP)" "MPEG-2 Dempltiplexer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\cldemuxer.ax" "13/09/2006 13:50"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax" "31/05/2010 09:43"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll" "14/09/2009 03:21"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax" "12/12/2003 08:01"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_cldumpdispatch.ax" "09/11/2009 13:58"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gdump.ax" "22/11/2006 13:15"
+ "CyberLink DV Buffer" "DV dump Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax" "11/01/2002 10:00"
+ "CyberLink DVD Navigator (PDC 1.0)" "CyberLink DVD Navigation Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd copy\clnavx.ax" "24/11/2009 15:24"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax" "16/04/2010 12:31"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll" "03/05/2007 07:18"
+ "CyberLink Editing Service 5.0 (Source)" "CES Kernel" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cledtkrn.dll" "26/02/2010 09:19"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2greader.ax" "16/06/2003 04:35"
+ "CyberLink FLV Splitter" "CyberLink FLV Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clflvsplitter.ax" "17/11/2009 12:47"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax" "30/10/2009 09:20"
+ "CyberLink Frame Parser" "CLFParser" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clfparser.ax" "02/01/2007 11:51"
+ "CyberLink H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cl264dec.ax" "08/05/2008 12:01"
+ "CyberLink HAM Decoder" "CyberLink 264 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clcvd\clcvd.ax" "29/12/2009 18:42"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax" "22/12/2009 07:51"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax" "24/07/2009 03:21"
+ "CyberLink Line21 Decoder Filter (PDC 1.0)" "CyberLink Line21 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd copy\clline21.ax" "24/03/2004 13:46"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax" "28/05/2007 08:16"
+ "CyberLink M2V Writer" "CLM2VWriter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax" "17/08/2005 15:45"
+ "CyberLink Matroska Splitter" "CyberLink Matroska Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clmkvsplter.ax" "29/01/2010 11:40"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax" "04/12/2009 09:28"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax" "14/01/2008 03:30"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax" "29/09/2003 14:50"
+ "CyberLink MPEG Muxer" "MpgMux" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax" "23/05/2008 08:27"
+ "CyberLink MPEG Muxer" "MpgMux" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_mpgmux.ax" "11/11/2009 11:13"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clsplter.ax" "22/06/2007 16:18"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax" "26/10/2005 12:41"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax" "04/12/2007 04:11"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax" "04/12/2007 04:10"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_clm4muxer.ax" "09/11/2009 13:40"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clm4muxer.ax" "24/11/2008 07:12"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_clm4splt.ax" "09/11/2009 13:35"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clm4splt.ax" "22/06/2009 13:46"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax" "30/03/2010 04:13"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_clmpegvanalyzer.ax" "12/11/2009 10:41"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clmpegvanalyzer.ax" "18/12/2009 09:05"
+ "CyberLink Mux Push Source" "Cyberlink push-mode file source" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_clmuxpushsrc.ax" "09/11/2009 14:01"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax" "21/03/2002 06:54"
+ "CyberLink Push-Mode CLStream(PDVD9)" "CLStream" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream(pushmode).ax" "27/04/2006 14:05"
+ "CyberLink RealAudio Decoder" "CyberLink RealMedia Audio Decoder" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clrmaud.ax" "06/11/2009 11:31"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax" "25/12/2009 04:44"
+ "CyberLink RealMedia Splitter" "CyberLink RealMedia Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clrmsplitter.ax" "03/11/2009 08:24"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax" "03/11/2009 08:24"
+ "CyberLink RealVideo Decoder" "CyberLink RealMedia Video Decoder" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clrmvd.ax" "21/10/2009 08:58"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax" "25/12/2009 04:42"
+ "CyberLink SBE Filter" "CLSBE" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsbe.ax" "28/12/2006 13:57"
+ "CyberLink SBE Source Filter" "CLSBESrc" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsbesrc.ax" "28/12/2006 13:57"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppscndt.ax" "13/08/2003 08:36"
+ "CyberLink SnapShotTIP Filter" "CLSShot" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsshot.ax" "22/04/2009 13:08"
+ "CyberLink Stamp Effect" "" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppstampeffect.ax" "25/05/2009 16:06"
+ "CyberLink Streamming Filter(PDVD9)" "Cyberlink Streaming Source Filter(Scramble)" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream.ax" "02/05/2007 07:12"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsubpic.ax" "28/07/2004 16:09"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax" "22/12/2009 14:08"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gauts.ax" "12/10/2004 15:32"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax" "03/12/2009 14:14"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_cltlmsplter.ax" "09/11/2009 11:45"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax" "19/10/2006 06:33"
+ "Cyberlink TS Information" "CLTSInfo" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\pptsinfo.ax" "26/06/2009 05:00"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cltzan.ax" "18/09/2008 07:37"
+ "CyberLink Tzan Filter (PDVD9)" "Cyberlink Tzan Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax" "07/04/2010 03:10"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_cledtdemuxer.ax" "11/11/2009 11:50"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cledtdemuxer.ax" "26/06/2009 05:01"
+ "CyberLink Video Decoder" "CyberLink 264 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clcvd\clcvd.ax" "29/12/2009 18:42"
+ "CyberLink Video Decoder (PDVD9)" "CyberLink 264 Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax" "08/06/2010 17:00"
+ "CyberLink Video Effect" "CLVidFx" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax" "30/08/2005 05:01"
+ "CyberLink Video Regulator" "CLRGL" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax" "28/09/2005 11:42"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax" "17/10/2005 07:28"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax" "14/10/2009 13:31"
+ "CyberLink Video/SP Decoder(PDVD9 UPnP)" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clvsd.ax" "16/09/2009 07:48"
+ "CyberLink WMV/WMA Demux(PDVD9)" "WMV/WMA Demux" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clwmfdemux.ax" "02/01/2006 13:16"
+ "Liteon Down Scaler" "Liteon Down Scaler DirectShow Filter" "(Verified) LiteOn Technology Corp" "c:\program files (x86)\acer crystal eye webcam\lods.ax" "10/12/2010 07:26"
+ "Liteon Pause Audio" "" "(Verified) LiteOn Technology Corp" "c:\program files (x86)\acer crystal eye webcam\lopa.ax" "21/07/2010 00:42"
X "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "(Not verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_bc_dec_avc_ds.ax" "27/07/2011 04:58"
X "MainConcept AAC Decoder" "AAC audio decoder filter" "(Not verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_aac_ds.ax" "27/07/2011 05:01"
X "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "(Not verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_avc_ds.ax" "27/07/2011 04:57"
X "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "(Not Verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "27/07/2011 04:43"
X "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "(Not Verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax" "27/07/2011 04:44"
X "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "(Not Verified) MainConcept GmbH" "c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax" "27/07/2011 04:43"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gaud.ax" "01/12/2006 06:59"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax" "20/12/2006 10:20"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax" "10/11/2005 13:36"
+ "P2G Video Regulator" "CyberLink Video Regulator" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax" "18/06/2002 04:32"
+ "PDC Video Decoder" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerdvd copy\clvsd.ax" "09/06/2005 06:19"
+ "PowerProducer Double Tee" "Cyberlink Double Tee Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdoubletee.ax" "24/12/2001 10:12"
+ "PP Audio Decoder" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claud.ax" "17/12/2009 07:32"
+ "PP Audio Effect" "CyberLink Audio Effect Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claudfx.ax" "22/07/2009 10:53"
+ "PP Audio Encoder" "CyberLink Audio Encoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claudenc.ax" "26/07/2007 11:18"
+ "PP Audio Noise Reduction (CES)" "CLAuNR" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claunrwrapper.ax" "19/09/2007 03:42"
+ "PP Audio Resampler" "CLAuRsmpl.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppaursmpl.ax" "01/07/2009 03:55"
+ "PP Byte Counter" "PP Byte Counter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppbytecounter.ax" "24/12/2001 10:25"
+ "PP DDR" "PP DDR" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\pprender.ax" "26/02/2003 04:42"
+ "PP Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cldumpdispatch.ax" "12/12/2003 08:01"
+ "PP Dump Filter" "Cyberlink File Dump Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cldump.ax" "14/12/2009 05:03"
+ "PP DV Buffer" "CLDVBuffer Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvbuffer.ax" "10/04/2006 13:47"
+ "PP DV Dump Filter" "DV dump Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax" "11/01/2002 10:00"
+ "PP DV TCR" "DVTCR" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvtcr.ax" "25/05/2009 14:36"
+ "PP File Reader (Async.)" "Cyberlink MPEG File Reader" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppreader.ax" "12/08/2003 14:29"
+ "PP Gate Filter" "CLGate" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppgate.ax" "09/08/2001 14:41"
+ "PP IDM" "idmf" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppidmf.ax" "13/03/2007 10:01"
+ "PP M2V Writer" "CLM2VWriter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppm2vwriter.ax" "23/01/2006 10:09"
+ "PP MPEG Muxer" "MpgMux" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\mpgmux.ax" "24/12/2009 09:55"
+ "PP MPEG Splitter" "PP MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsplter.ax" "17/07/2008 03:15"
+ "PP MPEG Video Encoder" "CyberLink MPEG Video Encoder " "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clvidenc.ax" "11/11/2009 10:20"
+ "PP PCM Wrapper" "PP PCM Wrapper" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\pppcmenc.ax" "21/03/2002 06:54"
+ "PP Snapshot Filter" "CLSnapShot Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsnapshot.ax" "27/05/2001 13:53"
+ "PP SnapShotTIP Filter" "CLSShot" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsshot.ax" "17/02/2006 06:58"
+ "PP TimeStretch Filter (CES)" "CLAuTS.ax" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clauts.ax" "24/04/2006 11:45"
+ "PP TL MPEG Splitter" "CyberLink MPEG Splitter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\cltlmsplter.ax" "17/07/2008 03:15"
+ "PP TV Audio Decoder" "CyberLink Audio Decoder Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\claudtv.ax" "04/05/2007 09:14"
+ "PP Video Decoder" "CyberLink Video/SP Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppgenericvsd.ax" "08/08/2008 01:34"
+ "PP Video Effect" "CLVidFx" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppvidfx.ax" "08/01/2009 11:13"
+ "PP Video Regulator" "CyberLink Video Regulator" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppresample.ax" "18/06/2002 04:32"
+ "PP Video Regulator" "Video Regulator" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clrgl.ax" "30/12/2008 16:00"
+ "PP WAV Dest" "CLWavDest" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppwavdest.ax" "16/05/2002 10:20"
+ "PP YUY2 Deinterlace" "DitlYuY2" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppditlyuy2.ax" "03/03/2003 13:52"
+ "PP YUY2 Sub-Sampling" "SubYUY2 Filter" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsubyuy2.ax" "28/02/2003 15:30"
+ "SlideShow" "" "" "c:\program files (x86)\nti\nti media maker 9\media maker\slideshow.ax" "15/09/2009 03:02"
+ "Time Regulator" "TimeRegulator" "(Verified) CyberLink" "c:\program files (x86)\cyberlink\powerproducer\avi_audtr.ax" "15/03/2004 04:30"
+ "Track1Filter" "Adobe Photoshop Elements 10.0 (component)" "(Verified) Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\track1filter.dll" "31/08/2011 19:44"
+ "Track2Filter" "Adobe Photoshop Elements 10.0 (component)" "(Verified) Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 10 organizer\track2filter.dll" "31/08/2011 19:44"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "11/11/2011 14:09"
+ "mdnsNSP" "Bonjour Namespace Provider" "(Verified) Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "31/08/2011 06:44"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "11/11/2011 14:09"
+ "mdnsNSP" "Bonjour Namespace Provider" "(Verified) Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "31/08/2011 06:53"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "06/04/2014 19:17"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "(Not verified) SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll" "13/09/2010 07:00"

#9 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 07 April 2014 - 10:33 AM

Having said that, it looks like Microsoft may have been included, however, these are the programs that I have doubts about, I'd already typed them out before I realised you could just copy/paste the entire file, so, I may as well post that here:

Some of the following are confusing when I check them out via the internet, they come up as viruses in one link yet in another are considered fine, most are disabled at this time (apart from the two McciCMService ones, that appear in HKLM\System\Current\ControlSet\Services), is there any chance you could advise on whether any of the following should just be deleted and/or left disabled.
*[description]
*(publisher)

Found in HKLM\Software\Classes\Filter
MainConcept MPEG Demultiplexer [MPEG-1/2 Demultiplexer] (Not verified: MainConcept GmbH) c:\program files (x86)\adobe\elements 10 organizer\mc_demux_mp2_ds.ax
MainConcept MPEG Push Demultiplexer [MPEG Push Demultiplexer] (Not verified: MainConcept GmbH) c:\program files (x86)\adobe\elements 10 organizer\mc_demuxpush_mp2_ds.ax

Found in HKLM\System\Current\ControlSet\Services
McciCMService [mcci+McciCMService] (not verified: Alcatel-Lucent) c:\program files (x86)\common files\motive\mccicmservice.exe
McciCMService64 [mcci+McciCMService] (not verified: Alcatel-Lucent) c:\program files\common files\motive\mccicmservice.exe
RichVideo [RichVideoModule] c:\program files (x86)\cyberlink\shared files\richvideo.exe
Found in HKLM\System\CurrentSet\Services
MREMP50 [PCAUSA NDIS 5.0 MPR Protocol Driver] (not verified: Printing Communications Assoc., Inc [PCAUSA])
c:\program files (x86)\common files\motive\mremp50.sys
MRESP50 [PCAUSA NDIS 5.0 SPR Protocol Driver] (not verified: Printing Communications Assoc., Inc [PCAUSA])
c:\program files (x86)\common files\motive\mresp50.sys
Found in HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86\Instance
MainConcept (Broadcast) AVC/H.264 Video Decoder [AVC/H Decoder DirectShow Filter] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_bc_dec_avc_ds.ax
MainConcept AAC Decoder [AAC audio Decoder filter] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_aac_ds.ax
MainConcept AVC/H.264 Video Decoder [AVC/H.264 Decoder DirectShow Filter] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_avc_ds.ax
MainConcept MPEG Demultiplexer [MPEG-1/2 Demultiplexer] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax
MainConcept MPEG Push Demultiplexer [MPEG Push Demultiplexer] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax
MainConcept Stream Parser [MPEG-1/2 Demultiplexer] (Not verified: MainConcept GmbH)
c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax




The following are “File not found” which all show up as highlighted yellow, in the Autoruns, so just wondering if any of these should in fact be found and so forth; the MREMP50a64 appears to come up as a virus when checked through one link on the internet but another seems to indicate it is fine, so all in all a bit confusing to say the least:
Not found in HKLM\SOFTWARE\Microsoft\CurrentVersion\Run
Acer ePower Management T\EPOWERTRAY.EXE
AdobeAAMUpdater-1.0 FILES\ADOBE\OOBE\PDAPP\UWA\UPDATERSTARTUPUTILITY.EXE”
btbb_McciTrayApp OTIFIER.EXE”
ETDWare TECH\ETDCTRL.EXE
HotKeysCmds DOWS\SYSTEM32\HKCMD.EXE
Igfx Tray DOWS\SYSTEM32\IGFXTRAY.EXE
mwlDaemon .EXE
Persistence DOWS\SYSTEM32\IGFXPERS.EXE

Not found in HKCU\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Internet Explorer C:\Windows\system32\ie4unit.exe

Not found in HKLM\System\CurrentControlSet\Services
MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
MREMPR5 C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS
MRENDIS5 C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS
MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS

Edited by Vulcan Moon, 07 April 2014 - 10:33 AM.


#10 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 07 April 2014 - 10:43 AM

One or two of those that concern me relate to the fact that they come up as non-verified sources, although a few of them have coding that suggests Adobe, and have no icon that would suggest it was Adobe either, but since I don't know one way or the other, they may well be Adobe.

 

The "file not found" entries make me query whether the Trojans that we had have deleted items that should be there and so forth.



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:16 PM

Posted 07 April 2014 - 09:18 PM

Generally "file not found" entries are just Unticked at the left side to Disable them for now.
I leave them unticked for a while (a month or so) and if no programs are compromised, I Right Click > Delete them.

The following all show up in examples of TDSS infections (but I did not see them in yours as no log was posted)
MREMP50.SYS
MREMP50a64.SYS
MRESP50.SYS
MRESP50a64.SYS

I have not listed them in the same order as you, since I took all 4 from another log that was posted.
These need to be removed, also just look for the log from TDSS if you still have it.

 

Any item that you find to be "suspect" or that concerns you can be Unticked, and then ticked again later if you find it is needed.



#12 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 08 April 2014 - 05:01 PM

Generally "file not found" entries are just Unticked at the left side to Disable them for now.
I leave them unticked for a while (a month or so) and if no programs are compromised, I Right Click > Delete them.

The following all show up in examples of TDSS infections (but I did not see them in yours as no log was posted)
MREMP50.SYS
MREMP50a64.SYS
MRESP50.SYS
MRESP50a64.SYS

I have not listed them in the same order as you, since I took all 4 from another log that was posted.
These need to be removed, also just look for the log from TDSS if you still have it.

 

Any item that you find to be "suspect" or that concerns you can be Unticked, and then ticked again later if you find it is needed.

 

Many thanks.

 

I don't think they would have shown up in a log because I had them unchecked at the time as with the other Trojan, only the exokst one wouldn't permit me to uncheck it and that showed up whereas the other one didn't, and I think that's why, because I'd managed to get the one disabled.

 

Oddly, the ones you mention are the ones that appeared after I tried deleting the exokst Trojan, which the download programs managed to get rid of, thankfully.

 

I will certainly take a look through the logs and delete those programs now that I can be sure I'm not deleting anything that should in fact be there; I would have done it sooner but wasn't sure.

 

 

 

 

 

I take it the others, mentioned in post 9 above, come up clean: McciService, McciService64 and such?

 

I'll get those deleted and then refresh, as we shut down tonight, and let you know if any issues arise. Would it be safe to say we're Trojan free now? And if so, I read about setting a new Restore Point and am thinking that may be a wise option.



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:16 PM

Posted 09 April 2014 - 02:55 AM

McciService seems to be Part of AT&T's 2Wire Modem installation

McciService64 is just the 64bit version of the same thing.

I've googled it and the basic advice is to go into Programs and Features, and uninstall the ATT self Support Tool

 

If your ISP is or was AT&T, you can ask them on their forum, or just call them.



#14 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 11 April 2014 - 02:11 PM

McciService seems to be Part of AT&T's 2Wire Modem installation

McciService64 is just the 64bit version of the same thing.

I've googled it and the basic advice is to go into Programs and Features, and uninstall the ATT self Support Tool

 

If your ISP is or was AT&T, you can ask them on their forum, or just call them.

 

It's BT (we're in the UK).

 

Yeah, I just realised that when using Autoruns, all I had to do to check the validity of some of the programs was to check the date, which I didn't realise was there for me to see; had I realised that before now, I probably could have just deleted the MREP programs and such from the date alone...however, I know that now, so can use that in future if need be when trying to check anything out that installs itself, although hopefully that won't be the case, touch wood.

 

 

With the TDSSKiller, all we got was "0 threats found", I recall saying to hubby "wait, we have to find the report tab now" and we could not for the life of us see one, otherwise I would have posted it up. It may just be that it was stored elsewhere and we had no idea where to look; we deleted the programs but whether the folder/info, if there is any, is still there I can't say, since I can't locate a folder; I tried looking in C\:Users\[Username]\AppData...Windows area and came across the Ulfmedia folder that I'd found prior to running all the scans (which I couldn't remember where'd I'd seen, so wasn't able to delete it then), so that's now deleted, but I couldn't find a TDSSKiller reference...if you have the exact location address that I would need to type in to find it, I can see if there is one but with so many folders and so many areas, for me, it's like groping around in the dark, unless I can type in the exact string required to locate it...I'm really not up on the computer location field references for Windows etc, sadly, it would be easier if I were.

 

 

 

Having read our security service information, we see that we had the 2 hackers that had attempted to infiltrate which were obviously the Trojans. Having set the security to allow us to read more about what is going on has helped as well, instead of just seeing update messages now, we get more information on the updates and a lot more information about past threats and such.

 

 

 

But anyway, many thanks for your assistance in dealing with the Trojans which we could not have got rid of by oursleves.



#15 Vulcan Moon

Vulcan Moon
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 11 April 2014 - 03:19 PM

I just mentioned the C:\ to hubby and he showed me where to look...found the report and though a tad late in posting, here it is, for perusal. Strangely, the MRESP50 and related items all come up as "ok" though that may just be because they were disabled at the time of the scan...I assume.


12:40:23.0921 0x1058 TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
12:40:33.0031 0x1058 ============================================================
12:40:33.0031 0x1058 Current date / time: 2014/04/01 12:40:33.0031
12:40:33.0031 0x1058 SystemInfo:
12:40:33.0031 0x1058
12:40:33.0031 0x1058 OS Version: 6.1.7601 ServicePack: 1.0
12:40:33.0031 0x1058 Product type: Workstation
12:40:33.0031 0x1058 ComputerName: ROBARA-PC
12:40:33.0031 0x1058 UserName: Robara
12:40:33.0031 0x1058 Windows directory: C:\Windows
12:40:33.0031 0x1058 System windows directory: C:\Windows
12:40:33.0031 0x1058 Running under WOW64
12:40:33.0031 0x1058 Processor architecture: Intel x64
12:40:33.0031 0x1058 Number of processors: 2
12:40:33.0031 0x1058 Page size: 0x1000
12:40:33.0031 0x1058 Boot type: Normal boot
12:40:33.0031 0x1058 ============================================================
12:40:35.0668 0x1058 KLMD registered as C:\Windows\system32\drivers\28748738.sys
12:40:36.0245 0x1058 System UUID: {A581B1C8-D4BC-58B6-62D4-331F6B62DE13}
12:40:37.0290 0x1058 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:40:37.0306 0x1058 ============================================================
12:40:37.0306 0x1058 \Device\Harddisk0\DR0:
12:40:37.0306 0x1058 MBR partitions:
12:40:37.0306 0x1058 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
12:40:37.0306 0x1058 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x48C25000
12:40:37.0306 0x1058 ============================================================
12:40:37.0415 0x1058 C: <-> \Device\Harddisk0\DR0\Partition2
12:40:37.0415 0x1058 ============================================================
12:40:37.0415 0x1058 Initialize success
12:40:37.0415 0x1058 ============================================================
12:40:41.0206 0x127c ============================================================
12:40:41.0206 0x127c Scan started
12:40:41.0206 0x127c Mode: Manual;
12:40:41.0206 0x127c ============================================================
12:40:41.0206 0x127c KSN ping started
12:40:54.0824 0x127c KSN ping finished: true
12:40:55.0074 0x127c ================ Scan system memory ========================
12:40:55.0074 0x127c System memory - ok
12:40:55.0074 0x127c ================ Scan services =============================
12:40:55.0854 0x127c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:40:55.0870 0x127c 1394ohci - ok
12:40:56.0197 0x127c [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
12:40:56.0228 0x127c ABBYY.Licensing.FineReader.Sprint.9.0 - ok
12:40:56.0306 0x127c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:40:56.0322 0x127c ACPI - ok
12:40:56.0400 0x127c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:40:56.0400 0x127c AcpiPmi - ok
12:40:56.0572 0x127c [ C245E08EC469A52A622EFDC9787A0DCC, 378EFDFA1CC133123464F820805212ED73264EFD78511F1A0DDC8DCEEC176759 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
12:40:56.0587 0x127c AdobeActiveFileMonitor10.0 - ok
12:40:56.0681 0x127c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:40:56.0681 0x127c AdobeARMservice - ok
12:40:56.0915 0x127c [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:40:56.0930 0x127c AdobeFlashPlayerUpdateSvc - ok
12:40:56.0993 0x127c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:40:57.0008 0x127c adp94xx - ok
12:40:57.0055 0x127c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:40:57.0086 0x127c adpahci - ok
12:40:57.0133 0x127c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:40:57.0133 0x127c adpu320 - ok
12:40:57.0164 0x127c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:40:57.0164 0x127c AeLookupSvc - ok
12:40:57.0289 0x127c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:40:57.0305 0x127c AFD - ok
12:40:57.0383 0x127c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:40:57.0383 0x127c agp440 - ok
12:40:57.0430 0x127c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:40:57.0430 0x127c ALG - ok
12:40:57.0476 0x127c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:40:57.0476 0x127c aliide - ok
12:40:57.0539 0x127c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:40:57.0539 0x127c amdide - ok
12:40:57.0632 0x127c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:40:57.0632 0x127c AmdK8 - ok
12:40:57.0664 0x127c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:40:57.0664 0x127c AmdPPM - ok
12:40:57.0726 0x127c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:40:57.0726 0x127c amdsata - ok
12:40:57.0788 0x127c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:40:57.0804 0x127c amdsbs - ok
12:40:57.0851 0x127c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:40:57.0851 0x127c amdxata - ok
12:40:57.0929 0x127c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:40:57.0929 0x127c AppID - ok
12:40:57.0976 0x127c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:40:57.0976 0x127c AppIDSvc - ok
12:40:58.0038 0x127c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:40:58.0038 0x127c Appinfo - ok
12:40:58.0319 0x127c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:40:58.0319 0x127c Apple Mobile Device - ok
12:40:58.0366 0x127c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:40:58.0366 0x127c arc - ok
12:40:58.0412 0x127c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:40:58.0412 0x127c arcsas - ok
12:40:58.0771 0x127c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:40:58.0802 0x127c aspnet_state - ok
12:40:58.0849 0x127c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:40:58.0865 0x127c AsyncMac - ok
12:40:58.0912 0x127c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:40:58.0912 0x127c atapi - ok
12:40:59.0052 0x127c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:40:59.0068 0x127c AudioEndpointBuilder - ok
12:40:59.0099 0x127c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:40:59.0114 0x127c AudioSrv - ok
12:40:59.0192 0x127c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:40:59.0192 0x127c AxInstSV - ok
12:40:59.0270 0x127c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:40:59.0302 0x127c b06bdrv - ok
12:40:59.0380 0x127c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:40:59.0380 0x127c b57nd60a - ok
12:40:59.0645 0x127c [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
12:40:59.0645 0x127c BBSvc - ok
12:40:59.0723 0x127c [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
12:40:59.0738 0x127c BBUpdate - ok
12:41:00.0050 0x127c [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:41:00.0144 0x127c BCM43XX - ok
12:41:00.0222 0x127c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:41:00.0222 0x127c BDESVC - ok
12:41:00.0284 0x127c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:41:00.0284 0x127c Beep - ok
12:41:00.0394 0x127c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:41:00.0409 0x127c BFE - ok
12:41:00.0565 0x127c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:41:00.0581 0x127c BITS - ok
12:41:00.0643 0x127c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:41:00.0643 0x127c blbdrive - ok
12:41:00.0737 0x127c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:41:00.0752 0x127c Bonjour Service - ok
12:41:00.0815 0x127c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:41:00.0815 0x127c bowser - ok
12:41:00.0830 0x127c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:41:00.0846 0x127c BrFiltLo - ok
12:41:00.0877 0x127c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:41:00.0877 0x127c BrFiltUp - ok
12:41:00.0924 0x127c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:41:00.0940 0x127c Browser - ok
12:41:00.0986 0x127c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:41:00.0986 0x127c Brserid - ok
12:41:01.0018 0x127c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:41:01.0018 0x127c BrSerWdm - ok
12:41:01.0064 0x127c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:41:01.0064 0x127c BrUsbMdm - ok
12:41:01.0064 0x127c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:41:01.0080 0x127c BrUsbSer - ok
12:41:01.0111 0x127c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:41:01.0111 0x127c BTHMODEM - ok
12:41:01.0158 0x127c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:41:01.0174 0x127c bthserv - ok
12:41:01.0205 0x127c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:41:01.0220 0x127c cdfs - ok
12:41:01.0283 0x127c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:41:01.0283 0x127c cdrom - ok
12:41:01.0345 0x127c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:41:01.0345 0x127c CertPropSvc - ok
12:41:01.0408 0x127c [ 27DB8CC56E87042BCAF4668B53618C04, 74499F5692B0C94835D5CDDBB7762C18961FC526E607E1ED68592CBE53B74995 ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:41:01.0408 0x127c cfwids - ok
12:41:01.0439 0x127c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:41:01.0454 0x127c circlass - ok
12:41:01.0548 0x127c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:41:01.0564 0x127c CLFS - ok
12:41:01.0813 0x127c [ FE1C81A049E5C5D67C4AB7C31C899F6F, 27E1C2AEAF3F3CA4BD5010C81C05C87B7B473A89FC7F1F6CB3C6F64123F219FD ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
12:41:01.0829 0x127c CLKMSVC10_9EC60124 - ok
12:41:01.0891 0x127c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:41:01.0922 0x127c clr_optimization_v2.0.50727_32 - ok
12:41:01.0969 0x127c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:41:01.0969 0x127c clr_optimization_v2.0.50727_64 - ok
12:41:02.0094 0x127c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:02.0250 0x127c clr_optimization_v4.0.30319_32 - ok
12:41:02.0297 0x127c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:41:02.0453 0x127c clr_optimization_v4.0.30319_64 - ok
12:41:02.0484 0x127c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:41:02.0500 0x127c CmBatt - ok
12:41:02.0531 0x127c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:41:02.0546 0x127c cmdide - ok
12:41:02.0624 0x127c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:41:02.0656 0x127c CNG - ok
12:41:02.0702 0x127c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:41:02.0702 0x127c Compbatt - ok
12:41:02.0749 0x127c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:41:02.0749 0x127c CompositeBus - ok
12:41:02.0765 0x127c COMSysApp - ok
12:41:02.0780 0x127c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:41:02.0796 0x127c crcdisk - ok
12:41:02.0874 0x127c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:41:02.0874 0x127c CryptSvc - ok
12:41:03.0108 0x127c [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:41:03.0124 0x127c cvhsvc - ok
12:41:03.0217 0x127c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:41:03.0233 0x127c DcomLaunch - ok
12:41:03.0311 0x127c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:41:03.0326 0x127c defragsvc - ok
12:41:03.0404 0x127c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:41:03.0420 0x127c DfsC - ok
12:41:03.0482 0x127c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:41:03.0498 0x127c Dhcp - ok
12:41:03.0560 0x127c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:41:03.0560 0x127c discache - ok
12:41:03.0607 0x127c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:41:03.0607 0x127c Disk - ok
12:41:03.0670 0x127c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:41:03.0670 0x127c Dnscache - ok
12:41:03.0732 0x127c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:41:03.0748 0x127c dot3svc - ok
12:41:03.0794 0x127c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:41:03.0794 0x127c DPS - ok
12:41:03.0841 0x127c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:41:03.0841 0x127c drmkaud - ok
12:41:03.0966 0x127c [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:41:03.0982 0x127c DsiWMIService - ok
12:41:04.0231 0x127c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:41:04.0247 0x127c DXGKrnl - ok
12:41:04.0294 0x127c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:41:04.0309 0x127c EapHost - ok
12:41:04.0543 0x127c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:41:04.0699 0x127c ebdrv - ok
12:41:04.0777 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:41:04.0777 0x127c EFS - ok
12:41:04.0949 0x127c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:41:04.0996 0x127c ehRecvr - ok
12:41:05.0027 0x127c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:41:05.0042 0x127c ehSched - ok
12:41:05.0120 0x127c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:41:05.0136 0x127c elxstor - ok
12:41:05.0339 0x127c [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:41:05.0354 0x127c ePowerSvc - ok
12:41:05.0417 0x127c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:41:05.0417 0x127c ErrDev - ok
12:41:05.0495 0x127c [ 0975BF32399A24117E317B5BF1D5D0AA, 850217D920BB6E524C08C11A9806B8B148E9CF6CEBED9481BF7C9F07BCA918D5 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
12:41:05.0495 0x127c ETD - ok
12:41:05.0573 0x127c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:41:05.0588 0x127c EventSystem - ok
12:41:05.0651 0x127c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:41:05.0666 0x127c exfat - ok
12:41:05.0698 0x127c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:41:05.0698 0x127c fastfat - ok
12:41:05.0869 0x127c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:41:05.0885 0x127c Fax - ok
12:41:05.0916 0x127c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:41:05.0916 0x127c fdc - ok
12:41:05.0963 0x127c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:41:05.0963 0x127c fdPHost - ok
12:41:06.0010 0x127c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:41:06.0010 0x127c FDResPub - ok
12:41:06.0041 0x127c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:41:06.0041 0x127c FileInfo - ok
12:41:06.0072 0x127c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:41:06.0072 0x127c Filetrace - ok
12:41:06.0150 0x127c [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:41:06.0181 0x127c FLEXnet Licensing Service - ok
12:41:06.0212 0x127c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:41:06.0212 0x127c flpydisk - ok
12:41:06.0290 0x127c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:41:06.0290 0x127c FltMgr - ok
12:41:06.0446 0x127c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:41:06.0478 0x127c FontCache - ok
12:41:06.0571 0x127c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:41:06.0571 0x127c FontCache3.0.0.0 - ok
12:41:06.0618 0x127c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:41:06.0618 0x127c FsDepends - ok
12:41:06.0665 0x127c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:41:06.0665 0x127c Fs_Rec - ok
12:41:06.0727 0x127c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:41:06.0743 0x127c fvevol - ok
12:41:06.0805 0x127c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:41:06.0805 0x127c gagp30kx - ok
12:41:06.0868 0x127c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:41:06.0868 0x127c GEARAspiWDM - ok
12:41:07.0055 0x127c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:41:07.0070 0x127c gpsvc - ok
12:41:07.0148 0x127c [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:41:07.0148 0x127c GREGService - ok
12:41:07.0258 0x127c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:07.0258 0x127c gupdate - ok
12:41:07.0273 0x127c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:07.0289 0x127c gupdatem - ok
12:41:07.0382 0x127c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:41:07.0398 0x127c gusvc - ok
12:41:07.0429 0x127c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:41:07.0429 0x127c hcw85cir - ok
12:41:07.0492 0x127c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:41:07.0523 0x127c HdAudAddService - ok
12:41:07.0554 0x127c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:41:07.0554 0x127c HDAudBus - ok
12:41:07.0601 0x127c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:41:07.0601 0x127c HECIx64 - ok
12:41:07.0648 0x127c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:41:07.0648 0x127c HidBatt - ok
12:41:07.0663 0x127c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:41:07.0663 0x127c HidBth - ok
12:41:07.0679 0x127c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:41:07.0679 0x127c HidIr - ok
12:41:07.0710 0x127c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:41:07.0710 0x127c hidserv - ok
12:41:07.0819 0x127c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:41:07.0819 0x127c HidUsb - ok
12:41:07.0866 0x127c [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
12:41:07.0882 0x127c HipShieldK - ok
12:41:07.0944 0x127c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:41:07.0944 0x127c hkmsvc - ok
12:41:08.0006 0x127c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:41:08.0022 0x127c HomeGroupListener - ok
12:41:08.0116 0x127c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:41:08.0116 0x127c HomeGroupProvider - ok
12:41:08.0381 0x127c [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:41:08.0396 0x127c HomeNetSvc - ok
12:41:08.0459 0x127c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:41:08.0490 0x127c HpSAMD - ok
12:41:08.0693 0x127c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:41:08.0708 0x127c HTTP - ok
12:41:08.0771 0x127c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:41:08.0771 0x127c hwpolicy - ok
12:41:08.0818 0x127c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:41:08.0833 0x127c i8042prt - ok
12:41:08.0896 0x127c [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:41:08.0911 0x127c iaStor - ok
12:41:09.0005 0x127c [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:41:09.0005 0x127c IAStorDataMgrSvc - ok
12:41:09.0067 0x127c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:41:09.0114 0x127c iaStorV - ok
12:41:09.0395 0x127c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:41:09.0410 0x127c idsvc - ok
12:41:09.0442 0x127c IEEtwCollectorService - ok
12:41:10.0534 0x127c [ 31569A2E836C12014148BF7342716946, 07DAEF864AF41E8669A6F2546967014C58898BD42C4C2FA1961F32311D083565 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:41:10.0908 0x127c igfx - ok
12:41:10.0970 0x127c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:41:10.0986 0x127c iirsp - ok
12:41:11.0064 0x127c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:41:11.0080 0x127c IKEEXT - ok
12:41:11.0126 0x127c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:41:11.0142 0x127c Impcd - ok
12:41:11.0314 0x127c [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:41:11.0360 0x127c IntcAzAudAddService - ok
12:41:11.0407 0x127c [ 03C74719D48056A1078F3A51CEB76BAA, 34BCC73EE4D65E1F282208C243C54BBD8458DB50FA893DE3306E1A1E73D05B1A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:41:11.0423 0x127c IntcDAud - ok
12:41:11.0470 0x127c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:41:11.0470 0x127c intelide - ok
12:41:11.0501 0x127c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:41:11.0501 0x127c intelppm - ok
12:41:11.0532 0x127c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:41:11.0548 0x127c IPBusEnum - ok
12:41:11.0579 0x127c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:41:11.0594 0x127c IpFilterDriver - ok
12:41:11.0750 0x127c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:41:11.0766 0x127c iphlpsvc - ok
12:41:11.0844 0x127c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:41:11.0844 0x127c IPMIDRV - ok
12:41:11.0891 0x127c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:41:11.0906 0x127c IPNAT - ok
12:41:12.0016 0x127c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:41:12.0031 0x127c iPod Service - ok
12:41:12.0109 0x127c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:41:12.0109 0x127c IRENUM - ok
12:41:12.0172 0x127c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:41:12.0172 0x127c isapnp - ok
12:41:12.0218 0x127c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:41:12.0250 0x127c iScsiPrt - ok
12:41:12.0296 0x127c [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:41:12.0312 0x127c k57nd60a - ok
12:41:12.0359 0x127c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:41:12.0374 0x127c kbdclass - ok
12:41:12.0406 0x127c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:41:12.0421 0x127c kbdhid - ok
12:41:12.0421 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:41:12.0437 0x127c KeyIso - ok
12:41:12.0515 0x127c [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:41:12.0515 0x127c KSecDD - ok
12:41:12.0577 0x127c [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:41:12.0593 0x127c KSecPkg - ok
12:41:12.0640 0x127c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:41:12.0640 0x127c ksthunk - ok
12:41:12.0718 0x127c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:41:12.0733 0x127c KtmRm - ok
12:41:12.0827 0x127c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:41:12.0842 0x127c LanmanServer - ok
12:41:12.0889 0x127c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:41:12.0905 0x127c LanmanWorkstation - ok
12:41:12.0936 0x127c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:41:12.0952 0x127c lltdio - ok
12:41:13.0045 0x127c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:41:13.0061 0x127c lltdsvc - ok
12:41:13.0092 0x127c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:41:13.0092 0x127c lmhosts - ok
12:41:13.0186 0x127c [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:41:13.0201 0x127c LMS - ok
12:41:13.0232 0x127c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:41:13.0232 0x127c LSI_FC - ok
12:41:13.0264 0x127c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:41:13.0264 0x127c LSI_SAS - ok
12:41:13.0279 0x127c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:41:13.0279 0x127c LSI_SAS2 - ok
12:41:13.0310 0x127c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:41:13.0310 0x127c LSI_SCSI - ok
12:41:13.0326 0x127c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:41:13.0342 0x127c luafv - ok
12:41:13.0435 0x127c [ F00D3112CBA130DFB45EB02A273221CF, A0389BC354B55393539991825DC75C8AB5A48ED3B06E82E1D7C309232B9B7CCA ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:41:13.0435 0x127c MBAMProtector - ok
12:41:13.0669 0x127c [ 44ED972BECE276ECD3401DE6896EA10D, 0D4F438278D579DED76B6EFBB0C4859219F3E0938C70ACA8CC5791D4C8981BCC ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
12:41:13.0700 0x127c MBAMScheduler - ok
12:41:13.0794 0x127c [ 879D80D81BBD732E2DD721042B01BD79, 933CB3E3E570CE0B9E6C6F99110581D893B86A1752FA5418102C2B162E76E4D6 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
12:41:13.0810 0x127c MBAMService - ok
12:41:13.0903 0x127c [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:41:13.0903 0x127c MBAMSwissArmy - ok
12:41:13.0950 0x127c [ E25C997B55DE0364782B55DDF2B70DC6, 81D51E7B23C9BFA193974FD4BA85159D16C3D7111926E11D193D522D9F383CF9 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:41:13.0950 0x127c MBAMWebAccessControl - ok
12:41:14.0106 0x127c [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:41:14.0122 0x127c McAfee SiteAdvisor Service - ok
12:41:14.0246 0x127c [ 2D394AB4EF56D0F3FD453637A9C7466F, EFBCA046C4D5B343A86418E9DAD03CF020B530EB000480363EB527AC859B981A ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
12:41:14.0246 0x127c McAPExe - ok
12:41:14.0340 0x127c [ F8B823414A22DBF3BEC10DCAA5F93CD8, 651C7521033439C0AA9006F1AC2CF376B1588CE781BEE4D10B7622FA3D055F6C ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
12:41:14.0356 0x127c McciCMService - ok
12:41:14.0418 0x127c [ BE3D584D7C021EB7D89166EECB83C341, D29FD9EC53454CBB28FAB5785F977E06A454194274583F01C08AB28D1059F69F ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
12:41:14.0434 0x127c McciCMService64 - ok
12:41:14.0527 0x127c [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:41:14.0543 0x127c McMPFSvc - ok
12:41:14.0590 0x127c [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:41:14.0590 0x127c McNaiAnn - ok
12:41:14.0761 0x127c [ 63D93A440E7AC015D85B9A3DA0C1BBAF, 849A13E91B041DEC2A47F5BE65ADBA6CAC8AF01675D0D8E13730724B54B4DD15 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
12:41:14.0777 0x127c McODS - ok
12:41:14.0855 0x127c [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:41:14.0855 0x127c mcpltsvc - ok
12:41:14.0886 0x127c [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:41:14.0886 0x127c McProxy - ok
12:41:14.0933 0x127c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:41:14.0948 0x127c Mcx2Svc - ok
12:41:14.0964 0x127c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:41:14.0980 0x127c megasas - ok
12:41:15.0011 0x127c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:41:15.0058 0x127c MegaSR - ok
12:41:15.0120 0x127c [ 5C83E2DE29D603259AF04273D6485A42, 530DA9AEA7D05E4BAA1BF48C6B5D71704931AB27A09B16A301CB162ABC2A2976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:41:15.0120 0x127c mfeapfk - ok
12:41:15.0198 0x127c [ E06E9155364C4448B1529FB626256168, 9F7B4B3D23614667BB0C28FA189708648684C71568AB1D7FF0B27E5C8C39DECB ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:41:15.0214 0x127c mfeavfk - ok
12:41:15.0323 0x127c [ E85AC33B3E5D81BF750AC8FFBE7FD46F, 5F62E2732B234176A94E8E3F34A125935FC8D52F608CB4F38FE0DE3E7B25E3D5 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
12:41:15.0354 0x127c mfecore - ok
12:41:15.0432 0x127c [ E6660233118B02B905A53CA751C98708, A8EC1C1EE176F2132A473325B244AE7A468FB6EF163079577155443941B155DA ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:41:15.0448 0x127c mfefire - ok
12:41:15.0541 0x127c [ C2DA65EBCA098520CCA33B81343144A2, 9B3A20ED314C6E626618BE4E065F7355B5EF99BD377DE46A516D6E2EB83DDDCE ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:41:15.0572 0x127c mfefirek - ok
12:41:15.0697 0x127c [ D1895C38D9B1D85557F5514A68A48EC9, 2C39376A49A6FD78678F2ACB0D9F75F3361BC717D980EA7E6630E5BAE26937A6 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:41:15.0713 0x127c mfehidk - ok
12:41:15.0822 0x127c [ 9BBE68D37302E191788058ECA974B870, 9D1034097328A4E83479594DD2AFA857B58D758C227F952FDCED7DEEF23B8D5D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
12:41:15.0838 0x127c mfencbdc - ok
12:41:15.0869 0x127c [ 5A0A092F04A83505799F857371E4A3FF, 1BD7726CB3CDFA7B5C225B695B07AC143B7BE2A3DBD596B30DB2816D407A6C9E ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
12:41:15.0869 0x127c mfencrk - ok
12:41:15.0931 0x127c [ 7CF636B453743A1A9A437AC451F7B819, B5764981567DA846E61B6DDC7EADF15BC9E6882B41205D67A5A91E9EAC0161A8 ] mfevtp C:\Windows\system32\mfevtps.exe
12:41:15.0947 0x127c mfevtp - ok
12:41:16.0040 0x127c [ 4DB07846C1BC5ED4305C6481B6998EF9, 992D9AF39C816C8972DDDC5259E5DB5E18E0078696AC4967EEFA9924DB47920E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:41:16.0056 0x127c mfewfpk - ok
12:41:16.0103 0x127c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:41:16.0103 0x127c MMCSS - ok
12:41:16.0181 0x127c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:41:16.0196 0x127c Modem - ok
12:41:16.0243 0x127c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:41:16.0243 0x127c monitor - ok
12:41:16.0274 0x127c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:41:16.0274 0x127c mouclass - ok
12:41:16.0321 0x127c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:41:16.0337 0x127c mouhid - ok
12:41:16.0415 0x127c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:41:16.0415 0x127c mountmgr - ok
12:41:16.0477 0x127c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:41:16.0477 0x127c mpio - ok
12:41:16.0508 0x127c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:41:16.0524 0x127c mpsdrv - ok
12:41:16.0586 0x127c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:41:16.0618 0x127c MpsSvc - ok
12:41:16.0649 0x127c [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
12:41:16.0664 0x127c MREMP50 - ok
12:41:16.0664 0x127c MREMP50a64 - ok
12:41:16.0680 0x127c MREMPR5 - ok
12:41:16.0696 0x127c MRENDIS5 - ok
12:41:16.0696 0x127c [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
12:41:16.0711 0x127c MRESP50 - ok
12:41:16.0711 0x127c MRESP50a64 - ok
12:41:16.0758 0x127c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:41:16.0758 0x127c MRxDAV - ok
12:41:16.0820 0x127c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:41:16.0820 0x127c mrxsmb - ok
12:41:16.0852 0x127c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:41:16.0852 0x127c mrxsmb10 - ok
12:41:16.0930 0x127c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:41:16.0930 0x127c mrxsmb20 - ok
12:41:17.0008 0x127c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:41:17.0008 0x127c msahci - ok
12:41:17.0039 0x127c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:41:17.0054 0x127c msdsm - ok
12:41:17.0101 0x127c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:41:17.0117 0x127c MSDTC - ok
12:41:17.0164 0x127c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:41:17.0164 0x127c Msfs - ok
12:41:17.0179 0x127c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:41:17.0179 0x127c mshidkmdf - ok
12:41:17.0226 0x127c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:41:17.0226 0x127c msisadrv - ok
12:41:17.0288 0x127c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:41:17.0304 0x127c MSiSCSI - ok
12:41:17.0304 0x127c msiserver - ok
12:41:17.0366 0x127c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:41:17.0366 0x127c MSKSSRV - ok
12:41:17.0413 0x127c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:41:17.0429 0x127c MSPCLOCK - ok
12:41:17.0429 0x127c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:41:17.0429 0x127c MSPQM - ok
12:41:17.0491 0x127c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:41:17.0491 0x127c MsRPC - ok
12:41:17.0538 0x127c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:41:17.0538 0x127c mssmbios - ok
12:41:17.0569 0x127c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:41:17.0585 0x127c MSTEE - ok
12:41:17.0600 0x127c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:41:17.0600 0x127c MTConfig - ok
12:41:17.0632 0x127c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:41:17.0632 0x127c Mup - ok
12:41:17.0647 0x127c [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:41:17.0663 0x127c mwlPSDFilter - ok
12:41:17.0663 0x127c [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:41:17.0678 0x127c mwlPSDNServ - ok
12:41:17.0694 0x127c [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:41:17.0710 0x127c mwlPSDVDisk - ok
12:41:17.0803 0x127c [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
12:41:17.0819 0x127c MWLService - ok
12:41:17.0944 0x127c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:41:17.0975 0x127c napagent - ok
12:41:18.0053 0x127c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:41:18.0068 0x127c NativeWifiP - ok
12:41:18.0271 0x127c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:41:18.0287 0x127c NDIS - ok
12:41:18.0334 0x127c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:41:18.0334 0x127c NdisCap - ok
12:41:18.0365 0x127c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:41:18.0365 0x127c NdisTapi - ok
12:41:18.0412 0x127c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:41:18.0412 0x127c Ndisuio - ok
12:41:18.0474 0x127c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:41:18.0490 0x127c NdisWan - ok
12:41:18.0552 0x127c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:41:18.0568 0x127c NDProxy - ok
12:41:18.0661 0x127c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:41:18.0677 0x127c NetBIOS - ok
12:41:18.0724 0x127c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:41:18.0739 0x127c NetBT - ok
12:41:18.0755 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:41:18.0755 0x127c Netlogon - ok
12:41:18.0817 0x127c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:41:18.0833 0x127c Netman - ok
12:41:18.0958 0x127c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:18.0989 0x127c NetMsmqActivator - ok
12:41:19.0004 0x127c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:19.0004 0x127c NetPipeActivator - ok
12:41:19.0036 0x127c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:41:19.0051 0x127c netprofm - ok
12:41:19.0067 0x127c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:19.0067 0x127c NetTcpActivator - ok
12:41:19.0082 0x127c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:41:19.0082 0x127c NetTcpPortSharing - ok
12:41:19.0114 0x127c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:41:19.0129 0x127c nfrd960 - ok
12:41:19.0176 0x127c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:41:19.0192 0x127c NlaSvc - ok
12:41:19.0348 0x127c [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
12:41:19.0410 0x127c NOBU - ok
12:41:19.0441 0x127c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:41:19.0457 0x127c Npfs - ok
12:41:19.0472 0x127c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:41:19.0472 0x127c nsi - ok
12:41:19.0504 0x127c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:41:19.0504 0x127c nsiproxy - ok
12:41:19.0738 0x127c [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:41:19.0800 0x127c Ntfs - ok
12:41:19.0909 0x127c [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:41:19.0925 0x127c NTI IScheduleSvc - ok
12:41:19.0972 0x127c [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:41:19.0972 0x127c NTIDrvr - ok
12:41:19.0987 0x127c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:41:19.0987 0x127c Null - ok
12:41:20.0018 0x127c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:41:20.0034 0x127c nvraid - ok
12:41:20.0065 0x127c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:41:20.0081 0x127c nvstor - ok
12:41:20.0112 0x127c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:41:20.0112 0x127c nv_agp - ok
12:41:20.0143 0x127c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:41:20.0143 0x127c ohci1394 - ok
12:41:20.0206 0x127c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:41:20.0221 0x127c ose - ok
12:41:20.0596 0x127c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:41:20.0798 0x127c osppsvc - ok
12:41:20.0892 0x127c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:41:20.0908 0x127c p2pimsvc - ok
12:41:20.0923 0x127c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:41:20.0939 0x127c p2psvc - ok
12:41:20.0970 0x127c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:41:20.0970 0x127c Parport - ok
12:41:21.0048 0x127c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:41:21.0048 0x127c partmgr - ok
12:41:21.0079 0x127c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:41:21.0095 0x127c PcaSvc - ok
12:41:21.0110 0x127c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:41:21.0110 0x127c pci - ok
12:41:21.0157 0x127c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:41:21.0204 0x127c pciide - ok
12:41:21.0235 0x127c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:41:21.0235 0x127c pcmcia - ok
12:41:21.0266 0x127c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:41:21.0266 0x127c pcw - ok
12:41:21.0298 0x127c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:41:21.0313 0x127c PEAUTH - ok
12:41:21.0422 0x127c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:41:21.0422 0x127c PerfHost - ok
12:41:21.0547 0x127c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:41:21.0594 0x127c pla - ok
12:41:21.0672 0x127c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:41:21.0688 0x127c PlugPlay - ok
12:41:21.0719 0x127c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:41:21.0734 0x127c PNRPAutoReg - ok
12:41:21.0766 0x127c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:41:21.0781 0x127c PNRPsvc - ok
12:41:21.0812 0x127c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:41:21.0828 0x127c PolicyAgent - ok
12:41:21.0875 0x127c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:41:21.0875 0x127c Power - ok
12:41:21.0937 0x127c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:41:21.0953 0x127c PptpMiniport - ok
12:41:21.0984 0x127c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:41:21.0984 0x127c Processor - ok
12:41:22.0015 0x127c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:41:22.0031 0x127c ProfSvc - ok
12:41:22.0031 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:41:22.0031 0x127c ProtectedStorage - ok
12:41:22.0093 0x127c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:41:22.0093 0x127c Psched - ok
12:41:22.0140 0x127c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:41:22.0156 0x127c PxHlpa64 - ok
12:41:22.0374 0x127c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:41:22.0421 0x127c ql2300 - ok
12:41:22.0452 0x127c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:41:22.0468 0x127c ql40xx - ok
12:41:22.0530 0x127c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:41:22.0530 0x127c QWAVE - ok
12:41:22.0546 0x127c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:41:22.0546 0x127c QWAVEdrv - ok
12:41:22.0561 0x127c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:41:22.0561 0x127c RasAcd - ok
12:41:22.0608 0x127c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:41:22.0608 0x127c RasAgileVpn - ok
12:41:22.0639 0x127c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:41:22.0655 0x127c RasAuto - ok
12:41:22.0717 0x127c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:41:22.0748 0x127c Rasl2tp - ok
12:41:22.0811 0x127c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:41:22.0811 0x127c RasMan - ok
12:41:22.0889 0x127c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:41:22.0889 0x127c RasPppoe - ok
12:41:22.0951 0x127c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:41:22.0967 0x127c RasSstp - ok
12:41:23.0076 0x127c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:41:23.0092 0x127c rdbss - ok
12:41:23.0107 0x127c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:41:23.0107 0x127c rdpbus - ok
12:41:23.0138 0x127c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:41:23.0138 0x127c RDPCDD - ok
12:41:23.0170 0x127c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:41:23.0170 0x127c RDPENCDD - ok
12:41:23.0185 0x127c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:41:23.0185 0x127c RDPREFMP - ok
12:41:23.0216 0x127c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:41:23.0232 0x127c RDPWD - ok
12:41:23.0294 0x127c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:41:23.0326 0x127c rdyboost - ok
12:41:23.0372 0x127c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:41:23.0388 0x127c RemoteAccess - ok
12:41:23.0419 0x127c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:41:23.0435 0x127c RemoteRegistry - ok
12:41:23.0560 0x127c [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:41:23.0638 0x127c RichVideo - ok
12:41:23.0700 0x127c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:41:23.0700 0x127c RpcEptMapper - ok
12:41:23.0731 0x127c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:41:23.0778 0x127c RpcLocator - ok
12:41:23.0856 0x127c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:41:23.0872 0x127c RpcSs - ok
12:41:23.0918 0x127c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:41:23.0934 0x127c rspndr - ok
12:41:23.0981 0x127c [ 0E3DCF76F11DC431B088A2DFD7265CDA, 7FCC8A9C28B8B2E9EC6AB9FFF7354929838134F61DB9D5BB96C5F6A7ABDC6B6A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:41:23.0996 0x127c RSUSBSTOR - ok
12:41:23.0996 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:41:24.0012 0x127c SamSs - ok
12:41:24.0059 0x127c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:41:24.0074 0x127c sbp2port - ok
12:41:24.0106 0x127c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:41:24.0137 0x127c SCardSvr - ok
12:41:24.0184 0x127c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:41:24.0199 0x127c scfilter - ok
12:41:24.0324 0x127c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:41:24.0371 0x127c Schedule - ok
12:41:24.0402 0x127c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:41:24.0402 0x127c SCPolicySvc - ok
12:41:24.0464 0x127c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:41:24.0464 0x127c SDRSVC - ok
12:41:24.0527 0x127c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:41:24.0527 0x127c secdrv - ok
12:41:24.0574 0x127c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:41:24.0574 0x127c seclogon - ok
12:41:24.0620 0x127c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:41:24.0620 0x127c SENS - ok
12:41:24.0652 0x127c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:41:24.0652 0x127c SensrSvc - ok
12:41:24.0667 0x127c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:41:24.0683 0x127c Serenum - ok
12:41:24.0698 0x127c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:41:24.0714 0x127c Serial - ok
12:41:24.0745 0x127c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:41:24.0745 0x127c sermouse - ok
12:41:24.0808 0x127c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:41:24.0808 0x127c SessionEnv - ok
12:41:24.0870 0x127c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:41:24.0870 0x127c sffdisk - ok
12:41:24.0917 0x127c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:41:24.0917 0x127c sffp_mmc - ok
12:41:24.0932 0x127c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:41:24.0948 0x127c sffp_sd - ok
12:41:24.0979 0x127c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:41:24.0995 0x127c sfloppy - ok
12:41:25.0042 0x127c [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:41:25.0073 0x127c Sftfs - ok
12:41:25.0244 0x127c [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:41:25.0260 0x127c sftlist - ok
12:41:25.0369 0x127c [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:41:25.0385 0x127c Sftplay - ok
12:41:25.0432 0x127c [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:41:25.0432 0x127c Sftredir - ok
12:41:25.0478 0x127c [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:41:25.0478 0x127c Sftvol - ok
12:41:25.0541 0x127c [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:41:25.0556 0x127c sftvsa - ok
12:41:25.0650 0x127c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:41:25.0681 0x127c SharedAccess - ok
12:41:25.0728 0x127c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:41:25.0728 0x127c ShellHWDetection - ok
12:41:25.0775 0x127c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:41:25.0775 0x127c SiSRaid2 - ok
12:41:25.0806 0x127c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:41:25.0806 0x127c SiSRaid4 - ok
12:41:25.0822 0x127c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:41:25.0837 0x127c Smb - ok
12:41:25.0868 0x127c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:41:25.0868 0x127c SNMPTRAP - ok
12:41:25.0884 0x127c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:41:25.0884 0x127c spldr - ok
12:41:26.0009 0x127c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:41:26.0024 0x127c Spooler - ok
12:41:26.0227 0x127c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:41:26.0305 0x127c sppsvc - ok
12:41:26.0352 0x127c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:41:26.0352 0x127c sppuinotify - ok
12:41:26.0383 0x127c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:41:26.0399 0x127c srv - ok
12:41:26.0446 0x127c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:41:26.0446 0x127c srv2 - ok
12:41:26.0524 0x127c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:41:26.0539 0x127c srvnet - ok
12:41:26.0586 0x127c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:41:26.0586 0x127c SSDPSRV - ok
12:41:26.0602 0x127c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:41:26.0602 0x127c SstpSvc - ok
12:41:26.0649 0x127c Steam Client Service - ok
12:41:26.0711 0x127c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:41:26.0711 0x127c stexstor - ok
12:41:26.0789 0x127c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:41:26.0805 0x127c stisvc - ok
12:41:26.0883 0x127c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:41:26.0883 0x127c swenum - ok
12:41:26.0961 0x127c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:41:26.0992 0x127c swprv - ok
12:41:27.0117 0x127c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:41:27.0148 0x127c SysMain - ok
12:41:27.0210 0x127c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:41:27.0226 0x127c TabletInputService - ok
12:41:27.0304 0x127c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:41:27.0335 0x127c TapiSrv - ok
12:41:27.0382 0x127c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:41:27.0382 0x127c TBS - ok
12:41:27.0678 0x127c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:41:27.0787 0x127c Tcpip - ok
12:41:27.0897 0x127c [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:41:27.0943 0x127c TCPIP6 - ok
12:41:28.0006 0x127c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:41:28.0006 0x127c tcpipreg - ok
12:41:28.0037 0x127c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:41:28.0053 0x127c TDPIPE - ok
12:41:28.0068 0x127c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:41:28.0084 0x127c TDTCP - ok
12:41:28.0131 0x127c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:41:28.0146 0x127c tdx - ok
12:41:28.0177 0x127c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:41:28.0177 0x127c TermDD - ok
12:41:28.0318 0x127c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:41:28.0333 0x127c TermService - ok
12:41:28.0365 0x127c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:41:28.0365 0x127c Themes - ok
12:41:28.0396 0x127c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:41:28.0396 0x127c THREADORDER - ok
12:41:28.0427 0x127c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:41:28.0427 0x127c TrkWks - ok
12:41:28.0536 0x127c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:41:28.0552 0x127c TrustedInstaller - ok
12:41:28.0583 0x127c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:41:28.0583 0x127c tssecsrv - ok
12:41:28.0661 0x127c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:41:28.0661 0x127c TsUsbFlt - ok
12:41:28.0739 0x127c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:41:28.0755 0x127c tunnel - ok
12:41:28.0770 0x127c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:41:28.0786 0x127c uagp35 - ok
12:41:28.0801 0x127c [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:41:28.0801 0x127c UBHelper - ok
12:41:28.0926 0x127c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:41:28.0973 0x127c udfs - ok
12:41:29.0035 0x127c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:41:29.0035 0x127c UI0Detect - ok
12:41:29.0051 0x127c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:41:29.0067 0x127c uliagpkx - ok
12:41:29.0129 0x127c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:41:29.0145 0x127c umbus - ok
12:41:29.0176 0x127c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:41:29.0176 0x127c UmPass - ok
12:41:29.0363 0x127c [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:41:29.0410 0x127c UNS - ok
12:41:29.0488 0x127c [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:41:29.0488 0x127c Updater Service - ok
12:41:29.0535 0x127c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:41:29.0550 0x127c upnphost - ok
12:41:29.0597 0x127c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:41:29.0597 0x127c usbccgp - ok
12:41:29.0675 0x127c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:41:29.0675 0x127c usbcir - ok
12:41:29.0722 0x127c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:41:29.0722 0x127c usbehci - ok
12:41:29.0754 0x127c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:41:29.0770 0x127c usbhub - ok
12:41:29.0801 0x127c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:41:29.0801 0x127c usbohci - ok
12:41:29.0863 0x127c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:41:29.0863 0x127c usbprint - ok
12:41:29.0910 0x127c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:41:29.0910 0x127c usbscan - ok
12:41:29.0957 0x127c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:41:29.0972 0x127c USBSTOR - ok
12:41:30.0035 0x127c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:41:30.0035 0x127c usbuhci - ok
12:41:30.0113 0x127c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:41:30.0113 0x127c usbvideo - ok
12:41:30.0160 0x127c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:41:30.0160 0x127c UxSms - ok
12:41:30.0175 0x127c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:41:30.0191 0x127c VaultSvc - ok
12:41:30.0238 0x127c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:41:30.0238 0x127c vdrvroot - ok
12:41:30.0316 0x127c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:41:30.0331 0x127c vds - ok
12:41:30.0378 0x127c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:41:30.0394 0x127c vga - ok
12:41:30.0409 0x127c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:41:30.0425 0x127c VgaSave - ok
12:41:30.0456 0x127c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:41:30.0472 0x127c vhdmp - ok
12:41:30.0503 0x127c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:41:30.0518 0x127c viaide - ok
12:41:30.0550 0x127c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:41:30.0550 0x127c volmgr - ok
12:41:30.0612 0x127c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:41:30.0643 0x127c volmgrx - ok
12:41:30.0706 0x127c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:41:30.0721 0x127c volsnap - ok
12:41:30.0769 0x127c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:41:30.0785 0x127c vsmraid - ok
12:41:30.0987 0x127c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:41:31.0097 0x127c VSS - ok
12:41:31.0112 0x127c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:41:31.0112 0x127c vwifibus - ok
12:41:31.0143 0x127c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:41:31.0143 0x127c vwififlt - ok
12:41:31.0175 0x127c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:41:31.0190 0x127c W32Time - ok
12:41:31.0253 0x127c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:41:31.0253 0x127c WacomPen - ok
12:41:31.0331 0x127c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:41:31.0346 0x127c WANARP - ok
12:41:31.0346 0x127c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:41:31.0362 0x127c Wanarpv6 - ok
12:41:31.0502 0x127c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:41:31.0549 0x127c WatAdminSvc - ok
12:41:31.0799 0x127c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:41:31.0861 0x127c wbengine - ok
12:41:31.0892 0x127c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:41:31.0892 0x127c WbioSrvc - ok
12:41:32.0001 0x127c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:41:32.0017 0x127c wcncsvc - ok
12:41:32.0048 0x127c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:41:32.0064 0x127c WcsPlugInService - ok
12:41:32.0079 0x127c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:41:32.0079 0x127c Wd - ok
12:41:32.0173 0x127c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:41:32.0204 0x127c Wdf01000 - ok
12:41:32.0235 0x127c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:41:32.0251 0x127c WdiServiceHost - ok
12:41:32.0251 0x127c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:41:32.0251 0x127c WdiSystemHost - ok
12:41:32.0360 0x127c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:41:32.0376 0x127c WebClient - ok
12:41:32.0407 0x127c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:41:32.0423 0x127c Wecsvc - ok
12:41:32.0438 0x127c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:41:32.0438 0x127c wercplsupport - ok
12:41:32.0469 0x127c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:41:32.0469 0x127c WerSvc - ok
12:41:32.0501 0x127c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:41:32.0516 0x127c WfpLwf - ok
12:41:32.0563 0x127c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:41:32.0563 0x127c WIMMount - ok
12:41:32.0594 0x127c WinDefend - ok
12:41:32.0625 0x127c WinHttpAutoProxySvc - ok
12:41:32.0735 0x127c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:41:32.0750 0x127c Winmgmt - ok
12:41:32.0875 0x127c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:41:32.0969 0x127c WinRM - ok
12:41:33.0031 0x127c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:41:33.0047 0x127c WinUsb - ok
12:41:33.0125 0x127c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:41:33.0171 0x127c Wlansvc - ok
12:41:33.0234 0x127c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:41:33.0234 0x127c wlcrasvc - ok
12:41:33.0515 0x127c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:33.0561 0x127c wlidsvc - ok
12:41:33.0624 0x127c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:41:33.0639 0x127c WmiAcpi - ok
12:41:33.0749 0x127c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:41:33.0764 0x127c wmiApSrv - ok
12:41:33.0795 0x127c WMPNetworkSvc - ok
12:41:33.0842 0x127c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:41:33.0842 0x127c WPCSvc - ok
12:41:33.0905 0x127c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:41:33.0920 0x127c WPDBusEnum - ok
12:41:33.0936 0x127c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:41:33.0936 0x127c ws2ifsl - ok
12:41:33.0967 0x127c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:41:33.0967 0x127c wscsvc - ok
12:41:33.0983 0x127c WSearch - ok
12:41:34.0170 0x127c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:41:34.0217 0x127c wuauserv - ok
12:41:34.0357 0x127c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:41:34.0373 0x127c WudfPf - ok
12:41:34.0419 0x127c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:41:34.0435 0x127c WUDFRd - ok
12:41:34.0482 0x127c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:41:34.0482 0x127c wudfsvc - ok
12:41:34.0575 0x127c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:41:34.0591 0x127c WwanSvc - ok
12:41:34.0591 0x127c ================ Scan global ===============================
12:41:34.0638 0x127c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:41:34.0685 0x127c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:34.0700 0x127c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:41:34.0747 0x127c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:41:34.0778 0x127c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:41:34.0794 0x127c [ Global ] - ok
12:41:34.0794 0x127c ================ Scan MBR ==================================
12:41:34.0809 0x127c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:41:35.0231 0x127c \Device\Harddisk0\DR0 - ok
12:41:35.0231 0x127c ================ Scan VBR ==================================
12:41:35.0277 0x127c [ 4BE0C1C7C5AE0AA5F276157A7F0AF0EB ] \Device\Harddisk0\DR0\Partition1
12:41:35.0293 0x127c \Device\Harddisk0\DR0\Partition1 - ok
12:41:35.0309 0x127c [ 5D463C65B8233876291CC87DF1B1EA8F ] \Device\Harddisk0\DR0\Partition2
12:41:35.0371 0x127c \Device\Harddisk0\DR0\Partition2 - ok
12:41:35.0371 0x127c Waiting for KSN requests completion. In queue: 82
12:41:36.0385 0x127c Waiting for KSN requests completion. In queue: 82
12:41:37.0399 0x127c Waiting for KSN requests completion. In queue: 82
12:41:38.0475 0x127c AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
12:41:38.0475 0x127c FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
12:41:41.0034 0x127c ============================================================
12:41:41.0034 0x127c Scan finished
12:41:41.0034 0x127c ============================================================
12:41:41.0049 0x12fc Detected object count: 0
12:41:41.0049 0x12fc Actual detected object count: 0
12:44:22.0260 0x1a54 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users