Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Split From Explorer.exe High CPU Usage in Win 7 Forum


  • This topic is locked This topic is locked
16 replies to this topic

#1 paulos123

paulos123

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 27 May 2014 - 07:19 AM

you can see that other people also have the same problem

 

topic in this forum

http://www.bleepingcomputer.com/forums/t/535678/explorerexe-taking-uo-50-of-cpu-usage/



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,390 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:31 AM

Posted 27 May 2014 - 09:01 AM

The topic you linked to and referenced...is a malware topic.

 

We don't work malware issues in this forum, this forum is only for non-malware and non-hardware issues relative to Windows 7.

 

Would you like me to move your topic to the malware forum reflected in your linked topic?  If you suspect or have a malware issue...that's what should be done.

 

Louis



#3 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 27 May 2014 - 12:22 PM

hey louis you checked and found no issue in the operating system(win7),so it can be an infection,please move the topic to malware forum to make some scans and finish with that problem.

thanks pavlos.



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,390 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:31 AM

Posted 27 May 2014 - 01:58 PM

Moved to AII for malware check.

 

Louis



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 AM

Posted 27 May 2014 - 01:58 PM

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 27 May 2014 - 03:03 PM

the log files you want me to just copy them on the topic or is there a way to upload them to the topic?


Edited by paulos123, 28 May 2014 - 05:49 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 AM

Posted 27 May 2014 - 04:13 PM

copy/paste is fine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 27 May 2014 - 08:47 PM

ESET LOG
 
C:\Program Files\NCH Software\Switch\switch.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files\NCH Software\Switch\switchsetup_v4.35.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files\NCH Software\WavePad\wavepadsetup_v5.55.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
C:\Program Files\NCH Swift Sound\Switch\switchsetup_v4.04.exe a variant of Win32/Toolbar.Conduit.J potentially unwanted application deleted - quarantined
C:\Program Files\NCH Swift Sound\Switch\uninst.exe a variant of Win32/Toolbar.Conduit.J potentially unwanted application deleted - quarantined
C:\Users\paulos\Desktop\gizmo\FreeStudio.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\paulos\Desktop\sdf\FreeStudio.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\paulos\Desktop\sdf\MyPhoneExplorer_Setup_1.8.4.exe Win32/DownWare.L potentially unwanted application deleted - quarantined
C:\Users\paulos\Desktop\tech support\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\paulos\Desktop\???? ???????\AVGSecureSearchInstaller.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\Eset 7.0.302.0 full package\02_Tools\ESET Fix\ESET Fix.zip Win32/RiskWare.HackAV.MQ application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\Eset 7.0.302.0 full package\02_Tools\ESET Key finders\MiNodLogin 4.0.2.66\MiNodLogin4.0.2.66.rar Win32/RiskWare.HackAV.MI application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\Eset 7.0.302.0 full package\02_Tools\ESET Key finders\TNod 1.4.2.3\TNod_v1.4.2.3_package.rar a variant of Win32/RiskWare.HackAV.JA application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\kaspersky\Kaspersky Internet Security 2014 Patch (Demo) by IamBidyuT.rar a variant of Win32/HackTool.Patcher.U potentially unsafe application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\kaspersky\KRT_2.2.0.17.rar a variant of Win32/RiskWare.HackAV.OM application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\kaspersky\Kaspersky Internet Security 2014 14.0.0.5448d Final+Trail Reset\Kasper14Act.rar Win32/RiskWare.HackAV.NR application deleted - quarantined
C:\Users\paulos\Downloads\antivirus\kaspersky\Kaspersky Pure 1 Year Key with blacklist crack\Kaspersky Blacklist Crack 2010, 2009, 7 - All Products.rar Win32/RiskWare.HackAV.FF application deleted - quarantined
C:\Users\paulos\Downloads\programs\spotflux-latestPC.exe a variant of Win32/Bunndle potentially unsafe application deleted - quarantined
C:\Users\paulos\Downloads\programs\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Users\paulos\Downloads\programs\Windows 7 Ultimate SP1 x86 Integrated December 2013\Windows Loader v2.2.1.zip Win32/HackTool.WinActivator.I potentially unsafe application deleted - quarantined
C:\Users\paulos\Downloads\programs\???? ???????\FoxitReader611.1031_enu_Setup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\paulos\Downloads\programs\???? ???????\SSASetup.640.Incl.Serial ~~TGT~~.rar a variant of Win32/Injector.CRM trojan deleted - quarantined
C:\Users\paulos\Downloads\programs\???? ???????\DFX Audio Enhancer 11.109 Incl Crack [TorDigger]\dfxSetup-Winamp.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\paulos\Downloads\rar\ubcd530.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantined
 
 
 
 
TDSS ROOTKIT
 
 
 
22:03:05.0208 0x07b4  TDSS rootkit removing tool 3.0.0.35 May 23 2014 07:32:03
22:03:08.0495 0x07b4  ============================================================
22:03:08.0495 0x07b4  Current date / time: 2014/05/27 22:03:08.0495
22:03:08.0495 0x07b4  SystemInfo:
22:03:08.0495 0x07b4  
22:03:08.0495 0x07b4  OS Version: 6.1.7601 ServicePack: 1.0
22:03:08.0495 0x07b4  Product type: Workstation
22:03:08.0495 0x07b4  ComputerName: PAULOS-PC
22:03:08.0496 0x07b4  UserName: paulos
22:03:08.0496 0x07b4  Windows directory: C:\Windows
22:03:08.0496 0x07b4  System windows directory: C:\Windows
22:03:08.0496 0x07b4  Processor architecture: Intel x86
22:03:08.0496 0x07b4  Number of processors: 2
22:03:08.0496 0x07b4  Page size: 0x1000
22:03:08.0496 0x07b4  Boot type: Normal boot
22:03:08.0496 0x07b4  ============================================================
22:03:11.0638 0x07b4  KLMD registered as C:\Windows\system32\drivers\56889503.sys
22:03:11.0906 0x07b4  System UUID: {1612DCB4-DE25-EA27-CA83-B7A334337DAB}
22:03:12.0849 0x07b4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:03:12.0869 0x07b4  ============================================================
22:03:12.0869 0x07b4  \Device\Harddisk0\DR0:
22:03:12.0869 0x07b4  MBR partitions:
22:03:12.0869 0x07b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0xDF21800
22:03:12.0869 0x07b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2AA000, BlocksNum 0xDF1B000
22:03:12.0869 0x07b4  ============================================================
22:03:12.0917 0x07b4  C: <-> \Device\Harddisk0\DR0\Partition1
22:03:13.0076 0x07b4  D: <-> \Device\Harddisk0\DR0\Partition2
22:03:13.0077 0x07b4  ============================================================
22:03:13.0077 0x07b4  Initialize success
22:03:13.0078 0x07b4  ============================================================
22:04:00.0802 0x06bc  ============================================================
22:04:00.0802 0x06bc  Scan started
22:04:00.0802 0x06bc  Mode: Manual; 
22:04:00.0802 0x06bc  ============================================================
22:04:00.0803 0x06bc  KSN ping started
22:04:03.0487 0x06bc  KSN ping finished: true
22:04:04.0133 0x06bc  ================ Scan system memory ========================
22:04:04.0133 0x06bc  System memory - ok
22:04:04.0133 0x06bc  ================ Scan services =============================
22:04:04.0327 0x06bc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:04:04.0333 0x06bc  1394ohci - ok
22:04:04.0482 0x06bc  [ 2A5E5246F22530E351C9F3F2C1CD63B9, 4F58884CC9B1B77D6E92CB2B1BAB5976A4E118FDFD19ABA50E3BA62824944117 ] ABBYY.Licensing.FineReader.Professional.9.0 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
22:04:04.0516 0x06bc  ABBYY.Licensing.FineReader.Professional.9.0 - ok
22:04:04.0556 0x06bc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:04:04.0564 0x06bc  ACPI - ok
22:04:04.0599 0x06bc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:04:04.0601 0x06bc  AcpiPmi - ok
22:04:04.0687 0x06bc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:04:04.0690 0x06bc  AdobeARMservice - ok
22:04:04.0739 0x06bc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:04:04.0762 0x06bc  adp94xx - ok
22:04:04.0797 0x06bc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:04:04.0816 0x06bc  adpahci - ok
22:04:04.0841 0x06bc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:04:04.0847 0x06bc  adpu320 - ok
22:04:04.0888 0x06bc  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:04:04.0891 0x06bc  AeLookupSvc - ok
22:04:04.0939 0x06bc  [ 66DD39CA12BAEB8D32111581769D9117, 375F5D1A4D234E1A6AE0606E303165E2DB63D5B54B8241D3A5EB7490BD0CC954 ] AFD             C:\Windows\system32\drivers\afd.sys
22:04:04.0969 0x06bc  AFD - ok
22:04:05.0151 0x06bc  [ 48091A2374A69F473273C44951195452, 95887C5965ACD475891E2F241E59BDD98E1B5C0BDAD425F5BC7C9E4DB375B57B ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
22:04:05.0185 0x06bc  AgereModemAudio - ok
22:04:05.0249 0x06bc  [ 0A5838AE776C4D489003CDD161557D39, E3736C6C33BDB36201C3134704E65364B01A0A30B1AE10077E4503902EF9FF25 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
22:04:05.0275 0x06bc  AgereSoftModem - ok
22:04:05.0309 0x06bc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:04:05.0312 0x06bc  agp440 - ok
22:04:05.0348 0x06bc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:04:05.0352 0x06bc  aic78xx - ok
22:04:05.0387 0x06bc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
22:04:05.0390 0x06bc  ALG - ok
22:04:05.0426 0x06bc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:04:05.0428 0x06bc  aliide - ok
22:04:05.0436 0x06bc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:04:05.0439 0x06bc  amdagp - ok
22:04:05.0446 0x06bc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:04:05.0449 0x06bc  amdide - ok
22:04:05.0484 0x06bc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:04:05.0487 0x06bc  AmdK8 - ok
22:04:05.0505 0x06bc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:04:05.0508 0x06bc  AmdPPM - ok
22:04:05.0555 0x06bc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:04:05.0558 0x06bc  amdsata - ok
22:04:05.0586 0x06bc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:04:05.0592 0x06bc  amdsbs - ok
22:04:05.0608 0x06bc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:04:05.0609 0x06bc  amdxata - ok
22:04:05.0655 0x06bc  [ 0AF3961280E854194ED3F57C38B4340A, 8A59626633DF0BBE789A14B82589CDEAD7501ADDE6178A9FF413F141FD514A9D ] AppID           C:\Windows\system32\drivers\appid.sys
22:04:05.0658 0x06bc  AppID - ok
22:04:05.0695 0x06bc  [ 2BA2A9743002F187C1028E5C59C639EB, 8769BA51911D7F895255115CA96D84E0ED99DA01F2B9185535FDBD38810EE3AE ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:04:05.0698 0x06bc  AppIDSvc - ok
22:04:05.0740 0x06bc  [ 2C3479170F830503C55FB9ADFDA737A1, FCCFC5C3BB01A0CDA7FF94DED613A2ED492B509141FF75B69E82C4D25ED573AF ] Appinfo         C:\Windows\System32\appinfo.dll
22:04:05.0742 0x06bc  Appinfo - ok
22:04:05.0783 0x06bc  [ 635584D0EBD27BFBCAEFD64347A163CE, B6DF385806C3715F49CBF2D755A4C4F2C634AB6B6C61CBE805A3DFA77A4351C9 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:04:05.0788 0x06bc  AppMgmt - ok
22:04:05.0821 0x06bc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
22:04:05.0824 0x06bc  arc - ok
22:04:05.0840 0x06bc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:04:05.0844 0x06bc  arcsas - ok
22:04:05.0977 0x06bc  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:04:05.0980 0x06bc  aspnet_state - ok
22:04:06.0011 0x06bc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:04:06.0013 0x06bc  AsyncMac - ok
22:04:06.0047 0x06bc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:04:06.0049 0x06bc  atapi - ok
22:04:06.0200 0x06bc  [ 4E76CEF4EE8BBDCDD739B9E0659BDB21, 96A484FAE26BE0E0A288BF1FC35553773882CC0959691CAC2E2AE6E41214ECE5 ] athr            C:\Windows\system32\DRIVERS\athr.sys
22:04:06.0326 0x06bc  athr - ok
22:04:06.0388 0x06bc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:04:06.0411 0x06bc  AudioEndpointBuilder - ok
22:04:06.0431 0x06bc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:04:06.0442 0x06bc  Audiosrv - ok
22:04:06.0499 0x06bc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:04:06.0503 0x06bc  AxInstSV - ok
22:04:06.0571 0x06bc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
22:04:06.0594 0x06bc  b06bdrv - ok
22:04:06.0630 0x06bc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:04:06.0638 0x06bc  b57nd60x - ok
22:04:06.0683 0x06bc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
22:04:06.0687 0x06bc  BDESVC - ok
22:04:06.0716 0x06bc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:04:06.0717 0x06bc  Beep - ok
22:04:06.0767 0x06bc  [ CDF46BFB74EC0DAB0849037D91E0DCFC, F5C8EEE34C07F4256A5A8D8C771626691B9C0CAFB850FCA51F9EE7A394E88129 ] BFE             C:\Windows\System32\bfe.dll
22:04:06.0790 0x06bc  BFE - ok
22:04:06.0844 0x06bc  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
22:04:06.0879 0x06bc  BITS - ok
22:04:06.0902 0x06bc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:04:06.0904 0x06bc  blbdrive - ok
22:04:06.0918 0x06bc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:04:06.0921 0x06bc  bowser - ok
22:04:06.0944 0x06bc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:04:06.0946 0x06bc  BrFiltLo - ok
22:04:06.0963 0x06bc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:04:06.0964 0x06bc  BrFiltUp - ok
22:04:07.0004 0x06bc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
22:04:07.0007 0x06bc  Browser - ok
22:04:07.0042 0x06bc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:04:07.0050 0x06bc  Brserid - ok
22:04:07.0088 0x06bc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:04:07.0091 0x06bc  BrSerWdm - ok
22:04:07.0109 0x06bc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:04:07.0111 0x06bc  BrUsbMdm - ok
22:04:07.0130 0x06bc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:04:07.0132 0x06bc  BrUsbSer - ok
22:04:07.0149 0x06bc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:04:07.0152 0x06bc  BTHMODEM - ok
22:04:07.0218 0x06bc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
22:04:07.0221 0x06bc  bthserv - ok
22:04:07.0256 0x06bc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:04:07.0259 0x06bc  cdfs - ok
22:04:07.0296 0x06bc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:04:07.0301 0x06bc  cdrom - ok
22:04:07.0334 0x06bc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:04:07.0337 0x06bc  CertPropSvc - ok
22:04:07.0409 0x06bc  [ F55032201D4C611733918F9F45CC80F9, 21EE270D96A4F0C98A7B0A76BC0397480C579D631ACC7712D379A5D8C608415F ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
22:04:07.0412 0x06bc  CGVPNCliService - ok
22:04:07.0436 0x06bc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:04:07.0438 0x06bc  circlass - ok
22:04:07.0460 0x06bc  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
22:04:07.0467 0x06bc  CLFS - ok
22:04:07.0535 0x06bc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:04:07.0539 0x06bc  clr_optimization_v2.0.50727_32 - ok
22:04:07.0586 0x06bc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:04:07.0603 0x06bc  clr_optimization_v4.0.30319_32 - ok
22:04:07.0624 0x06bc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:04:07.0626 0x06bc  CmBatt - ok
22:04:07.0644 0x06bc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:04:07.0674 0x06bc  cmdide - ok
22:04:07.0730 0x06bc  [ FF1F3273DE17F630FCABF165BD7064CB, 29184D547001E2D92D52892CA53682F80C162D2FB6A7BC79149DC964B4BC26FF ] CNG             C:\Windows\system32\Drivers\cng.sys
22:04:07.0752 0x06bc  CNG - ok
22:04:07.0792 0x06bc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:04:07.0793 0x06bc  Compbatt - ok
22:04:07.0816 0x06bc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:04:07.0818 0x06bc  CompositeBus - ok
22:04:07.0833 0x06bc  COMSysApp - ok
22:04:07.0849 0x06bc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:04:07.0851 0x06bc  crcdisk - ok
22:04:07.0905 0x06bc  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:04:07.0910 0x06bc  CryptSvc - ok
22:04:07.0953 0x06bc  [ 81ADE39958542823B4A1809ED8BEEB23, 757080A03CEAE41DB8D84E8207DF9BE1E3D978AE7D94FE9BBF3EE0ABB4A95E84 ] CSC             C:\Windows\system32\drivers\csc.sys
22:04:07.0975 0x06bc  CSC - ok
22:04:08.0013 0x06bc  [ 35C5812B10959C89B1736EFCBB516057, 11B2DC53E9204732776A68813D12B1335C0DBB5355650111FB3B7861CD38A9BC ] CscService      C:\Windows\System32\cscsvc.dll
22:04:08.0036 0x06bc  CscService - ok
22:04:08.0080 0x06bc  [ 46A8388AB8ED91F1974C556AA4C27CEC, 3DD619F9B1829EB12628DECD6722AE63FA6491F6723E07FB8034CAF4C222481C ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:04:08.0104 0x06bc  DcomLaunch - ok
22:04:08.0141 0x06bc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
22:04:08.0147 0x06bc  defragsvc - ok
22:04:08.0167 0x06bc  [ B44B9746261B23087690BF18821BA187, 0674F4BB15B85C88D47ABEA2659717DC3E880EE619C7D3B89209581564779A45 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:04:08.0171 0x06bc  DfsC - ok
22:04:08.0218 0x06bc  [ 30384865C9AF82DB291E5C4F468E1AC6, 5B4BFB8006888E72CE340CAF9DF23D29B8226780E1533DAA72F4A6BC1AA93AEB ] DFX11_1         C:\Windows\system32\drivers\dfx11_1.sys
22:04:08.0219 0x06bc  DFX11_1 - ok
22:04:08.0275 0x06bc  [ 51F9CFCA22E8FCD86D5C7CBD7C0E5626, D9076B93363196884998ECF3EFC7AA97E2E42507ACE8AE60DF41E5505C3F1B24 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:04:08.0283 0x06bc  Dhcp - ok
22:04:08.0298 0x06bc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
22:04:08.0300 0x06bc  discache - ok
22:04:08.0344 0x06bc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
22:04:08.0346 0x06bc  Disk - ok
22:04:08.0381 0x06bc  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
22:04:08.0384 0x06bc  dmvsc - ok
22:04:08.0409 0x06bc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:04:08.0415 0x06bc  Dnscache - ok
22:04:08.0450 0x06bc  [ 19C122DDDD142E2167EB1C503996B812, 239191D62025034A681ED3CC0B305837AE72CAC11382DA830FC5B3AD075D5D07 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:04:08.0458 0x06bc  dot3svc - ok
22:04:08.0528 0x06bc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
22:04:08.0534 0x06bc  DPS - ok
22:04:08.0546 0x06bc  DragonUpdater - ok
22:04:08.0585 0x06bc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:04:08.0587 0x06bc  drmkaud - ok
22:04:08.0632 0x06bc  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:04:08.0652 0x06bc  DXGKrnl - ok
22:04:08.0704 0x06bc  [ CECB58460674339202F79BA1345D8527, 1032E726D64C3432704FE90A7B63A37E854A83389AD3A997C0916628C452F71F ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
22:04:08.0709 0x06bc  eamonm - ok
22:04:08.0731 0x06bc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
22:04:08.0736 0x06bc  EapHost - ok
22:04:08.0893 0x06bc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
22:04:09.0018 0x06bc  ebdrv - ok
22:04:09.0075 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] EFS             C:\Windows\System32\lsass.exe
22:04:09.0078 0x06bc  EFS - ok
22:04:09.0140 0x06bc  [ C79916F203E1A2CBBE99F22D6E5D21DA, 84749E7067927AD437D38BEFEA12B40C3E849216F26338F707694918206C4C2A ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
22:04:09.0144 0x06bc  ehdrv - ok
22:04:09.0227 0x06bc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:04:09.0250 0x06bc  ehRecvr - ok
22:04:09.0281 0x06bc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
22:04:09.0292 0x06bc  ehSched - ok
22:04:09.0464 0x06bc  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
22:04:09.0493 0x06bc  ekrn - ok
22:04:09.0558 0x06bc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:04:09.0580 0x06bc  elxstor - ok
22:04:09.0696 0x06bc  [ 4B6B2C930CD076F8BDEE683512EE05E8, 37C1182044047FBB98E208C8CFF36BDB47F1617A57F7F7B2331E0F7BDD0A653D ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
22:04:09.0701 0x06bc  epfw - ok
22:04:09.0748 0x06bc  [ BDC856F11F2A8F4C9B4A59B29A33569B, ADD91A760F57C73FE6574EABBCB2F3F897A45C8DD0DE26BBFF2CCD5891FDBA6C ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:04:09.0750 0x06bc  EpfwLWF - ok
22:04:09.0813 0x06bc  [ 6EB4485DDAFCA013D35ED4E158ADE05B, FCB62340EF7E4472BDA04C97FB9DD68E79A06606CFB6C1CE93DDFFFDE1E44D06 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
22:04:09.0815 0x06bc  epfwwfp - ok
22:04:09.0834 0x06bc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:04:09.0836 0x06bc  ErrDev - ok
22:04:09.0884 0x06bc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
22:04:09.0925 0x06bc  EventSystem - ok
22:04:09.0950 0x06bc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:04:09.0956 0x06bc  exfat - ok
22:04:09.0992 0x06bc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:04:10.0013 0x06bc  fastfat - ok
22:04:10.0055 0x06bc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
22:04:10.0079 0x06bc  Fax - ok
22:04:10.0102 0x06bc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
22:04:10.0105 0x06bc  fdc - ok
22:04:10.0128 0x06bc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
22:04:10.0137 0x06bc  fdPHost - ok
22:04:10.0166 0x06bc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:04:10.0170 0x06bc  FDResPub - ok
22:04:10.0190 0x06bc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:04:10.0194 0x06bc  FileInfo - ok
22:04:10.0227 0x06bc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:04:10.0232 0x06bc  Filetrace - ok
22:04:10.0259 0x06bc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:04:10.0261 0x06bc  flpydisk - ok
22:04:10.0313 0x06bc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:04:10.0331 0x06bc  FltMgr - ok
22:04:10.0408 0x06bc  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
22:04:10.0459 0x06bc  FontCache - ok
22:04:10.0547 0x06bc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:04:10.0558 0x06bc  FontCache3.0.0.0 - ok
22:04:10.0695 0x06bc  [ BA1B663650A9D7CB21650C177232EC3B, F1ED57B7654E08274169BECB854522EA796EE73212F36865FD118DAA6C0ED1E8 ] FoxitCloudUpdateService C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
22:04:10.0703 0x06bc  FoxitCloudUpdateService - ok
22:04:10.0738 0x06bc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:04:10.0741 0x06bc  FsDepends - ok
22:04:10.0782 0x06bc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:04:10.0783 0x06bc  Fs_Rec - ok
22:04:10.0830 0x06bc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:04:10.0836 0x06bc  fvevol - ok
22:04:10.0878 0x06bc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:04:10.0881 0x06bc  gagp30kx - ok
22:04:10.0932 0x06bc  [ B7995D6E7ECEB76E9AF5BF5A73752E50, 58243410FB5ED2AC5DBE546BFB29CA36446586ED8003D658B175D7A1F855E16A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:04:10.0973 0x06bc  gpsvc - ok
22:04:11.0092 0x06bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:04:11.0096 0x06bc  gupdate - ok
22:04:11.0114 0x06bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:04:11.0118 0x06bc  gupdatem - ok
22:04:11.0146 0x06bc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:04:11.0149 0x06bc  hcw85cir - ok
22:04:11.0370 0x06bc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:04:11.0380 0x06bc  HdAudAddService - ok
22:04:11.0404 0x06bc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:04:11.0408 0x06bc  HDAudBus - ok
22:04:11.0425 0x06bc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:04:11.0427 0x06bc  HidBatt - ok
22:04:11.0445 0x06bc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:04:11.0449 0x06bc  HidBth - ok
22:04:11.0488 0x06bc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:04:11.0490 0x06bc  HidIr - ok
22:04:11.0526 0x06bc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
22:04:11.0528 0x06bc  hidserv - ok
22:04:11.0562 0x06bc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:04:11.0564 0x06bc  HidUsb - ok
22:04:11.0592 0x06bc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:04:11.0596 0x06bc  hkmsvc - ok
22:04:11.0612 0x06bc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:04:11.0621 0x06bc  HomeGroupListener - ok
22:04:11.0690 0x06bc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:04:11.0696 0x06bc  HomeGroupProvider - ok
22:04:11.0735 0x06bc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:04:11.0738 0x06bc  HpSAMD - ok
22:04:11.0779 0x06bc  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:04:11.0802 0x06bc  HTTP - ok
22:04:11.0817 0x06bc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:04:11.0818 0x06bc  hwpolicy - ok
22:04:11.0848 0x06bc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:04:11.0851 0x06bc  i8042prt - ok
22:04:11.0901 0x06bc  [ 902F9086295B54B516B9664327079739, DBF839FAA7672FE0E1A24B484319259D70A716A7199B2C8CA48AFE1EFE0EFE40 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
22:04:11.0913 0x06bc  iaStorA - ok
22:04:11.0932 0x06bc  [ 13F98AAE8E9030C38A9DA7DADE6325A9, FC08F3EABD5E6656463E5DB6DDE830736FC79B9214A18D8698317337C37A8777 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
22:04:11.0933 0x06bc  iaStorF - ok
22:04:11.0983 0x06bc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:04:12.0003 0x06bc  iaStorV - ok
22:04:12.0052 0x06bc  [ FCDB2AEC95F2FEBE2DA5A0EF00BC2092, 025FA2620616ABD6B3FAD19E56DBB48D0406135F048274E9A1EFE756AB838BB4 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
22:04:12.0055 0x06bc  IDMWFP - ok
22:04:12.0137 0x06bc  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:04:12.0182 0x06bc  idsvc - ok
22:04:12.0566 0x06bc  [ 1EC36A3CA56B0A31B4920399EE6D77EB, 8FE6F396855729A937C6BD9DE5DAFE200E87CAD2FE3A745625E58A8B9437CD1A ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:04:12.0925 0x06bc  igfx - ok
22:04:13.0047 0x06bc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:04:13.0051 0x06bc  iirsp - ok
22:04:13.0185 0x06bc  [ BCDC3A3706221E62D27DDA50EC251F36, 5CFAB7A8D494E54D9418CE681672A9870555DB67C8638E9DA63C98CA9B1E9031 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:04:13.0229 0x06bc  IKEEXT - ok
22:04:13.0389 0x06bc  [ DCE087456521FA31EEA20223A1937E42, 7C303A4897064CDB0BAE2657FEDB3B2E13F078A626620BAFEA8AC47D28439C38 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:04:13.0460 0x06bc  IntcAzAudAddService - ok
22:04:13.0504 0x06bc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:04:13.0506 0x06bc  intelide - ok
22:04:13.0550 0x06bc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:04:13.0552 0x06bc  intelppm - ok
22:04:13.0589 0x06bc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:04:13.0594 0x06bc  IPBusEnum - ok
22:04:13.0616 0x06bc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:04:13.0619 0x06bc  IpFilterDriver - ok
22:04:13.0673 0x06bc  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:04:13.0696 0x06bc  iphlpsvc - ok
22:04:13.0715 0x06bc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:04:13.0718 0x06bc  IPMIDRV - ok
22:04:13.0743 0x06bc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:04:13.0747 0x06bc  IPNAT - ok
22:04:13.0772 0x06bc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:04:13.0774 0x06bc  IRENUM - ok
22:04:13.0790 0x06bc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:04:13.0793 0x06bc  isapnp - ok
22:04:13.0833 0x06bc  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:04:13.0843 0x06bc  iScsiPrt - ok
22:04:13.0873 0x06bc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:04:13.0875 0x06bc  kbdclass - ok
22:04:13.0911 0x06bc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:04:13.0929 0x06bc  kbdhid - ok
22:04:13.0990 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] KeyIso          C:\Windows\system32\lsass.exe
22:04:13.0992 0x06bc  KeyIso - ok
22:04:14.0029 0x06bc  [ EADF7B02E9D1419984EA4127EDB22D69, 4C95047C57F1DBE9E7AD1D3A7B9A9A286382417CE5E3A37476940A398662AA77 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:04:14.0067 0x06bc  KSecDD - ok
22:04:14.0193 0x06bc  [ 4F14125B41D390229D07AF32B5D952E7, F62CAC257AE242F410FBA51C0AEA7D9072670A20C7FD42586BAD7680B685B035 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:04:14.0198 0x06bc  KSecPkg - ok
22:04:14.0239 0x06bc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:04:14.0263 0x06bc  KtmRm - ok
22:04:14.0326 0x06bc  [ F12596B0BE027DFA0906B11135F7CE0C, FAD19B5D551A425A092D910C357BDAB3118AAA543980C92E1AE13900581E8110 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:04:14.0333 0x06bc  LanmanServer - ok
22:04:14.0387 0x06bc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:04:14.0392 0x06bc  LanmanWorkstation - ok
22:04:14.0476 0x06bc  [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:04:14.0478 0x06bc  LHidFilt - ok
22:04:14.0526 0x06bc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:04:14.0540 0x06bc  lltdio - ok
22:04:14.0605 0x06bc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:04:14.0615 0x06bc  lltdsvc - ok
22:04:14.0637 0x06bc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:04:14.0640 0x06bc  lmhosts - ok
22:04:14.0651 0x06bc  [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:04:14.0654 0x06bc  LMouFilt - ok
22:04:14.0730 0x06bc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:04:14.0733 0x06bc  LSI_FC - ok
22:04:14.0944 0x06bc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:04:14.0948 0x06bc  LSI_SAS - ok
22:04:14.0970 0x06bc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:04:14.0973 0x06bc  LSI_SAS2 - ok
22:04:14.0984 0x06bc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:04:14.0988 0x06bc  LSI_SCSI - ok
22:04:15.0014 0x06bc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:04:15.0017 0x06bc  luafv - ok
22:04:15.0049 0x06bc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:04:15.0053 0x06bc  Mcx2Svc - ok
22:04:15.0099 0x06bc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:04:15.0101 0x06bc  megasas - ok
22:04:15.0136 0x06bc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:04:15.0215 0x06bc  MegaSR - ok
22:04:15.0435 0x06bc  Microsoft SharePoint Workspace Audit Service - ok
22:04:15.0504 0x06bc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
22:04:15.0508 0x06bc  MMCSS - ok
22:04:15.0553 0x06bc  [ C6A81F138F297CC7E653EFC059CCA033, 188B5EF3681CEF68A5DBBFD20D17F5BBCC619DEE8179A8FF8CC5808FC6148F05 ] Modem           C:\Windows\system32\drivers\modem.sys
22:04:15.0554 0x06bc  Modem - ok
22:04:15.0734 0x06bc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:04:15.0735 0x06bc  monitor - ok
22:04:15.0762 0x06bc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:04:15.0764 0x06bc  mouclass - ok
22:04:15.0857 0x06bc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:04:15.0859 0x06bc  mouhid - ok
22:04:15.0870 0x06bc  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:04:15.0874 0x06bc  mountmgr - ok
22:04:15.0901 0x06bc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:04:16.0007 0x06bc  mpio - ok
22:04:16.0082 0x06bc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:04:16.0088 0x06bc  mpsdrv - ok
22:04:16.0199 0x06bc  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:04:16.0263 0x06bc  MpsSvc - ok
22:04:16.0333 0x06bc  [ 42705B8BCE824C8A6F4A12D706A9CEDE, D9E05B0FBD9363C82ED7B62F76D3B1CE807AA1E7FA911F05D3794AEA58F470DF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:04:16.0380 0x06bc  MRxDAV - ok
22:04:16.0486 0x06bc  [ CE706AA66B6D94DB8892C5FC114E0F85, EF32EC756928CB723B2849C644B910DF93DFDB3E1F5EFDE28361FD1E9DCA1756 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:04:16.0491 0x06bc  mrxsmb - ok
22:04:16.0560 0x06bc  [ 876F0811A1FB5BADB63EC54DE0AE0F2E, A3B15C529765C786C5280A530505C5197E80406C812A29C580D2C60C3D6118FC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:04:16.0567 0x06bc  mrxsmb10 - ok
22:04:16.0602 0x06bc  [ F450602C329F3E7A828931E7EBBF2F27, 5B23DD879900B4F3A8AF3C80EC0464CDCA6087D682FE1DC17690DAFAA82C28AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:04:16.0606 0x06bc  mrxsmb20 - ok
22:04:16.0631 0x06bc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:04:16.0633 0x06bc  msahci - ok
22:04:16.0664 0x06bc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:04:16.0789 0x06bc  msdsm - ok
22:04:16.0834 0x06bc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
22:04:16.0840 0x06bc  MSDTC - ok
22:04:16.0861 0x06bc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:04:16.0863 0x06bc  Msfs - ok
22:04:16.0893 0x06bc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:04:16.0894 0x06bc  mshidkmdf - ok
22:04:16.0935 0x06bc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:04:16.0937 0x06bc  msisadrv - ok
22:04:16.0993 0x06bc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:04:16.0998 0x06bc  MSiSCSI - ok
22:04:17.0005 0x06bc  msiserver - ok
22:04:17.0128 0x06bc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:04:17.0129 0x06bc  MSKSSRV - ok
22:04:17.0184 0x06bc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:04:17.0187 0x06bc  MSPCLOCK - ok
22:04:17.0209 0x06bc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:04:17.0334 0x06bc  MSPQM - ok
22:04:17.0496 0x06bc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:04:17.0501 0x06bc  MsRPC - ok
22:04:17.0515 0x06bc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:04:17.0517 0x06bc  mssmbios - ok
22:04:17.0543 0x06bc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:04:17.0545 0x06bc  MSTEE - ok
22:04:17.0568 0x06bc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:04:17.0569 0x06bc  MTConfig - ok
22:04:17.0590 0x06bc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:04:17.0592 0x06bc  Mup - ok
22:04:17.0637 0x06bc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
22:04:17.0659 0x06bc  napagent - ok
22:04:17.0714 0x06bc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:04:17.0725 0x06bc  NativeWifiP - ok
22:04:17.0852 0x06bc  [ 3BAE2BFCB6D69E19C8373F635DD544DC, A32DB5282ED5AFC1650883B1870E46FDC029EF9225075E6916D2E371F18D8B9E ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
22:04:17.0887 0x06bc  NBService - ok
22:04:17.0941 0x06bc  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:04:17.0974 0x06bc  NDIS - ok
22:04:18.0018 0x06bc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:18.0020 0x06bc  NdisCap - ok
22:04:18.0050 0x06bc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:18.0052 0x06bc  NdisTapi - ok
22:04:18.0075 0x06bc  [ 520B68DD11C0749D5B9A7F736CB6DE5E, 154F68D60994F9CF071263BC96D541CE3C8FB636E90EFE89FA97E2AB36991CB0 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:18.0077 0x06bc  Ndisuio - ok
22:04:18.0095 0x06bc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:18.0100 0x06bc  NdisWan - ok
22:04:18.0115 0x06bc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:04:18.0117 0x06bc  NDProxy - ok
22:04:18.0131 0x06bc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:04:18.0134 0x06bc  NetBIOS - ok
22:04:18.0151 0x06bc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:04:18.0158 0x06bc  NetBT - ok
22:04:18.0169 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] Netlogon        C:\Windows\system32\lsass.exe
22:04:18.0171 0x06bc  Netlogon - ok
22:04:18.0226 0x06bc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
22:04:18.0250 0x06bc  Netman - ok
22:04:18.0299 0x06bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:04:18.0327 0x06bc  NetMsmqActivator - ok
22:04:18.0337 0x06bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:04:18.0341 0x06bc  NetPipeActivator - ok
22:04:18.0373 0x06bc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
22:04:18.0397 0x06bc  netprofm - ok
22:04:18.0421 0x06bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:04:18.0426 0x06bc  NetTcpActivator - ok
22:04:18.0439 0x06bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:04:18.0444 0x06bc  NetTcpPortSharing - ok
22:04:18.0488 0x06bc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:04:18.0492 0x06bc  nfrd960 - ok
22:04:18.0536 0x06bc  [ BC1CF6C548DA37140067621C5A66A522, 06013FFDD04EDDFFE22868FE5F02D789CC4F61249824F6E4D86FB3F184D16841 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:04:18.0546 0x06bc  NlaSvc - ok
22:04:18.0628 0x06bc  [ 193FA51DDDD0BFFDED1C340F0434999A, C05CA0A8568E9CBDA15633ED420C29F52082114B2B9F24EB61369E42C480C080 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
22:04:18.0652 0x06bc  NMIndexingService - ok
22:04:18.0676 0x06bc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:04:18.0679 0x06bc  Npfs - ok
22:04:18.0718 0x06bc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
22:04:18.0721 0x06bc  nsi - ok
22:04:18.0730 0x06bc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:04:18.0732 0x06bc  nsiproxy - ok
22:04:18.0819 0x06bc  [ 90EE3C4BD199287D2630C5232F459367, E517FCCCA5BE615C439F814823B5A06295635844E81B6B827E63A9A6308593FC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:04:18.0865 0x06bc  Ntfs - ok
22:04:18.0882 0x06bc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
22:04:18.0883 0x06bc  Null - ok
22:04:18.0919 0x06bc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:04:18.0924 0x06bc  nvraid - ok
22:04:18.0939 0x06bc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:04:18.0945 0x06bc  nvstor - ok
22:04:18.0966 0x06bc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:04:18.0971 0x06bc  nv_agp - ok
22:04:18.0990 0x06bc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:04:18.0994 0x06bc  ohci1394 - ok
22:04:19.0042 0x06bc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:04:19.0047 0x06bc  ose - ok
22:04:19.0289 0x06bc  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:04:19.0480 0x06bc  osppsvc - ok
22:04:19.0643 0x06bc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:04:19.0663 0x06bc  p2pimsvc - ok
22:04:19.0701 0x06bc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:04:19.0746 0x06bc  p2psvc - ok
22:04:19.0788 0x06bc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
22:04:19.0793 0x06bc  Parport - ok
22:04:19.0807 0x06bc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:04:19.0809 0x06bc  partmgr - ok
22:04:19.0831 0x06bc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:04:19.0834 0x06bc  Parvdm - ok
22:04:19.0854 0x06bc  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:04:19.0861 0x06bc  PcaSvc - ok
22:04:19.0892 0x06bc  PCAutoShutdown_Service - ok
22:04:19.0916 0x06bc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
22:04:19.0921 0x06bc  pci - ok
22:04:19.0947 0x06bc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:04:19.0949 0x06bc  pciide - ok
22:04:19.0976 0x06bc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:04:19.0983 0x06bc  pcmcia - ok
22:04:20.0018 0x06bc  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
22:04:20.0021 0x06bc  pcouffin - ok
22:04:20.0037 0x06bc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:04:20.0039 0x06bc  pcw - ok
22:04:20.0144 0x06bc  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:04:20.0161 0x06bc  PEAUTH - ok
22:04:20.0246 0x06bc  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:04:20.0324 0x06bc  PeerDistSvc - ok
22:04:20.0545 0x06bc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
22:04:20.0690 0x06bc  pla - ok
22:04:20.0729 0x06bc  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
22:04:20.0735 0x06bc  PLFlash DeviceIoControl Service - ok
22:04:20.0808 0x06bc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:04:20.0831 0x06bc  PlugPlay - ok
22:04:20.0865 0x06bc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:04:20.0868 0x06bc  PNRPAutoReg - ok
22:04:20.0893 0x06bc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:04:20.0901 0x06bc  PNRPsvc - ok
22:04:20.0952 0x06bc  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:04:20.0974 0x06bc  PolicyAgent - ok
22:04:20.0998 0x06bc  [ C9DC634335106C10C0E7F6E120B2C2A8, 9119522EC0540FE94C05E4C6AF3346B1F4E1A2E88A33BB635D536969226E1FE1 ] Power           C:\Windows\system32\umpo.dll
22:04:21.0004 0x06bc  Power - ok
22:04:21.0038 0x06bc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:04:21.0043 0x06bc  PptpMiniport - ok
22:04:21.0069 0x06bc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
22:04:21.0073 0x06bc  Processor - ok
22:04:21.0114 0x06bc  [ 39949677BD2C43D9BA9D6049E7784776, 31218C38EE753ADEF5F6171A2A3A583F605B01DEDECBA0BC0AD262697FF095D2 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:04:21.0121 0x06bc  ProfSvc - ok
22:04:21.0160 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] ProtectedStorage C:\Windows\system32\lsass.exe
22:04:21.0162 0x06bc  ProtectedStorage - ok
22:04:21.0195 0x06bc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:04:21.0199 0x06bc  Psched - ok
22:04:21.0284 0x06bc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:04:21.0375 0x06bc  ql2300 - ok
22:04:21.0399 0x06bc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:04:21.0403 0x06bc  ql40xx - ok
22:04:21.0442 0x06bc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
22:04:21.0452 0x06bc  QWAVE - ok
22:04:21.0471 0x06bc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:04:21.0474 0x06bc  QWAVEdrv - ok
22:04:21.0493 0x06bc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:04:21.0495 0x06bc  RasAcd - ok
22:04:21.0545 0x06bc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:21.0548 0x06bc  RasAgileVpn - ok
22:04:21.0564 0x06bc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
22:04:21.0569 0x06bc  RasAuto - ok
22:04:21.0593 0x06bc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:21.0596 0x06bc  Rasl2tp - ok
22:04:21.0638 0x06bc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
22:04:21.0661 0x06bc  RasMan - ok
22:04:21.0680 0x06bc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:21.0683 0x06bc  RasPppoe - ok
22:04:21.0692 0x06bc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:04:21.0695 0x06bc  RasSstp - ok
22:04:21.0729 0x06bc  [ B53320316C5819D711A9ED0DAE379CE8, 176E573D0DEF7D2EE9A62F46742093ABF5F1A80A80F8C2B0D70C76F12E951804 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:04:21.0737 0x06bc  rdbss - ok
22:04:21.0755 0x06bc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:21.0758 0x06bc  rdpbus - ok
22:04:21.0774 0x06bc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:21.0776 0x06bc  RDPCDD - ok
22:04:21.0817 0x06bc  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:04:21.0822 0x06bc  RDPDR - ok
22:04:21.0838 0x06bc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:04:21.0840 0x06bc  RDPENCDD - ok
22:04:21.0852 0x06bc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:04:21.0854 0x06bc  RDPREFMP - ok
22:04:21.0905 0x06bc  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:04:21.0907 0x06bc  RdpVideoMiniport - ok
22:04:21.0928 0x06bc  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:04:21.0934 0x06bc  RDPWD - ok
22:04:21.0967 0x06bc  [ 12DB635221AF40AD8ED316F07AC7844B, 70E98E581A67DA5F0679DFB4127E5EBA7CC4569A36FC9EFC89ACD716DA71238F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:04:21.0973 0x06bc  rdyboost - ok
22:04:22.0013 0x06bc  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:04:22.0019 0x06bc  RemoteAccess - ok
22:04:22.0049 0x06bc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:04:22.0058 0x06bc  RemoteRegistry - ok
22:04:22.0078 0x06bc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:04:22.0082 0x06bc  RpcEptMapper - ok
22:04:22.0115 0x06bc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
22:04:22.0118 0x06bc  RpcLocator - ok
22:04:22.0155 0x06bc  [ 46A8388AB8ED91F1974C556AA4C27CEC, 3DD619F9B1829EB12628DECD6722AE63FA6491F6723E07FB8034CAF4C222481C ] RpcSs           C:\Windows\system32\rpcss.dll
22:04:22.0165 0x06bc  RpcSs - ok
22:04:22.0212 0x06bc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:04:22.0215 0x06bc  rspndr - ok
22:04:22.0263 0x06bc  [ 772A6EC587CB8826DF055762E872412F, DC572D50D554C13AAE0E1AA29ADD8465ADB79D91134435C30DC3EC1BBA884ED9 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
22:04:22.0269 0x06bc  RSUSBSTOR - ok
22:04:22.0309 0x06bc  [ 1C5C2CB892553D2CF3F45A4BB323FCD6, 635FDBCF5FAEE1C90BF3C9CD80E659A4B3B97B4BD9221CD0DCD534797FB40220 ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
22:04:22.0314 0x06bc  s1018bus - ok
22:04:22.0328 0x06bc  [ 38F5EA219593F19B6B3A1B9C169E3B61, 714ADF14971D563C6890286E858B54D3CB9E459077DDBEA4A9AD796726D1F36D ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
22:04:22.0330 0x06bc  s1018mdfl - ok
22:04:22.0352 0x06bc  [ 666AF6B64FC7DF92D3CA4819EA91631D, E9916FEDD81B277AD37DB7286523622040667210B061E823DD9A692A66686FC9 ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
22:04:22.0357 0x06bc  s1018mdm - ok
22:04:22.0374 0x06bc  [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0, 9D32B4399B9F5E6A2BEDC51C8039886B51E9CBEA088B04811AFC2ABEEA3CAD3D ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
22:04:22.0378 0x06bc  s1018mgmt - ok
22:04:22.0395 0x06bc  [ 3622D9FF2253DCBE885B10736609A4CA, 6C8AFFFB165B31339716BDCE1A67ED486DA6EE2670C78FA525B4BE568632337E ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
22:04:22.0397 0x06bc  s1018nd5 - ok
22:04:22.0412 0x06bc  [ 49431EFDA842B474531C29FFAE9F5D09, DA69D12F11608EF016D50A1293DEA0AEE1C4A626C1833F88A6853EABDABD4B99 ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
22:04:22.0416 0x06bc  s1018obex - ok
22:04:22.0451 0x06bc  [ AC6B514CB4474F4C867D7CDC9CD54F05, 8846559C8B78CF3863A79BBEAAE6A49555C5C2AC67C837DE94B253FD1D0D39A3 ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
22:04:22.0455 0x06bc  s1018unic - ok
22:04:22.0490 0x06bc  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:04:22.0492 0x06bc  s3cap - ok
22:04:22.0516 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] SamSs           C:\Windows\system32\lsass.exe
22:04:22.0518 0x06bc  SamSs - ok
22:04:22.0554 0x06bc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:04:22.0558 0x06bc  sbp2port - ok
22:04:22.0586 0x06bc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:04:22.0594 0x06bc  SCardSvr - ok
22:04:22.0657 0x06bc  [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
22:04:22.0659 0x06bc  SCDEmu - ok
22:04:22.0679 0x06bc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:04:22.0681 0x06bc  scfilter - ok
22:04:22.0742 0x06bc  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
22:04:22.0776 0x06bc  Schedule - ok
22:04:22.0820 0x06bc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:04:22.0823 0x06bc  SCPolicySvc - ok
22:04:22.0848 0x06bc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:04:22.0854 0x06bc  SDRSVC - ok
22:04:22.0893 0x06bc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:04:22.0898 0x06bc  secdrv - ok
22:04:22.0918 0x06bc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
22:04:22.0922 0x06bc  seclogon - ok
22:04:22.0945 0x06bc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
22:04:22.0949 0x06bc  SENS - ok
22:04:22.0976 0x06bc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:04:22.0981 0x06bc  SensrSvc - ok
22:04:22.0997 0x06bc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:04:23.0002 0x06bc  Serenum - ok
22:04:23.0022 0x06bc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
22:04:23.0027 0x06bc  Serial - ok
22:04:23.0050 0x06bc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:04:23.0052 0x06bc  sermouse - ok
22:04:23.0096 0x06bc  [ AB7409432D1DE62A38E12B4DE54A0DA6, 163B25CDB962851C02B0C914CE1169601A783613A1E9F31698A6272FA26C0400 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:04:23.0102 0x06bc  SessionEnv - ok
22:04:23.0129 0x06bc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:04:23.0131 0x06bc  sffdisk - ok
22:04:23.0145 0x06bc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:04:23.0147 0x06bc  sffp_mmc - ok
22:04:23.0166 0x06bc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:04:23.0168 0x06bc  sffp_sd - ok
22:04:23.0177 0x06bc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:04:23.0179 0x06bc  sfloppy - ok
22:04:23.0221 0x06bc  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:04:23.0242 0x06bc  SharedAccess - ok
22:04:23.0297 0x06bc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:04:23.0318 0x06bc  ShellHWDetection - ok
22:04:23.0342 0x06bc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:04:23.0345 0x06bc  sisagp - ok
22:04:23.0371 0x06bc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:04:23.0374 0x06bc  SiSRaid2 - ok
22:04:23.0417 0x06bc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:04:23.0421 0x06bc  SiSRaid4 - ok
22:04:23.0598 0x06bc  [ 73E3B5D1F1EB5FDC51A5C3437EEE3348, AE4059D62AF5AC6F6174EE39CEA5B4DFBD7B91DDAD7D6BC4E38173221EAAE7AC ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:04:23.0781 0x06bc  Skype C2C Service - ok
22:04:23.0875 0x06bc  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:04:23.0881 0x06bc  SkypeUpdate - ok
22:04:23.0912 0x06bc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:04:23.0916 0x06bc  Smb - ok
22:04:23.0948 0x06bc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:04:23.0952 0x06bc  SNMPTRAP - ok
22:04:24.0027 0x06bc  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
22:04:24.0034 0x06bc  Sony PC Companion - ok
22:04:24.0073 0x06bc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:04:24.0074 0x06bc  spldr - ok
22:04:24.0099 0x06bc  [ E13F5091775BC35A844FAFF0DE246016, 0EEF8B9DD7CE0B8330173F7664448DA976B91A737EE1135D5FA94DCED5249B25 ] Spooler         C:\Windows\System32\spoolsv.exe
22:04:24.0121 0x06bc  Spooler - ok
22:04:24.0254 0x06bc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
22:04:24.0379 0x06bc  sppsvc - ok
22:04:24.0405 0x06bc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:04:24.0410 0x06bc  sppuinotify - ok
22:04:24.0451 0x06bc  [ 18F3BEE76568CDB5EFC82E8A3FD33E7E, 486A9B5D04E7B56546C4BE5D20ED2A0225844B514DC6955B4B395D68F2B7B2B8 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:04:24.0472 0x06bc  srv - ok
22:04:24.0500 0x06bc  [ AE3C2D8A41FAC898CEC1C368C0495F98, 94AE8955FE17F5EB60377C736082B22D7BA04FE1F48A1C8F101D2C9A7291F97E ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:04:24.0519 0x06bc  srv2 - ok
22:04:24.0540 0x06bc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:04:24.0545 0x06bc  srvnet - ok
22:04:24.0567 0x06bc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:04:24.0574 0x06bc  SSDPSRV - ok
22:04:24.0598 0x06bc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:04:25.0093 0x06bc  SstpSvc - ok
22:04:25.0130 0x06bc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:04:25.0132 0x06bc  stexstor - ok
22:04:25.0192 0x06bc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:04:25.0215 0x06bc  StiSvc - ok
22:04:25.0245 0x06bc  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:04:25.0248 0x06bc  storflt - ok
22:04:25.0275 0x06bc  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:04:25.0278 0x06bc  storvsc - ok
22:04:25.0299 0x06bc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:04:25.0301 0x06bc  swenum - ok
22:04:25.0332 0x06bc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
22:04:25.0352 0x06bc  swprv - ok
22:04:25.0370 0x06bc  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
22:04:25.0374 0x06bc  Synth3dVsc - ok
22:04:25.0434 0x06bc  [ 219AA9FF531490C51E766BD0D3E481CB, 1ECED3AE6E56E3579CB6CEB7B848994A14D1CA738DE896D0960A828340476DDD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:04:25.0442 0x06bc  SynTP - ok
22:04:25.0505 0x06bc  [ CB75AC5F4F434E9C1ED3DE09124D7B20, FB795861FE5CE0328C0C408F9AD3F4283C223224D859C7DF00F43C9C3970D7C3 ] SysMain         C:\Windows\system32\sysmain.dll
22:04:25.0562 0x06bc  SysMain - ok
22:04:25.0592 0x06bc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:04:25.0597 0x06bc  TabletInputService - ok
22:04:25.0623 0x06bc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:04:25.0634 0x06bc  TapiSrv - ok
22:04:25.0687 0x06bc  [ AD212D9FDD707E0AF318F6531AD6604D, 445A3B21EAF89BBF3F5B02BF78EDAFD782525E252D7EF2FE0547F77F04ABD672 ] tapSF0901       C:\Windows\system32\DRIVERS\tapSF0901.sys
22:04:25.0689 0x06bc  tapSF0901 - ok
22:04:25.0735 0x06bc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
22:04:25.0764 0x06bc  TBS - ok
22:04:25.0917 0x06bc  [ DC08335B30D83FB61E9EFE6FDD09D40D, 20D2E4E223D7AA21BF937FB37B35D0D00029991C0DA99EE0F92CD934AAD95A1B ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:04:25.0973 0x06bc  Tcpip - ok
22:04:26.0042 0x06bc  [ DC08335B30D83FB61E9EFE6FDD09D40D, 20D2E4E223D7AA21BF937FB37B35D0D00029991C0DA99EE0F92CD934AAD95A1B ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:04:26.0071 0x06bc  TCPIP6 - ok
22:04:26.0115 0x06bc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:04:26.0117 0x06bc  tcpipreg - ok
22:04:26.0154 0x06bc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:04:26.0156 0x06bc  TDPIPE - ok
22:04:26.0173 0x06bc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:04:26.0175 0x06bc  TDTCP - ok
22:04:26.0191 0x06bc  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:04:26.0195 0x06bc  tdx - ok
22:04:26.0207 0x06bc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:04:26.0209 0x06bc  TermDD - ok
22:04:26.0235 0x06bc  [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
22:04:26.0237 0x06bc  terminpt - ok
22:04:26.0290 0x06bc  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
22:04:26.0314 0x06bc  TermService - ok
22:04:26.0331 0x06bc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
22:04:26.0335 0x06bc  Themes - ok
22:04:26.0354 0x06bc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:04:26.0357 0x06bc  THREADORDER - ok
22:04:26.0385 0x06bc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
22:04:26.0390 0x06bc  TrkWks - ok
22:04:26.0445 0x06bc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:04:26.0452 0x06bc  TrustedInstaller - ok
22:04:26.0492 0x06bc  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:26.0494 0x06bc  tssecsrv - ok
22:04:26.0521 0x06bc  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:04:26.0524 0x06bc  TsUsbFlt - ok
22:04:26.0546 0x06bc  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:04:26.0549 0x06bc  TsUsbGD - ok
22:04:26.0582 0x06bc  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
22:04:26.0587 0x06bc  tsusbhub - ok
22:04:26.0614 0x06bc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:04:26.0618 0x06bc  tunnel - ok
22:04:26.0627 0x06bc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:04:26.0630 0x06bc  uagp35 - ok
22:04:26.0659 0x06bc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:04:26.0678 0x06bc  udfs - ok
22:04:26.0717 0x06bc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:04:26.0721 0x06bc  UI0Detect - ok
22:04:26.0754 0x06bc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:04:26.0758 0x06bc  uliagpkx - ok
22:04:26.0789 0x06bc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:04:26.0792 0x06bc  umbus - ok
22:04:26.0815 0x06bc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:04:26.0817 0x06bc  UmPass - ok
22:04:26.0853 0x06bc  [ E610AB0BC72E7CA382E6C0B40A3F18B2, 13114F1C061CFA67F59E2FAFEF2DE6C052ED234DB6423A5C0883E2F6129849D7 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:04:26.0861 0x06bc  UmRdpService - ok
22:04:26.0884 0x06bc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
22:04:26.0908 0x06bc  upnphost - ok
22:04:26.0930 0x06bc  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:26.0934 0x06bc  usbccgp - ok
22:04:26.0968 0x06bc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:04:26.0972 0x06bc  usbcir - ok
22:04:26.0995 0x06bc  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:04:26.0998 0x06bc  usbehci - ok
22:04:27.0037 0x06bc  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:04:27.0055 0x06bc  usbhub - ok
22:04:27.0106 0x06bc  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:04:27.0108 0x06bc  usbohci - ok
22:04:27.0131 0x06bc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:04:27.0133 0x06bc  usbprint - ok
22:04:27.0167 0x06bc  [ 353FBF4AE9EF467BE8A2FDA7935F63CB, F399B49A72B2A72A4318C1870EE9D504FB8E7FB1C70BAA95374DC7BE457DDD05 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:04:27.0170 0x06bc  USBSTOR - ok
22:04:27.0187 0x06bc  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:04:27.0189 0x06bc  usbuhci - ok
22:04:27.0225 0x06bc  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:04:27.0230 0x06bc  usbvideo - ok
22:04:27.0272 0x06bc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
22:04:27.0276 0x06bc  UxSms - ok
22:04:27.0286 0x06bc  [ 627B40EB2595D8FCF1960F33389EB7D3, 37C8378FD7C883E77E2FD211C8A759B61037168BDEC87C234C73082C50B7F0CC ] VaultSvc        C:\Windows\system32\lsass.exe
22:04:27.0288 0x06bc  VaultSvc - ok
22:04:27.0333 0x06bc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:04:27.0335 0x06bc  vdrvroot - ok
22:04:27.0371 0x06bc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
22:04:27.0394 0x06bc  vds - ok
22:04:27.0422 0x06bc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:27.0425 0x06bc  vga - ok
22:04:27.0446 0x06bc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:04:27.0448 0x06bc  VgaSave - ok
22:04:27.0454 0x06bc  VGPU - ok
22:04:27.0483 0x06bc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:04:27.0489 0x06bc  vhdmp - ok
22:04:27.0522 0x06bc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:04:27.0525 0x06bc  viaagp - ok
22:04:27.0544 0x06bc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:04:27.0547 0x06bc  ViaC7 - ok
22:04:27.0566 0x06bc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:04:27.0569 0x06bc  viaide - ok
22:04:27.0597 0x06bc  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:04:27.0604 0x06bc  vmbus - ok
22:04:27.0624 0x06bc  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:04:27.0626 0x06bc  VMBusHID - ok
22:04:27.0649 0x06bc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:04:27.0651 0x06bc  volmgr - ok
22:04:27.0681 0x06bc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:04:27.0701 0x06bc  volmgrx - ok
22:04:27.0745 0x06bc  [ 4EDEF8AB59B089925CF9A6CFC74A4109, EDE29CABDFC3222692B37895994FB4B8EE158BB5718DABA495162EA5686C3E8E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:04:27.0753 0x06bc  volsnap - ok
22:04:27.0790 0x06bc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:04:27.0795 0x06bc  vsmraid - ok
22:04:27.0867 0x06bc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
22:04:27.0913 0x06bc  VSS - ok
22:04:27.0935 0x06bc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:04:27.0936 0x06bc  vwifibus - ok
22:04:27.0971 0x06bc  [ 484F0E7A0CF612E5D9DFE2049F582FE3, 8F9804C1B5F14BB29BBA6D96E59B7AAAA03ACFE34E62C9CD4F792A525F835A2A ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:04:27.0973 0x06bc  vwififlt - ok
22:04:28.0001 0x06bc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
22:04:28.0022 0x06bc  W32Time - ok
22:04:28.0049 0x06bc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:04:28.0051 0x06bc  WacomPen - ok
22:04:28.0084 0x06bc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:04:28.0089 0x06bc  WANARP - ok
22:04:28.0095 0x06bc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:04:28.0098 0x06bc  Wanarpv6 - ok
22:04:28.0183 0x06bc  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:04:28.0240 0x06bc  WatAdminSvc - ok
22:04:28.0311 0x06bc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
22:04:28.0368 0x06bc  wbengine - ok
22:04:28.0396 0x06bc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:04:28.0405 0x06bc  WbioSrvc - ok
22:04:28.0436 0x06bc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:04:28.0462 0x06bc  wcncsvc - ok
22:04:28.0485 0x06bc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:04:28.0489 0x06bc  WcsPlugInService - ok
22:04:28.0529 0x06bc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
22:04:28.0532 0x06bc  Wd - ok
22:04:28.0586 0x06bc  [ CF68C54937BACCC0DA9A056FFA2A3988, 4D1FD6CEDA7A00D8F496916F6EE127B41C8875585C9AECAEBB0FC1B6F5E1312F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:04:28.0608 0x06bc  Wdf01000 - ok
22:04:28.0622 0x06bc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:04:28.0628 0x06bc  WdiServiceHost - ok
22:04:28.0634 0x06bc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:04:28.0639 0x06bc  WdiSystemHost - ok
22:04:28.0682 0x06bc  [ 1B04A7DD266CCBF405A6A3069C03031E, 095167D01AAEAA0024FFA20DAA0EB0576075490FDC0DBDFA43F1669AC685F650 ] WebClient       C:\Windows\System32\webclnt.dll
22:04:28.0703 0x06bc  WebClient - ok
22:04:28.0730 0x06bc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:04:28.0738 0x06bc  Wecsvc - ok
22:04:28.0756 0x06bc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:04:28.0760 0x06bc  wercplsupport - ok
22:04:28.0781 0x06bc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
22:04:28.0785 0x06bc  WerSvc - ok
22:04:28.0812 0x06bc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:04:28.0814 0x06bc  WfpLwf - ok
22:04:28.0842 0x06bc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:04:28.0844 0x06bc  WIMMount - ok
22:04:28.0927 0x06bc  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:04:28.0962 0x06bc  WinDefend - ok
22:04:28.0976 0x06bc  WinHttpAutoProxySvc - ok
22:04:29.0031 0x06bc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:04:29.0039 0x06bc  Winmgmt - ok
22:04:29.0110 0x06bc  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
22:04:29.0182 0x06bc  WinRM - ok
22:04:29.0281 0x06bc  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:04:29.0284 0x06bc  WinUsb - ok
22:04:29.0344 0x06bc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:04:29.0379 0x06bc  Wlansvc - ok
22:04:29.0425 0x06bc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:04:29.0427 0x06bc  WmiAcpi - ok
22:04:29.0463 0x06bc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:04:29.0468 0x06bc  wmiApSrv - ok
22:04:29.0604 0x06bc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:04:29.0650 0x06bc  WMPNetworkSvc - ok
22:04:29.0689 0x06bc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:04:29.0693 0x06bc  WPCSvc - ok
22:04:29.0717 0x06bc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:04:29.0721 0x06bc  WPDBusEnum - ok
22:04:29.0736 0x06bc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:04:29.0738 0x06bc  ws2ifsl - ok
22:04:29.0755 0x06bc  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:04:29.0760 0x06bc  wscsvc - ok
22:04:29.0765 0x06bc  WSearch - ok
22:04:29.0889 0x06bc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:04:29.0971 0x06bc  wuauserv - ok
22:04:30.0008 0x06bc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:04:30.0011 0x06bc  WudfPf - ok
22:04:30.0056 0x06bc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:04:30.0062 0x06bc  WUDFRd - ok
22:04:30.0100 0x06bc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:04:30.0105 0x06bc  wudfsvc - ok
22:04:30.0150 0x06bc  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:04:30.0159 0x06bc  WwanSvc - ok
22:04:30.0212 0x06bc  [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
22:04:30.0234 0x06bc  yukonw7 - ok
22:04:30.0262 0x06bc  ================ Scan global ===============================
22:04:30.0294 0x06bc  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
22:04:30.0336 0x06bc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:04:30.0358 0x06bc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:04:30.0402 0x06bc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:04:30.0438 0x06bc  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
22:04:30.0459 0x06bc  [ Global ] - ok
22:04:30.0460 0x06bc  ================ Scan MBR ==================================
22:04:30.0486 0x06bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:04:31.0123 0x06bc  \Device\Harddisk0\DR0 - ok
22:04:31.0124 0x06bc  ================ Scan VBR ==================================
22:04:31.0127 0x06bc  [ CC7C98123C5C9141C5FC6055E0E7FCED ] \Device\Harddisk0\DR0\Partition1
22:04:31.0166 0x06bc  \Device\Harddisk0\DR0\Partition1 - ok
22:04:31.0170 0x06bc  [ CBC507B934EA71F584B837E7ED7D060D ] \Device\Harddisk0\DR0\Partition2
22:04:31.0207 0x06bc  \Device\Harddisk0\DR0\Partition2 - ok
22:04:31.0207 0x06bc  Waiting for KSN requests completion. In queue: 68
22:04:32.0209 0x06bc  Waiting for KSN requests completion. In queue: 68
22:04:33.0209 0x06bc  Waiting for KSN requests completion. In queue: 68
22:04:34.0275 0x06bc  AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
22:04:34.0281 0x06bc  FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41010 ( enabled )
22:04:36.0626 0x06bc  ============================================================
22:04:36.0626 0x06bc  Scan finished
22:04:36.0626 0x06bc  ============================================================
22:04:36.0643 0x06c0  Detected object count: 0
22:04:36.0643 0x06c0  Actual detected object count: 0
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by paulos on ’¨  27/05/2014 at 22:15:03,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’¨  27/05/2014 at 22:17:53,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
# AdwCleaner v3.211 - Report created 27/05/2014 at 22:26:38
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : paulos - PAULOS-PC
# Running from : C:\Users\paulos\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v0.0.0.0
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\paulos\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3024 octets] - [03/01/2014 02:13:58]
AdwCleaner[R1].txt - [2516 octets] - [03/01/2014 02:23:17]
AdwCleaner[R2].txt - [1245 octets] - [27/05/2014 22:06:30]
AdwCleaner[R3].txt - [995 octets] - [27/05/2014 22:18:23]
AdwCleaner[S0].txt - [1246 octets] - [27/05/2014 22:10:31]
AdwCleaner[S1].txt - [917 octets] - [27/05/2014 22:26:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [976 octets] ##########
 
 
 
 
 
 
MINITOOLBOX
 
 
 
 
MiniToolBox by Farbar  Version: 23-01-2014
Ran by paulos (administrator) on 28-05-2014 at 14:00:44
Running from "C:\Users\paulos\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
 
127.0.0.1    localhost
 
========================= IP Configuration: ================================
 
Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
Qualcomm Atheros AR5B91 Wireless Network Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : paulos-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : univ.gda.pl
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : univ.gda.pl
   Description . . . . . . . . . . . : Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller #2
   Physical Address. . . . . . . . . : 00-1D-72-EB-C1-BE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:9913:c82f:b:7054:a9c9:776b:bb08(Preferred) 
   Site-local IPv6 Address . . . . . : fec0::b:7054:a9c9:776b:bb08%1(Preferred) 
   Temporary IPv6 Address. . . . . . : 2002:9913:c82f:b:1402:f8ed:1fb3:75fb(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::7054:a9c9:776b:bb08%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 153.19.200.40(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : ’«α¨«, 28 ‹?¦¬ 2014 1:35:08 ££
   Lease Expires . . . . . . . . . . : ⣧«, 29 ‹?¦¬ 2014 1:35:17 ££
   Default Gateway . . . . . . . . . : fe80::945c:bfbf:85c3:dbe2%13
                                       153.19.200.1
   DHCP Server . . . . . . . . . . . : 153.19.200.253
   DHCPv6 IAID . . . . . . . . . . . : 503324018
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-D5-5A-EF-00-1D-72-EB-C1-BE
   DNS Servers . . . . . . . . . . . : 153.19.1.254
                                       153.19.250.100
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR5B91 Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-24-2B-01-BA-B7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.univ.gda.pl:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : univ.gda.pl
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:cf0:37f2:66ec:37d7(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::cf0:37f2:66ec:37d7%12(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{292160A6-823D-43CB-99FF-7AAF9AE4770E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  rabarbar.ug.edu.pl
Address:  153.19.1.254
 
Name:    google.com
Addresses:  2a00:1450:4013:c00::65
 173.194.65.100
 173.194.65.101
 173.194.65.102
 173.194.65.113
 173.194.65.138
 173.194.65.139
 
 
Pinging google.com [173.194.65.139] with 32 bytes of data:
Reply from 173.194.65.139: bytes=32 time=30ms TTL=44
Reply from 173.194.65.139: bytes=32 time=32ms TTL=44
 
Ping statistics for 173.194.65.139:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 32ms, Average = 31ms
Server:  rabarbar.ug.edu.pl
Address:  153.19.1.254
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=188ms TTL=40
Reply from 206.190.36.45: bytes=32 time=182ms TTL=40
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 182ms, Maximum = 188ms, Average = 185ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...00 1d 72 eb c1 be ......Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller #2
 11...00 24 2b 01 ba b7 ......Qualcomm Atheros AR5B91 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     153.19.200.1    153.19.200.40     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     153.19.200.0    255.255.255.0         On-link     153.19.200.40    276
    153.19.200.40  255.255.255.255         On-link     153.19.200.40    276
   153.19.200.255  255.255.255.255         On-link     153.19.200.40    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     153.19.200.40    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     153.19.200.40    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13    276 ::/0                     fe80::945c:bfbf:85c3:dbe2
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:5ef5:79fd:cf0:37f2:66ec:37d7/128
                                    On-link
 13   4116 2002::/16                fe80::945c:bfbf:85c3:dbe2
 13     28 2002:9913:c82f:b::/64    On-link
 13    276 2002:9913:c82f:b:1402:f8ed:1fb3:75fb/128
                                    On-link
 13    276 2002:9913:c82f:b:7054:a9c9:776b:bb08/128
                                    On-link
 13    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::cf0:37f2:66ec:37d7/128
                                    On-link
 13    276 fe80::7054:a9c9:776b:bb08/128
                                    On-link
 13     28 fec0:0:0:b::/64          On-link
 13    276 fec0::b:7054:a9c9:776b:bb08/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/28/2014 01:35:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/28/2014 04:59:22 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-1908429607-1759296579-3770965207-1000}/">.
 
Error: (05/27/2014 10:30:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/28/2014 01:33:43 PM) (Source: Service Control Manager) (User: )
Description: The PCAutoShutdown_Service service failed to start due to the following error: 
%%2
 
Error: (05/27/2014 10:28:58 PM) (Source: Service Control Manager) (User: )
Description: The PCAutoShutdown_Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2014 01:35:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/28/2014 04:59:22 AM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-1908429607-1759296579-3770965207-1000}/
 
Error: (05/27/2014 10:30:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-20 00:07:01.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-20 00:07:01.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-20 00:07:01.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-20 00:07:01.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-20 00:05:57.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-20 00:05:57.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-02 12:47:38.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-02 12:47:38.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-02 12:47:23.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-02 12:47:23.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.4.1.30888)
ABBYY FineReader 9.0 Professional Edition (Version: 9.00.724.5507)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Reader X (10.1.10) (Version: 10.1.10)
BS.Player PRO (Version: 2.57.1048)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
CCleaner (Version: 3.03)
CyberGhost 5
Defraggler (Version: 2.02)
DFX (Version: 11.109.0.0)
DFX for Winamp (Version: 9.304.0.0)
DVDFab 8.0.0.5 (25/08/2010)
ESET Online Scanner v3
ESET Smart Security (Version: 7.0.302.0)
EVEREST Ultimate Edition v5.30 (Version: 5.30)
FLV to AVI MPEG WMV 3GP MP4 iPod Converter
Foxit Cloud (Version: 1.3.99.311)
Foxit Reader (Version: 6.2.0.429)
Free Studio version 2013 (Version: 6.2.0.1029)
Google Chrome (Version: 35.0.1916.114)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.24.7)
Hard Disk Sentinel PRO
Internet Download Manager
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPhoneExplorer (Version: 1.8.0)
Nero 7 Ultra Edition (Version: 7.03.1151)
neroxml (Version: 1.0.0)
PeerBlock 1.2 (r693) (Version: 1.2.0.693)
PowerISO (Version: 4.7)
Realtek High Definition Audio Driver (Version: 6.0.1.6809)
Recover My Files (Version: 3.9.8.6081)
Skype™ 6.1 (Version: 6.1.129)
Sony PC Companion 2.10.188 (Version: 2.10.188)
Speccy (Version: 1.26)
Switch Sound File Converter
Synaptics Pointing Device Driver (Version: 16.0.2.0)
TAP-Windows 9.9.2 (Version: 9.9.2)
TeraCopy 2.12
Tweaking.com - Windows Repair (All in One) (Version: 2.7.2)
Virtual DJ Pro Full - Atomix Productions
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.1.1 (Version: 2.1.1)
Winamp (Version: 5.666 )
WinPatrol (Version: 28.9.2013.0)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
Your Uninstaller! 2010 (Version: 7.3.2010.33)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 23%
Total physical RAM: 3000.86 MB
Available physical RAM: 2291.04 MB
Total Pagefile: 6000.02 MB
Available Pagefile: 5226.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.15 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.57 GB) (Free:18.58 GB) NTFS
2 Drive d: (ΜΟΥΣΙΚΗ) (Fixed) (Total:111.55 GB) (Free:3.19 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PAULOS-PC
 
Administrator            Guest                    paulos                   
 
 
**** End of log ****
 
 
 

 


Edited by paulos123, 28 May 2014 - 06:06 AM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 AM

Posted 28 May 2014 - 09:26 AM

Do you still see high usage?

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 28 May 2014 - 12:36 PM

im gonna do that right away,thanks



#11 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 28 May 2014 - 12:46 PM

q


Edited by paulos123, 28 May 2014 - 07:05 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 AM

Posted 28 May 2014 - 01:12 PM

  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete


How is it now??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 28 May 2014 - 01:59 PM

you know,this problem appears from time to time,not so often,so i have to wait some days to see.what about all these log files,did you see anything bad or unusual?



#14 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 28 May 2014 - 02:04 PM

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : paulos [Admin rights]
Mode : Scan -- Date : 05/28/2014 22:02:57
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} : C:\ProgramData\cis4EEA.exe - --PostUninstall {15198508-521A-4D69-8E5B-B94A6CCFF805} [x][x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A00731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749EE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749ED395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749ED9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749F3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A035E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A006CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A023B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749F3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A022E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A03172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749F3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A0301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A029C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A0320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A02B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A0312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749D73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749F3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A03296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749E0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749ECFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749DB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74A0068D)
[Address] EAT @explorer.exe (DllGetClassObject) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxnS+x?¨ø"Qÿÿÿÿ¨tDFÎS+x) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : npmproxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7444DD99)
[Address] EAT @explorer.exe (BluetoothAddressToString) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B740F)
[Address] EAT @explorer.exe (BluetoothAuthenticateDevice) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B82A0)
[Address] EAT @explorer.exe (BluetoothAuthenticateDeviceEx) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B83B9)
[Address] EAT @explorer.exe (BluetoothAuthenticateMultipleDevices) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B82C8)
[Address] EAT @explorer.exe (BluetoothAuthenticationAgent) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729A98BE)
[Address] EAT @explorer.exe (BluetoothDisconnectDevice) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ADD74)
[Address] EAT @explorer.exe (BluetoothDisplayDeviceProperties) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B41AB)
[Address] EAT @explorer.exe (BluetoothEnableDiscovery) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE424)
[Address] EAT @explorer.exe (BluetoothEnableIncomingConnections) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE6C4)
[Address] EAT @explorer.exe (BluetoothEnumerateInstalledServices) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ADE94)
[Address] EAT @explorer.exe (BluetoothEnumerateInstalledServicesEx) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AF7A2)
[Address] EAT @explorer.exe (BluetoothFindBrowseGroupClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACB63)
[Address] EAT @explorer.exe (BluetoothFindClassIdClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACB63)
[Address] EAT @explorer.exe (BluetoothFindDeviceClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD785)
[Address] EAT @explorer.exe (BluetoothFindFirstBrowseGroup) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ADB97)
[Address] EAT @explorer.exe (BluetoothFindFirstClassId) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD8F5)
[Address] EAT @explorer.exe (BluetoothFindFirstDevice) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE9E6)
[Address] EAT @explorer.exe (BluetoothFindFirstProfileDescriptor) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ADC7E)
[Address] EAT @explorer.exe (BluetoothFindFirstProtocolDescriptorStack) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD9D5)
[Address] EAT @explorer.exe (BluetoothFindFirstProtocolEntry) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ADACC)
[Address] EAT @explorer.exe (BluetoothFindFirstRadio) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD6E6)
[Address] EAT @explorer.exe (BluetoothFindFirstService) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B032D)
[Address] EAT @explorer.exe (BluetoothFindFirstServiceEx) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AEDBE)
[Address] EAT @explorer.exe (BluetoothFindNextBrowseGroup) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACB98)
[Address] EAT @explorer.exe (BluetoothFindNextClassId) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC97D)
[Address] EAT @explorer.exe (BluetoothFindNextDevice) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC194)
[Address] EAT @explorer.exe (BluetoothFindNextProfileDescriptor) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACBFD)
[Address] EAT @explorer.exe (BluetoothFindNextProtocolDescriptorStack) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC9D4)
[Address] EAT @explorer.exe (BluetoothFindNextProtocolEntry) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACAA8)
[Address] EAT @explorer.exe (BluetoothFindNextRadio) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC066)
[Address] EAT @explorer.exe (BluetoothFindNextService) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD84C)
[Address] EAT @explorer.exe (BluetoothFindProfileDescriptorClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACB63)
[Address] EAT @explorer.exe (BluetoothFindProtocolDescriptorStackClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACA5B)
[Address] EAT @explorer.exe (BluetoothFindProtocolEntryClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACB63)
[Address] EAT @explorer.exe (BluetoothFindRadioClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC1CD)
[Address] EAT @explorer.exe (BluetoothFindServiceClose) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AC92F)
[Address] EAT @explorer.exe (BluetoothGetDeviceInfo) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE8F6)
[Address] EAT @explorer.exe (BluetoothGetRadioInfo) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD083)
[Address] EAT @explorer.exe (BluetoothIsConnectable) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE6E6)
[Address] EAT @explorer.exe (BluetoothIsDiscoverable) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE5F3)
[Address] EAT @explorer.exe (BluetoothIsVersionAvailable) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD4B2)
[Address] EAT @explorer.exe (BluetoothMapClassOfDeviceToImageIndex) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B731E)
[Address] EAT @explorer.exe (BluetoothMapClassOfDeviceToString) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B6F6D)
[Address] EAT @explorer.exe (BluetoothRegisterForAuthentication) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B0114)
[Address] EAT @explorer.exe (BluetoothRegisterForAuthenticationEx) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B0137)
[Address] EAT @explorer.exe (BluetoothRemoveDevice) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B0EBD)
[Address] EAT @explorer.exe (BluetoothSdpEnumAttributes) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACCD9)
[Address] EAT @explorer.exe (BluetoothSdpGetAttributeValue) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B1530)
[Address] EAT @explorer.exe (BluetoothSdpGetContainerElementData) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B1488)
[Address] EAT @explorer.exe (BluetoothSdpGetElementData) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B1223)
[Address] EAT @explorer.exe (BluetoothSdpGetString) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B1883)
[Address] EAT @explorer.exe (BluetoothSelectDevices) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B3D76)
[Address] EAT @explorer.exe (BluetoothSelectDevicesFree) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B253F)
[Address] EAT @explorer.exe (BluetoothSendAuthenticationResponse) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE323)
[Address] EAT @explorer.exe (BluetoothSendAuthenticationResponseEx) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AE235)
[Address] EAT @explorer.exe (BluetoothSetLocalServiceInfo) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AFB77)
[Address] EAT @explorer.exe (BluetoothSetServiceState) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B0DDB)
[Address] EAT @explorer.exe (BluetoothUnregisterAuthentication) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ACF30)
[Address] EAT @explorer.exe (BluetoothUpdateDeviceRecord) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AD7E1)
[Address] EAT @explorer.exe (BthpEnableAllServices) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B106A)
[Address] EAT @explorer.exe (BthpFindPnpInfo) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AEEC6)
[Address] EAT @explorer.exe (BthpMapStatusToErr) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729B73DF)
[Address] EAT @explorer.exe (CPlApplet) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729ABB60)
[Address] EAT @explorer.exe (DllCanUnloadNow) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AB2E6)
[Address] EAT @explorer.exe (DllGetClassObject) : thumbcache.dll -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x729AB1E8)
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1    localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA WDC WD2500BEVT-2 SCSI Disk Device +++++
--- User ---
[MBR] c9bb825abe0f49d32ea5bc9cc385014f
[BSP] 5a8a285401ae2f72843ac13b80097d32 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20482048 | Size: 114243 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254451712 | Size: 114230 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_05282014_220257.txt >>
 
 
 
 

 



#15 paulos123

paulos123
  • Topic Starter

  • Members
  • 313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:05:31 AM

Posted 28 May 2014 - 03:04 PM

it happened right now again,i see that when im trying to open heavy internet pages the exporer.exe goes high,

so i delete the proccess and perform it again,then its ok.

 

whatever i ll wait for you to check the logs and tell me about anything suspicious.....

 

thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users