Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8 browser hijacked, maybe other stuff too


  • This topic is locked This topic is locked
12 replies to this topic

#1 BadgerByBirth

BadgerByBirth

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 September 2014 - 12:59 PM

Hey,

 

So I have some kind of browser hijack. It opens up links all the time, I've got ads that shouldn't be there, and dialogue boxes popup telling me to call a number for tech support. Please help me remove the offending programs.


Edited by hamluis, 10 September 2014 - 01:14 PM.
Moved from MRL, no logs, to AII - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 10 September 2014 - 01:37 PM

Hello BBB.. Lets run thse and see how it is after.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 September 2014 - 01:52 PM

Mini toolbox log:

MiniToolBox by Farbar  Version: 21-07-2014
Ran by John (administrator) on 10-09-2014 at 14:39:51
Running from "C:\Users\John\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1       localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Ralink RT5390R 802.11bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : livingroom-pc
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.in.comcast.net.
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 68-94-23-18-24-23
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : hsd1.in.comcast.net.
   Description . . . . . . . . . . . : Ralink RT5390R 802.11bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : 68-94-23-18-24-21
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::523:bea8:2661:1a4d%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 10, 2014 9:07:20 AM
   Lease Expires . . . . . . . . . . : Thursday, September 11, 2014 10:14:35 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 359175203
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-10-29-FB-84-34-97-78-7E-18
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : nc.rr.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 84-34-97-78-7E-18
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:4004:802::100e
 74.125.228.7
 74.125.228.4
 74.125.228.0
 74.125.228.8
 74.125.228.1
 74.125.228.14
 74.125.228.5
 74.125.228.2
 74.125.228.9
 74.125.228.3
 74.125.228.6
 
 
Pinging google.com [74.125.228.4] with 32 bytes of data:
Reply from 74.125.228.4: bytes=32 time=52ms TTL=52
Reply from 74.125.228.4: bytes=32 time=67ms TTL=52
 
Ping statistics for 74.125.228.4:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 52ms, Maximum = 67ms, Average = 59ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=59ms TTL=50
Reply from 98.139.183.24: bytes=32 time=80ms TTL=50
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 59ms, Maximum = 80ms, Average = 69ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...68 94 23 18 24 23 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...68 94 23 18 24 21 ......Ralink RT5390R 802.11bgn Wi-Fi Adapter
 12...84 34 97 78 7e 18 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.108    281
    192.168.1.108  255.255.255.255         On-link     192.168.1.108    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.108    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.108    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.108    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::523:bea8:2661:1a4d/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/10/2014 08:51:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15534844
 
Error: (09/10/2014 08:51:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15534844
 
Error: (09/10/2014 08:51:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/10/2014 08:51:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15533563
 
Error: (09/10/2014 08:51:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15533563
 
Error: (09/10/2014 08:51:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/10/2014 08:51:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15532360
 
Error: (09/10/2014 08:51:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15532360
 
Error: (09/10/2014 08:51:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/10/2014 08:51:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15531188
 
 
System errors:
=============
Error: (09/10/2014 09:13:00 AM) (Source: Service Control Manager) (User: )
Description: The File History Service service hung on starting.
 
Error: (09/10/2014 09:07:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WinSpeed service to connect.
 
Error: (09/08/2014 02:00:24 PM) (Source: Service Control Manager) (User: )
Description: The File History Service service hung on starting.
 
Error: (09/08/2014 01:55:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WinSpeed service to connect.
 
Error: (09/07/2014 09:41:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
 
Error: (09/03/2014 10:54:48 AM) (Source: Schannel) (User: livingroom-pc)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (09/03/2014 10:54:48 AM) (Source: Schannel) (User: livingroom-pc)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (09/03/2014 10:54:48 AM) (Source: Schannel) (User: livingroom-pc)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (09/03/2014 10:54:48 AM) (Source: Schannel) (User: livingroom-pc)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (09/03/2014 10:54:48 AM) (Source: Schannel) (User: livingroom-pc)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-10 14:40:11.742
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:39:22.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:39:22.713
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:38:45.098
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:38:12.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:37:56.655
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:37:54.233
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:37:40.514
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:37:35.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-10 14:36:24.141
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe Flash Player 12 Plugin (HKLM-x32\...\{9D32CD07-EA5C-4A79-B976-C0C7F975EDE4}) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 18414980.4759644.48.2007775048 - Audible, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon MX860 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series) (Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FirstRowSportApp (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FirstRowSportApp.com)
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{F244D07D-1876-4CDD-914D-214E15A8D327}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{0309B99E-C7EA-414C-AC53-A78061277595}) (Version: 8.0.6362.223 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft S/MIME (HKLM-x32\...\{D932D6AE-786B-4ECD-B6FE-B9C0EB059B3C}) (Version: 14.3.123.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
RealDownloader (x32 Version: 17.0.8 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.8 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Search Protection (HKCU\...\Search Protection) (Version: 7.5.0.1 - Spigot, Inc.)
Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.61 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.61 - Firaxis Games) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version:  - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Wondershare Application Center 1.0.0.58 (HKLM-x32\...\{769CC8AC-50C3-4776-95F5-A1ABF15A38F4}_is1) (Version: 1.0.0.58 - Wondershare)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Wondershare Video Editor(Build 3.6.2) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
WorldWideCoupon (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - WorldWideCoupon)
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 78%
Total physical RAM: 3986.27 MB
Available physical RAM: 846.39 MB
Total Pagefile: 12178.27 MB
Available Pagefile: 8253.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.63 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:439.38 GB) (Free:185.68 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:25.61 GB) (Free:3.05 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LIVINGROOM-PC
 
Administrator            Guest                    John                     
 
 
**** End of log ****
 
 
TDSSKiller log:
 
14:47:46.0405 0x1c28  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:47:46.0405 0x1c28  UEFI system
14:47:51.0238 0x1c28  ============================================================
14:47:51.0238 0x1c28  Current date / time: 2014/09/10 14:47:51.0238
14:47:51.0238 0x1c28  SystemInfo:
14:47:51.0238 0x1c28  
14:47:51.0238 0x1c28  OS Version: 6.2.9200 ServicePack: 0.0
14:47:51.0238 0x1c28  Product type: Workstation
14:47:51.0238 0x1c28  ComputerName: LIVINGROOM-PC
14:47:51.0238 0x1c28  UserName: John
14:47:51.0238 0x1c28  Windows directory: C:\Windows
14:47:51.0238 0x1c28  System windows directory: C:\Windows
14:47:51.0238 0x1c28  Running under WOW64
14:47:51.0238 0x1c28  Processor architecture: Intel x64
14:47:51.0238 0x1c28  Number of processors: 2
14:47:51.0238 0x1c28  Page size: 0x1000
14:47:51.0238 0x1c28  Boot type: Normal boot
14:47:51.0239 0x1c28  ============================================================
14:47:59.0736 0x1c28  KLMD registered as C:\Windows\system32\drivers\82331808.sys
14:48:01.0071 0x1c28  System UUID: {8BCCCCED-6B22-E534-9601-C7116261863E}
14:48:02.0230 0x1c28  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:48:02.0249 0x1c28  ============================================================
14:48:02.0249 0x1c28  \Device\Harddisk0\DR0:
14:48:02.0249 0x1c28  GPT partitions:
14:48:02.0250 0x1c28  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E9141F14-CDF3-461C-879C-3C8797C88CD3}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
14:48:02.0250 0x1c28  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4EEA55A7-7328-43F3-86FE-E663AF7CC51C}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
14:48:02.0250 0x1c28  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {87061FF5-8061-4113-9958-1671FA6E18CC}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
14:48:02.0250 0x1c28  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C17C9F1B-6D05-4780-9FE5-10A0DF673B3B}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x36EC4000
14:48:02.0250 0x1c28  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BA459E20-2394-401F-8F78-EBC45F8F3689}, Name: Basic data partition, StartLBA 0x3704E800, BlocksNum 0x3337800
14:48:02.0250 0x1c28  MBR partitions:
14:48:02.0250 0x1c28  ============================================================
14:48:02.0414 0x1c28  C: <-> \Device\Harddisk0\DR0\Partition4
14:48:02.0479 0x1c28  D: <-> \Device\Harddisk0\DR0\Partition5
14:48:02.0479 0x1c28  ============================================================
14:48:02.0479 0x1c28  Initialize success
14:48:02.0479 0x1c28  ============================================================
14:48:33.0741 0x10cc  ============================================================
14:48:33.0741 0x10cc  Scan started
14:48:33.0741 0x10cc  Mode: Manual; 
14:48:33.0741 0x10cc  ============================================================
14:48:33.0741 0x10cc  KSN ping started
14:48:36.0202 0x10cc  KSN ping finished: true
14:48:45.0371 0x10cc  ================ Scan system memory ========================
14:48:45.0371 0x10cc  System memory - ok
14:48:45.0373 0x10cc  ================ Scan services =============================
14:48:48.0217 0x10cc  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
14:48:48.0229 0x10cc  1394ohci - ok
14:48:48.0278 0x10cc  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
14:48:48.0282 0x10cc  3ware - ok
14:48:48.0310 0x10cc  [ C4C5D1AB35D1F931928056D61A1C4616, E4EBEFDA6E89A61C16F2CADC908F2242907695232236B2A771A409D48EAF39DC ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
14:48:48.0312 0x10cc  Accelerometer - ok
14:48:48.0453 0x10cc  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:48:48.0467 0x10cc  ACPI - ok
14:48:48.0501 0x10cc  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
14:48:48.0504 0x10cc  acpiex - ok
14:48:48.0518 0x10cc  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
14:48:48.0520 0x10cc  acpipagr - ok
14:48:48.0527 0x10cc  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
14:48:48.0528 0x10cc  AcpiPmi - ok
14:48:48.0533 0x10cc  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
14:48:48.0535 0x10cc  acpitime - ok
14:48:49.0179 0x10cc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:48:49.0182 0x10cc  AdobeARMservice - ok
14:48:49.0281 0x10cc  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:48:49.0288 0x10cc  AdobeFlashPlayerUpdateSvc - ok
14:48:49.0465 0x10cc  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:48:49.0483 0x10cc  adp94xx - ok
14:48:49.0580 0x10cc  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:48:49.0591 0x10cc  adpahci - ok
14:48:49.0625 0x10cc  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:48:49.0630 0x10cc  adpu320 - ok
14:48:49.0693 0x10cc  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:48:49.0705 0x10cc  AeLookupSvc - ok
14:48:49.0761 0x10cc  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\Windows\system32\drivers\afd.sys
14:48:49.0778 0x10cc  AFD - ok
14:48:49.0802 0x10cc  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:48:49.0805 0x10cc  agp440 - ok
14:48:49.0840 0x10cc  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
14:48:49.0844 0x10cc  ALG - ok
14:48:49.0918 0x10cc  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
14:48:49.0922 0x10cc  AllUserInstallAgent - ok
14:48:49.0959 0x10cc  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
14:48:49.0964 0x10cc  AmdK8 - ok
14:48:50.0974 0x10cc  [ 8DC532B5BF820E48194C6AFC8862FCBC, AA8040A2EC9004FBED4B94166B2DD5A4F5BC835EBADD6199651C856A695AA3E1 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:48:51.0458 0x10cc  amdkmdag - ok
14:48:51.0707 0x10cc  [ AA48FEABA50C2DED9C485DFDBA044E40, AE52933B85494F51E4F1524489BEAC4C16F80D09BC8974D97F792D94EAD2A231 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:48:51.0812 0x10cc  amdkmdap - ok
14:48:52.0123 0x10cc  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
14:48:52.0245 0x10cc  AmdPPM - ok
14:48:52.0299 0x10cc  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:48:52.0303 0x10cc  amdsata - ok
14:48:52.0346 0x10cc  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:48:52.0356 0x10cc  amdsbs - ok
14:48:52.0379 0x10cc  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:48:52.0380 0x10cc  amdxata - ok
14:48:52.0511 0x10cc  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
14:48:52.0514 0x10cc  AppHostSvc - ok
14:48:52.0570 0x10cc  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
14:48:52.0572 0x10cc  AppID - ok
14:48:52.0625 0x10cc  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:48:52.0627 0x10cc  AppIDSvc - ok
14:48:52.0679 0x10cc  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
14:48:52.0682 0x10cc  Appinfo - ok
14:48:52.0763 0x10cc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:48:52.0765 0x10cc  Apple Mobile Device - ok
14:48:52.0790 0x10cc  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
14:48:52.0793 0x10cc  arc - ok
14:48:52.0817 0x10cc  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:48:52.0821 0x10cc  arcsas - ok
14:48:53.0671 0x10cc  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:48:53.0675 0x10cc  aspnet_state - ok
14:48:53.0790 0x10cc  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:53.0946 0x10cc  AsyncMac - ok
14:48:54.0018 0x10cc  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:48:54.0052 0x10cc  atapi - ok
14:48:54.0165 0x10cc  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:48:54.0172 0x10cc  AudioEndpointBuilder - ok
14:48:54.0684 0x10cc  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:48:55.0085 0x10cc  Audiosrv - ok
14:48:55.0155 0x10cc  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:48:55.0161 0x10cc  AxInstSV - ok
14:48:55.0308 0x10cc  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:48:55.0401 0x10cc  b06bdrv - ok
14:48:55.0488 0x10cc  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
14:48:55.0490 0x10cc  BasicDisplay - ok
14:48:55.0538 0x10cc  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
14:48:55.0540 0x10cc  BasicRender - ok
14:48:55.0672 0x10cc  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
14:48:55.0773 0x10cc  BDESVC - ok
14:48:55.0866 0x10cc  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
14:48:55.0867 0x10cc  Beep - ok
14:48:55.0973 0x10cc  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
14:48:56.0073 0x10cc  BFE - ok
14:48:56.0172 0x10cc  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
14:48:56.0493 0x10cc  BITS - ok
14:48:56.0573 0x10cc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:48:56.0586 0x10cc  Bonjour Service - ok
14:48:56.0711 0x10cc  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:48:56.0714 0x10cc  bowser - ok
14:48:56.0744 0x10cc  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:48:56.0750 0x10cc  BrokerInfrastructure - ok
14:48:56.0812 0x10cc  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
14:48:56.0817 0x10cc  Browser - ok
14:48:56.0838 0x10cc  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
14:48:56.0840 0x10cc  BthAvrcpTg - ok
14:48:56.0878 0x10cc  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
14:48:56.0880 0x10cc  BthHFEnum - ok
14:48:56.0931 0x10cc  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
14:48:56.0933 0x10cc  bthhfhid - ok
14:48:56.0944 0x10cc  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
14:48:56.0947 0x10cc  BTHMODEM - ok
14:48:57.0082 0x10cc  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
14:48:57.0086 0x10cc  bthserv - ok
14:48:57.0125 0x10cc  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:48:57.0130 0x10cc  cdfs - ok
14:48:57.0161 0x10cc  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
14:48:57.0167 0x10cc  cdrom - ok
14:48:57.0205 0x10cc  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:48:57.0348 0x10cc  CertPropSvc - ok
14:48:57.0456 0x10cc  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
14:48:57.0461 0x10cc  circlass - ok
14:48:57.0566 0x10cc  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
14:48:57.0767 0x10cc  CLFS - ok
14:48:57.0844 0x10cc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
14:48:57.0849 0x10cc  CLVirtualDrive - ok
14:48:57.0873 0x10cc  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
14:48:57.0875 0x10cc  CmBatt - ok
14:48:57.0992 0x10cc  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:48:58.0017 0x10cc  CNG - ok
14:48:58.0056 0x10cc  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
14:48:58.0058 0x10cc  CompositeBus - ok
14:48:58.0069 0x10cc  COMSysApp - ok
14:48:58.0195 0x10cc  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
14:48:58.0235 0x10cc  condrv - ok
14:48:59.0841 0x10cc  [ DA8066CFED07DEBECB8DC08A55946ACE, 094AF4E198AACCB22F8FEA1DF0D7D8A4626BE3D2C3AE5310C47281998B84AB12 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:48:59.0851 0x10cc  cphs - ok
14:48:59.0898 0x10cc  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:48:59.0901 0x10cc  CryptSvc - ok
14:48:59.0939 0x10cc  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
14:48:59.0941 0x10cc  dam - ok
14:49:00.0311 0x10cc  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:49:00.0362 0x10cc  DcomLaunch - ok
14:49:00.0585 0x10cc  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
14:49:00.0596 0x10cc  defragsvc - ok
14:49:00.0828 0x10cc  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
14:49:01.0132 0x10cc  DeviceAssociationService - ok
14:49:01.0348 0x10cc  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
14:49:01.0394 0x10cc  DeviceInstall - ok
14:49:01.0517 0x10cc  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
14:49:01.0661 0x10cc  Dfsc - ok
14:49:01.0863 0x10cc  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:49:01.0975 0x10cc  Dhcp - ok
14:49:02.0029 0x10cc  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
14:49:02.0032 0x10cc  discache - ok
14:49:02.0092 0x10cc  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
14:49:02.0096 0x10cc  disk - ok
14:49:02.0119 0x10cc  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
14:49:02.0121 0x10cc  dmvsc - ok
14:49:02.0168 0x10cc  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:49:02.0177 0x10cc  Dnscache - ok
14:49:02.0209 0x10cc  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
14:49:02.0217 0x10cc  dot3svc - ok
14:49:02.0336 0x10cc  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:49:02.0411 0x10cc  dot4 - ok
14:49:02.0456 0x10cc  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
14:49:02.0457 0x10cc  Dot4Print - ok
14:49:02.0503 0x10cc  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
14:49:02.0506 0x10cc  dot4usb - ok
14:49:02.0582 0x10cc  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
14:49:02.0591 0x10cc  DPS - ok
14:49:02.0629 0x10cc  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:49:02.0629 0x10cc  drmkaud - ok
14:49:02.0699 0x10cc  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
14:49:02.0707 0x10cc  DsmSvc - ok
14:49:02.0878 0x10cc  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:49:02.0971 0x10cc  DXGKrnl - ok
14:49:03.0028 0x10cc  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
14:49:03.0033 0x10cc  Eaphost - ok
14:49:03.0248 0x10cc  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:49:03.0539 0x10cc  ebdrv - ok
14:49:03.0631 0x10cc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\Windows\System32\lsass.exe
14:49:03.0634 0x10cc  EFS - ok
14:49:03.0670 0x10cc  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
14:49:03.0674 0x10cc  EhStorClass - ok
14:49:03.0699 0x10cc  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:49:03.0704 0x10cc  EhStorTcgDrv - ok
14:49:03.0736 0x10cc  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
14:49:03.0739 0x10cc  ErrDev - ok
14:49:03.0840 0x10cc  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
14:49:03.0981 0x10cc  EventSystem - ok
14:49:04.0043 0x10cc  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
14:49:04.0049 0x10cc  exfat - ok
14:49:04.0095 0x10cc  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] f1f78e38        C:\Windows\system32\rundll32.exe
14:49:04.0099 0x10cc  f1f78e38 - ok
14:49:04.0124 0x10cc  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:49:04.0131 0x10cc  fastfat - ok
14:49:04.0723 0x10cc  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
14:49:04.0960 0x10cc  Fax - ok
14:49:05.0023 0x10cc  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
14:49:05.0025 0x10cc  fdc - ok
14:49:05.0045 0x10cc  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:49:05.0047 0x10cc  fdPHost - ok
14:49:05.0075 0x10cc  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:49:05.0199 0x10cc  FDResPub - ok
14:49:05.0364 0x10cc  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
14:49:05.0379 0x10cc  fhsvc - ok
14:49:05.0508 0x10cc  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:49:05.0512 0x10cc  FileInfo - ok
14:49:05.0535 0x10cc  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:49:05.0538 0x10cc  Filetrace - ok
14:49:05.0990 0x10cc  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
14:49:05.0994 0x10cc  flpydisk - ok
14:49:06.0332 0x10cc  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:49:06.0348 0x10cc  FltMgr - ok
14:49:06.0519 0x10cc  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
14:49:06.0585 0x10cc  FontCache - ok
14:49:06.0740 0x10cc  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:49:06.0742 0x10cc  FontCache3.0.0.0 - ok
14:49:06.0785 0x10cc  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:49:06.0788 0x10cc  FsDepends - ok
14:49:06.0817 0x10cc  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:49:06.0818 0x10cc  Fs_Rec - ok
14:49:06.0872 0x10cc  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:49:06.0890 0x10cc  fvevol - ok
14:49:06.0934 0x10cc  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
14:49:06.0935 0x10cc  FxPPM - ok
14:49:06.0984 0x10cc  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:49:06.0986 0x10cc  gagp30kx - ok
14:49:07.0097 0x10cc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:49:07.0107 0x10cc  GamesAppService - ok
14:49:07.0158 0x10cc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:49:07.0160 0x10cc  GEARAspiWDM - ok
14:49:07.0255 0x10cc  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
14:49:07.0256 0x10cc  gencounter - ok
14:49:07.0336 0x10cc  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
14:49:07.0341 0x10cc  GPIOClx0101 - ok
14:49:07.0606 0x10cc  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:49:07.0694 0x10cc  gpsvc - ok
14:49:07.0782 0x10cc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:07.0787 0x10cc  gupdate - ok
14:49:07.0794 0x10cc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:49:07.0797 0x10cc  gupdatem - ok
14:49:07.0834 0x10cc  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:07.0844 0x10cc  HdAudAddService - ok
14:49:08.0015 0x10cc  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
14:49:08.0017 0x10cc  HDAudBus - ok
14:49:08.0051 0x10cc  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
14:49:08.0053 0x10cc  HidBatt - ok
14:49:08.0103 0x10cc  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
14:49:08.0106 0x10cc  HidBth - ok
14:49:08.0142 0x10cc  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
14:49:08.0144 0x10cc  hidi2c - ok
14:49:08.0180 0x10cc  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
14:49:08.0182 0x10cc  HidIr - ok
14:49:08.0210 0x10cc  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
14:49:08.0327 0x10cc  hidserv - ok
14:49:08.0380 0x10cc  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
14:49:08.0386 0x10cc  HidUsb - ok
14:49:08.0404 0x10cc  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:49:08.0408 0x10cc  hkmsvc - ok
14:49:08.0463 0x10cc  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:08.0473 0x10cc  HomeGroupListener - ok
14:49:08.0519 0x10cc  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:08.0533 0x10cc  HomeGroupProvider - ok
14:49:08.0656 0x10cc  [ 6515296E8F9D81BB6C4588C4878A9AC1, 4102FCA9CC6CDAA52E68F030034C6C15DF036D5E9B6E0A8007B72655A3D1E3DD ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:49:08.0661 0x10cc  HP Support Assistant Service - ok
14:49:08.0695 0x10cc  [ EF4BE0BB23BB14879050884E688F5178, C914FEB0627D17097968A9B66325305757E7A859A8F11FE69CA0F7F69E38CA2A ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
14:49:08.0697 0x10cc  hpdskflt - ok
14:49:08.0851 0x10cc  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:49:08.0885 0x10cc  hpqwmiex - ok
14:49:08.0907 0x10cc  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:49:08.0916 0x10cc  HpSAMD - ok
14:49:08.0945 0x10cc  [ 13B51E53073E4555E226871C7FCEF0E8, 04713F4C8D629E81388D5438CF94781A71007A81E223D90D893FF898E4BDA6B7 ] hpsrv           C:\Windows\system32\Hpservice.exe
14:49:08.0947 0x10cc  hpsrv - ok
14:49:09.0036 0x10cc  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:49:09.0037 0x10cc  HPWMISVC - ok
14:49:09.0202 0x10cc  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:49:09.0237 0x10cc  HTTP - ok
14:49:09.0369 0x10cc  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:49:09.0371 0x10cc  hwpolicy - ok
14:49:09.0392 0x10cc  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
14:49:09.0393 0x10cc  hyperkbd - ok
14:49:09.0421 0x10cc  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
14:49:09.0423 0x10cc  HyperVideo - ok
14:49:09.0451 0x10cc  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
14:49:09.0456 0x10cc  i8042prt - ok
14:49:09.0584 0x10cc  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
14:49:09.0602 0x10cc  iaStorA - ok
14:49:09.0726 0x10cc  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:49:09.0745 0x10cc  iaStorV - ok
14:49:09.0931 0x10cc  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:49:10.0030 0x10cc  IconMan_R - ok
14:49:10.0807 0x10cc  [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:49:11.0512 0x10cc  igfx - ok
14:49:11.0746 0x10cc  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:49:11.0902 0x10cc  iirsp - ok
14:49:11.0981 0x10cc  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:49:12.0038 0x10cc  IKEEXT - ok
14:49:12.0176 0x10cc  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:49:12.0187 0x10cc  IntcDAud - ok
14:49:12.0309 0x10cc  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:49:12.0332 0x10cc  Intel® Capability Licensing Service Interface - ok
14:49:12.0394 0x10cc  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
14:49:12.0399 0x10cc  Intel® ME Service - ok
14:49:12.0444 0x10cc  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:49:12.0446 0x10cc  intelide - ok
14:49:12.0514 0x10cc  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
14:49:12.0636 0x10cc  intelppm - ok
14:49:12.0682 0x10cc  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:12.0685 0x10cc  IpFilterDriver - ok
14:49:13.0016 0x10cc  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:49:13.0074 0x10cc  iphlpsvc - ok
14:49:13.0270 0x10cc  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
14:49:13.0310 0x10cc  IPMIDRV - ok
14:49:13.0391 0x10cc  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:49:13.0396 0x10cc  IPNAT - ok
14:49:13.0446 0x10cc  [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:49:13.0509 0x10cc  iPod Service - ok
14:49:13.0550 0x10cc  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:49:13.0551 0x10cc  IRENUM - ok
14:49:13.0595 0x10cc  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:49:13.0596 0x10cc  isapnp - ok
14:49:13.0708 0x10cc  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
14:49:13.0716 0x10cc  iScsiPrt - ok
14:49:13.0757 0x10cc  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
14:49:13.0762 0x10cc  jhi_service - ok
14:49:13.0776 0x10cc  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
14:49:13.0778 0x10cc  kbdclass - ok
14:49:13.0805 0x10cc  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
14:49:13.0807 0x10cc  kbdhid - ok
14:49:13.0925 0x10cc  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
14:49:13.0926 0x10cc  kdnic - ok
14:49:13.0943 0x10cc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
14:49:13.0990 0x10cc  KeyIso - ok
14:49:14.0142 0x10cc  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:49:14.0185 0x10cc  KSecDD - ok
14:49:14.0344 0x10cc  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:49:14.0352 0x10cc  KSecPkg - ok
14:49:14.0463 0x10cc  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:49:14.0464 0x10cc  ksthunk - ok
14:49:14.0556 0x10cc  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:49:14.0569 0x10cc  KtmRm - ok
14:49:14.0665 0x10cc  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:49:14.0676 0x10cc  LanmanServer - ok
14:49:14.0717 0x10cc  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:49:14.0724 0x10cc  LanmanWorkstation - ok
14:49:14.0750 0x10cc  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:49:14.0753 0x10cc  lltdio - ok
14:49:14.0801 0x10cc  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:49:14.0810 0x10cc  lltdsvc - ok
14:49:14.0828 0x10cc  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:49:14.0831 0x10cc  lmhosts - ok
14:49:15.0094 0x10cc  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:49:15.0121 0x10cc  LMS - ok
14:49:15.0166 0x10cc  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:49:15.0171 0x10cc  LSI_SAS - ok
14:49:15.0190 0x10cc  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:49:15.0194 0x10cc  LSI_SAS2 - ok
14:49:15.0241 0x10cc  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:49:15.0245 0x10cc  LSI_SCSI - ok
14:49:15.0273 0x10cc  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
14:49:15.0276 0x10cc  LSI_SSS - ok
14:49:15.0357 0x10cc  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\Windows\System32\lsm.dll
14:49:15.0373 0x10cc  LSM - ok
14:49:15.0402 0x10cc  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:49:15.0408 0x10cc  luafv - ok
14:49:15.0428 0x10cc  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:49:15.0431 0x10cc  megasas - ok
14:49:15.0535 0x10cc  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:49:15.0549 0x10cc  MegaSR - ok
14:49:15.0635 0x10cc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
14:49:15.0638 0x10cc  MEIx64 - ok
14:49:15.0768 0x10cc  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:49:15.0771 0x10cc  Microsoft Office Groove Audit Service - ok
14:49:15.0802 0x10cc  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
14:49:15.0805 0x10cc  MMCSS - ok
14:49:15.0836 0x10cc  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
14:49:15.0837 0x10cc  Modem - ok
14:49:15.0882 0x10cc  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
14:49:15.0884 0x10cc  monitor - ok
14:49:15.0913 0x10cc  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
14:49:15.0916 0x10cc  mouclass - ok
14:49:15.0959 0x10cc  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
14:49:15.0981 0x10cc  mouhid - ok
14:49:16.0021 0x10cc  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:49:16.0024 0x10cc  mountmgr - ok
14:49:16.0066 0x10cc  MpKsl59b7f4d4 - ok
14:49:16.0103 0x10cc  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:49:16.0105 0x10cc  mpsdrv - ok
14:49:16.0395 0x10cc  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:49:16.0447 0x10cc  MpsSvc - ok
14:49:16.0480 0x10cc  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:49:16.0484 0x10cc  MRxDAV - ok
14:49:16.0715 0x10cc  [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:16.0777 0x10cc  mrxsmb - ok
14:49:17.0026 0x10cc  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:17.0252 0x10cc  mrxsmb10 - ok
14:49:17.0435 0x10cc  [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:17.0534 0x10cc  mrxsmb20 - ok
14:49:17.0608 0x10cc  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
14:49:17.0647 0x10cc  MsBridge - ok
14:49:17.0704 0x10cc  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
14:49:17.0712 0x10cc  MSDTC - ok
14:49:17.0732 0x10cc  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:49:17.0733 0x10cc  Msfs - ok
14:49:17.0770 0x10cc  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
14:49:17.0772 0x10cc  msgpiowin32 - ok
14:49:17.0787 0x10cc  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:49:17.0789 0x10cc  mshidkmdf - ok
14:49:17.0800 0x10cc  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
14:49:17.0801 0x10cc  mshidumdf - ok
14:49:17.0818 0x10cc  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:49:17.0820 0x10cc  msisadrv - ok
14:49:17.0976 0x10cc  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:49:18.0019 0x10cc  MSiSCSI - ok
14:49:18.0025 0x10cc  msiserver - ok
14:49:18.0094 0x10cc  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:49:18.0095 0x10cc  MSKSSRV - ok
14:49:18.0123 0x10cc  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
14:49:18.0127 0x10cc  MsLldp - ok
14:49:18.0148 0x10cc  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:18.0150 0x10cc  MSPCLOCK - ok
14:49:18.0176 0x10cc  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:49:18.0177 0x10cc  MSPQM - ok
14:49:18.0202 0x10cc  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:49:18.0221 0x10cc  MsRPC - ok
14:49:18.0373 0x10cc  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
14:49:18.0444 0x10cc  mssmbios - ok
14:49:18.0564 0x10cc  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:49:18.0663 0x10cc  MSTEE - ok
14:49:18.0718 0x10cc  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
14:49:18.0719 0x10cc  MTConfig - ok
14:49:18.0746 0x10cc  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
14:49:18.0750 0x10cc  Mup - ok
14:49:18.0764 0x10cc  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
14:49:18.0768 0x10cc  mvumis - ok
14:49:18.0826 0x10cc  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
14:49:18.0867 0x10cc  napagent - ok
14:49:18.0909 0x10cc  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:49:18.0932 0x10cc  NativeWifiP - ok
14:49:18.0989 0x10cc  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
14:49:18.0999 0x10cc  NcaSvc - ok
14:49:19.0017 0x10cc  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
14:49:19.0021 0x10cc  NcdAutoSetup - ok
14:49:19.0531 0x10cc  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:49:19.0582 0x10cc  NDIS - ok
14:49:19.0611 0x10cc  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:19.0614 0x10cc  NdisCap - ok
14:49:19.0634 0x10cc  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:49:19.0638 0x10cc  NdisImPlatform - ok
14:49:19.0685 0x10cc  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:19.0687 0x10cc  NdisTapi - ok
14:49:19.0861 0x10cc  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:19.0863 0x10cc  Ndisuio - ok
14:49:19.0894 0x10cc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:19.0903 0x10cc  NdisWan - ok
14:49:19.0914 0x10cc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:19.0918 0x10cc  NDISWANLEGACY - ok
14:49:19.0955 0x10cc  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:49:19.0957 0x10cc  NDProxy - ok
14:49:20.0003 0x10cc  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
14:49:20.0010 0x10cc  Ndu - ok
14:49:20.0020 0x10cc  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:49:20.0022 0x10cc  NetBIOS - ok
14:49:20.0071 0x10cc  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:49:20.0081 0x10cc  NetBT - ok
14:49:20.0100 0x10cc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
14:49:20.0102 0x10cc  Netlogon - ok
14:49:20.0130 0x10cc  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
14:49:20.0139 0x10cc  Netman - ok
14:49:20.0204 0x10cc  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
14:49:20.0223 0x10cc  netprofm - ok
14:49:20.0412 0x10cc  [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
14:49:20.0567 0x10cc  netr28x - ok
14:49:20.0658 0x10cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:20.0793 0x10cc  NetTcpPortSharing - ok
14:49:20.0845 0x10cc  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:49:20.0847 0x10cc  nfrd960 - ok
14:49:20.0899 0x10cc  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:49:20.0911 0x10cc  NlaSvc - ok
14:49:21.0075 0x10cc  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:49:21.0111 0x10cc  Npfs - ok
14:49:21.0141 0x10cc  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
14:49:21.0142 0x10cc  npsvctrig - ok
14:49:21.0190 0x10cc  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
14:49:21.0194 0x10cc  nsi - ok
14:49:21.0233 0x10cc  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:49:21.0235 0x10cc  nsiproxy - ok
14:49:21.0344 0x10cc  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:49:21.0477 0x10cc  Ntfs - ok
14:49:21.0513 0x10cc  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
14:49:21.0514 0x10cc  Null - ok
14:49:21.0541 0x10cc  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:49:21.0551 0x10cc  nvraid - ok
14:49:21.0573 0x10cc  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:49:21.0580 0x10cc  nvstor - ok
14:49:21.0599 0x10cc  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:49:21.0603 0x10cc  nv_agp - ok
14:49:22.0225 0x10cc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:49:22.0239 0x10cc  odserv - ok
14:49:22.0517 0x10cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:49:22.0758 0x10cc  ose - ok
14:49:23.0184 0x10cc  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:49:23.0197 0x10cc  p2pimsvc - ok
14:49:23.0223 0x10cc  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:49:23.0237 0x10cc  p2psvc - ok
14:49:23.0321 0x10cc  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
14:49:23.0326 0x10cc  Parport - ok
14:49:23.0370 0x10cc  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:49:23.0374 0x10cc  partmgr - ok
14:49:23.0867 0x10cc  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:49:23.0883 0x10cc  PcaSvc - ok
14:49:23.0961 0x10cc  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
14:49:24.0037 0x10cc  pci - ok
14:49:24.0165 0x10cc  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
14:49:24.0213 0x10cc  pciide - ok
14:49:24.0264 0x10cc  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:49:24.0271 0x10cc  pcmcia - ok
14:49:24.0293 0x10cc  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
14:49:24.0295 0x10cc  pcw - ok
14:49:24.0333 0x10cc  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
14:49:24.0467 0x10cc  pdc - ok
14:49:24.0778 0x10cc  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:49:24.0822 0x10cc  PEAUTH - ok
14:49:24.0925 0x10cc  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:49:24.0930 0x10cc  PerfHost - ok
14:49:25.0048 0x10cc  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
14:49:25.0106 0x10cc  pla - ok
14:49:25.0182 0x10cc  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:49:25.0187 0x10cc  PlugPlay - ok
14:49:25.0213 0x10cc  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:49:25.0216 0x10cc  PNRPAutoReg - ok
14:49:25.0249 0x10cc  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:49:25.0260 0x10cc  PNRPsvc - ok
14:49:25.0303 0x10cc  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:49:25.0317 0x10cc  PolicyAgent - ok
14:49:25.0364 0x10cc  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
14:49:25.0370 0x10cc  Power - ok
14:49:25.0398 0x10cc  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:49:25.0402 0x10cc  PptpMiniport - ok
14:49:25.0601 0x10cc  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:49:25.0794 0x10cc  PrintNotify - ok
14:49:25.0837 0x10cc  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
14:49:25.0841 0x10cc  Processor - ok
14:49:25.0873 0x10cc  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
14:49:25.0881 0x10cc  ProfSvc - ok
14:49:25.0909 0x10cc  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:49:25.0914 0x10cc  Psched - ok
14:49:25.0945 0x10cc  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
14:49:25.0946 0x10cc  PSI - ok
14:49:25.0968 0x10cc  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
14:49:25.0978 0x10cc  QWAVE - ok
14:49:25.0995 0x10cc  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:49:25.0997 0x10cc  QWAVEdrv - ok
14:49:26.0016 0x10cc  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:49:26.0018 0x10cc  RasAcd - ok
14:49:26.0039 0x10cc  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:26.0042 0x10cc  RasAgileVpn - ok
14:49:26.0074 0x10cc  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
14:49:26.0081 0x10cc  RasAuto - ok
14:49:26.0102 0x10cc  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:26.0107 0x10cc  Rasl2tp - ok
14:49:26.0134 0x10cc  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
14:49:26.0158 0x10cc  RasMan - ok
14:49:26.0179 0x10cc  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:26.0181 0x10cc  RasPppoe - ok
14:49:26.0217 0x10cc  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:49:26.0220 0x10cc  RasSstp - ok
14:49:26.0267 0x10cc  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:49:26.0288 0x10cc  rdbss - ok
14:49:26.0308 0x10cc  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
14:49:26.0309 0x10cc  rdpbus - ok
14:49:26.0333 0x10cc  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:49:26.0341 0x10cc  RDPDR - ok
14:49:26.0383 0x10cc  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:49:26.0390 0x10cc  RdpVideoMiniport - ok
14:49:26.0538 0x10cc  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:49:26.0545 0x10cc  RDPWD - ok
14:49:26.0588 0x10cc  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:49:26.0594 0x10cc  rdyboost - ok
14:49:26.0679 0x10cc  [ 26BA6AB9DC5B0AAFFAACD8677A1DC95D, 4E49FC8783DFC768CDE3971CBA8EB26463A99DF20E94496FD502263E2452A7D1 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
14:49:26.0681 0x10cc  RealNetworks Downloader Resolver Service - ok
14:49:26.0796 0x10cc  [ 2CDB350B30063D18F4B5F7FBE8622107, 64D6E073925D6A09084A69D97EA72614924291076C718CB1C3851CC01AB07CE0 ] RealPlayer Cloud Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
14:49:26.0861 0x10cc  RealPlayer Cloud Service - ok
14:49:26.0928 0x10cc  [ 60A867EE8C756FB631872084F9C29937, DB4E3CEF816C4085F8AF8C204398EEB548987C6F1DD99A30492185FE9EDA21BF ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
14:49:26.0929 0x10cc  RealPlayerUpdateSvc - ok
14:49:26.0960 0x10cc  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:49:26.0964 0x10cc  RemoteAccess - ok
14:49:26.0992 0x10cc  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:49:26.0999 0x10cc  RemoteRegistry - ok
14:49:27.0033 0x10cc  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:49:27.0038 0x10cc  RpcEptMapper - ok
14:49:27.0094 0x10cc  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
14:49:27.0096 0x10cc  RpcLocator - ok
14:49:27.0146 0x10cc  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
14:49:27.0170 0x10cc  RpcSs - ok
14:49:27.0210 0x10cc  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
14:49:27.0218 0x10cc  RSP2STOR - ok
14:49:27.0239 0x10cc  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:49:27.0242 0x10cc  rspndr - ok
14:49:27.0580 0x10cc  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
14:49:27.0606 0x10cc  RTL8168 - ok
14:49:27.0628 0x10cc  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
14:49:27.0629 0x10cc  s3cap - ok
14:49:27.0666 0x10cc  [ A49CDA75F8E41F769D19E2669BD62B37, 768A7CAD039C0285191E9D20E36ED8B9A2009499D75888AD88418385B0B9E1AB ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
14:49:27.0669 0x10cc  S3XXx64 - ok
14:49:27.0710 0x10cc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\Windows\system32\lsass.exe
14:49:27.0713 0x10cc  SamSs - ok
14:49:27.0746 0x10cc  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:49:27.0750 0x10cc  sbp2port - ok
14:49:27.0778 0x10cc  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:49:27.0786 0x10cc  SCardSvr - ok
14:49:27.0805 0x10cc  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:49:27.0806 0x10cc  scfilter - ok
14:49:27.0885 0x10cc  [ 03F58B3FA4B5329F21F770B1EF8D984A, 32976E64E4960E5996E3CA2F8BA9374E01201C461DE52AF0FA14BA75C784AC25 ] Schedule        C:\Windows\system32\schedsvc.dll
14:49:27.0954 0x10cc  Schedule - ok
14:49:28.0153 0x10cc  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:49:28.0425 0x10cc  SCPolicySvc - ok
14:49:28.0566 0x10cc  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
14:49:28.0573 0x10cc  sdbus - ok
14:49:28.0612 0x10cc  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:49:28.0618 0x10cc  SDRSVC - ok
14:49:28.0658 0x10cc  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
14:49:28.0660 0x10cc  sdstor - ok
14:49:28.0705 0x10cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:49:28.0708 0x10cc  secdrv - ok
14:49:28.0729 0x10cc  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
14:49:28.0733 0x10cc  seclogon - ok
14:49:28.0854 0x10cc  [ DA6C0E0B15CD0B135FD385AEABAE3A4C, 1DBED093D4BD1E800828D8E0EB19EDA7FD1E963AABD4F71D61F1AD04F669290F ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
14:49:28.0982 0x10cc  Secunia PSI Agent - ok
14:49:29.0029 0x10cc  [ 71761EDC432A0E39CF621105884E738E, 935133326B794F6DEAA97B9B6B6295AC6A884C3B73ABCD5662A79CEAD8EEA5EE ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
14:49:29.0077 0x10cc  Secunia Update Agent - ok
14:49:29.0114 0x10cc  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
14:49:29.0118 0x10cc  SENS - ok
14:49:29.0165 0x10cc  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:49:29.0172 0x10cc  SensrSvc - ok
14:49:29.0189 0x10cc  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
14:49:29.0191 0x10cc  SerCx - ok
14:49:29.0227 0x10cc  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
14:49:29.0229 0x10cc  Serenum - ok
14:49:29.0251 0x10cc  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
14:49:29.0253 0x10cc  Serial - ok
14:49:29.0271 0x10cc  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
14:49:29.0272 0x10cc  sermouse - ok
14:49:29.0323 0x10cc  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:49:29.0333 0x10cc  SessionEnv - ok
14:49:29.0354 0x10cc  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
14:49:29.0356 0x10cc  sfloppy - ok
14:49:30.0157 0x10cc  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:49:30.0232 0x10cc  SharedAccess - ok
14:49:30.0347 0x10cc  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:49:30.0368 0x10cc  ShellHWDetection - ok
14:49:30.0386 0x10cc  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:49:30.0388 0x10cc  SiSRaid2 - ok
14:49:30.0409 0x10cc  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:49:30.0412 0x10cc  SiSRaid4 - ok
14:49:30.0432 0x10cc  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
14:49:30.0435 0x10cc  SmbDrv - ok
14:49:30.0457 0x10cc  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:49:30.0459 0x10cc  SmbDrvI - ok
14:49:30.0489 0x10cc  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:49:30.0492 0x10cc  SNMPTRAP - ok
14:49:30.0520 0x10cc  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
14:49:30.0529 0x10cc  spaceport - ok
14:49:30.0555 0x10cc  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
14:49:30.0568 0x10cc  SpbCx - ok
14:49:30.0616 0x10cc  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
14:49:30.0652 0x10cc  Spooler - ok
14:49:30.0981 0x10cc  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:49:31.0341 0x10cc  sppsvc - ok
14:49:31.0896 0x10cc  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:49:31.0971 0x10cc  srv - ok
14:49:32.0658 0x10cc  [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:49:32.0711 0x10cc  srv2 - ok
14:49:33.0192 0x10cc  [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:49:33.0322 0x10cc  srvnet - ok
14:49:33.0366 0x10cc  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:49:33.0376 0x10cc  SSDPSRV - ok
14:49:33.0402 0x10cc  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:49:33.0406 0x10cc  SstpSvc - ok
14:49:34.0284 0x10cc  [ F452B51D895D894BF5487057E11D44CF, 4B4F54646B1069EA27D4A4F17CB85A66FF7B36A6087F3D07F12221B29DFBF8F2 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
14:49:34.0296 0x10cc  STacSV - ok
14:49:34.0337 0x10cc  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:49:34.0345 0x10cc  stexstor - ok
14:49:34.0445 0x10cc  [ B05AEC4014FFDC1793B5CCB6D9BD28D1, ED9CC2B5954BDB12868357703B451D8A086FC9DDA0A8F0EA486E3834B0854EE6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
14:49:34.0472 0x10cc  STHDA - ok
14:49:34.0519 0x10cc  [ F38F79114380246B6D40CD53FB2CA28D, 5F4001F6D97903DCBB2399B3AC36329A515823D44CDEE784613F2976398DB950 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:49:34.0523 0x10cc  StillCam - ok
14:49:34.0626 0x10cc  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
14:49:34.0662 0x10cc  stisvc - ok
14:49:34.0706 0x10cc  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
14:49:34.0711 0x10cc  storahci - ok
14:49:34.0771 0x10cc  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
14:49:34.0774 0x10cc  storflt - ok
14:49:34.0832 0x10cc  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
14:49:34.0835 0x10cc  StorSvc - ok
14:49:34.0886 0x10cc  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:49:34.0890 0x10cc  storvsc - ok
14:49:34.0915 0x10cc  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
14:49:34.0918 0x10cc  svsvc - ok
14:49:34.0933 0x10cc  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
14:49:34.0934 0x10cc  swenum - ok
14:49:34.0991 0x10cc  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
14:49:35.0118 0x10cc  swprv - ok
14:49:35.0159 0x10cc  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:49:35.0173 0x10cc  SynTP - ok
14:49:35.0385 0x10cc  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
14:49:35.0458 0x10cc  SysMain - ok
14:49:35.0887 0x10cc  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:49:36.0015 0x10cc  SystemEventsBroker - ok
14:49:36.0128 0x10cc  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
14:49:36.0140 0x10cc  TabletInputService - ok
14:49:36.0753 0x10cc  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:49:36.0768 0x10cc  TapiSrv - ok
14:49:37.0688 0x10cc  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:49:37.0807 0x10cc  Tcpip - ok
14:49:38.0071 0x10cc  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:49:38.0140 0x10cc  TCPIP6 - ok
14:49:38.0265 0x10cc  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:49:38.0324 0x10cc  tcpipreg - ok
14:49:38.0572 0x10cc  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:49:38.0951 0x10cc  tdx - ok
14:49:39.0004 0x10cc  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
14:49:39.0014 0x10cc  terminpt - ok
14:49:39.0641 0x10cc  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
14:49:40.0127 0x10cc  TermService - ok
14:49:40.0179 0x10cc  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
14:49:40.0184 0x10cc  Themes - ok
14:49:40.0225 0x10cc  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:49:40.0229 0x10cc  THREADORDER - ok
14:49:40.0271 0x10cc  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
14:49:40.0303 0x10cc  TimeBroker - ok
14:49:40.0388 0x10cc  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
14:49:40.0402 0x10cc  TPM - ok
14:49:40.0436 0x10cc  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
14:49:40.0441 0x10cc  TrkWks - ok
14:49:40.0554 0x10cc  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:49:40.0563 0x10cc  TrustedInstaller - ok
14:49:40.0596 0x10cc  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:49:40.0598 0x10cc  TsUsbFlt - ok
14:49:40.0613 0x10cc  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
14:49:40.0629 0x10cc  TsUsbGD - ok
14:49:40.0675 0x10cc  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:49:40.0681 0x10cc  tunnel - ok
14:49:40.0801 0x10cc  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:49:40.0803 0x10cc  uagp35 - ok
14:49:40.0835 0x10cc  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
14:49:40.0839 0x10cc  UASPStor - ok
14:49:40.0907 0x10cc  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
14:49:40.0916 0x10cc  UCX01000 - ok
14:49:40.0966 0x10cc  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:49:41.0137 0x10cc  udfs - ok
14:49:41.0216 0x10cc  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:49:41.0220 0x10cc  UI0Detect - ok
14:49:41.0273 0x10cc  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:49:41.0446 0x10cc  uliagpkx - ok
14:49:41.0528 0x10cc  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
14:49:41.0531 0x10cc  umbus - ok
14:49:41.0545 0x10cc  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
14:49:41.0546 0x10cc  UmPass - ok
14:49:41.0611 0x10cc  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:49:41.0742 0x10cc  UmRdpService - ok
14:49:42.0104 0x10cc  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:49:42.0121 0x10cc  UNS - ok
14:49:42.0212 0x10cc  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
14:49:42.0233 0x10cc  upnphost - ok
14:49:42.0300 0x10cc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
14:49:42.0315 0x10cc  USBAAPL64 - ok
14:49:42.0353 0x10cc  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:49:42.0358 0x10cc  usbaudio - ok
14:49:42.0416 0x10cc  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
14:49:42.0420 0x10cc  usbccgp - ok
14:49:42.0452 0x10cc  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
14:49:42.0455 0x10cc  usbcir - ok
14:49:42.0477 0x10cc  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
14:49:42.0483 0x10cc  usbehci - ok
14:49:42.0757 0x10cc  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
14:49:42.0848 0x10cc  usbhub - ok
14:49:43.0140 0x10cc  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
14:49:43.0160 0x10cc  USBHUB3 - ok
14:49:43.0188 0x10cc  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
14:49:43.0190 0x10cc  usbohci - ok
14:49:43.0218 0x10cc  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
14:49:43.0220 0x10cc  usbprint - ok
14:49:43.0253 0x10cc  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
14:49:43.0256 0x10cc  usbscan - ok
14:49:43.0280 0x10cc  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
14:49:43.0284 0x10cc  USBSTOR - ok
14:49:43.0550 0x10cc  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
14:49:43.0747 0x10cc  usbuhci - ok
14:49:43.0886 0x10cc  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:49:44.0141 0x10cc  usbvideo - ok
14:49:44.0269 0x10cc  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
14:49:44.0320 0x10cc  USBXHCI - ok
14:49:44.0612 0x10cc  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
14:49:44.0779 0x10cc  VaultSvc - ok
14:49:44.0903 0x10cc  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:49:44.0905 0x10cc  vdrvroot - ok
14:49:45.0673 0x10cc  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
14:49:45.0784 0x10cc  vds - ok
14:49:45.0811 0x10cc  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
14:49:45.0815 0x10cc  VerifierExt - ok
14:49:45.0886 0x10cc  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
14:49:45.0907 0x10cc  vhdmp - ok
14:49:45.0930 0x10cc  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:49:45.0932 0x10cc  viaide - ok
14:49:45.0951 0x10cc  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:49:45.0955 0x10cc  vmbus - ok
14:49:45.0977 0x10cc  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
14:49:45.0978 0x10cc  VMBusHID - ok
14:49:46.0026 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
14:49:46.0036 0x10cc  vmicheartbeat - ok
14:49:46.0053 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:49:46.0063 0x10cc  vmickvpexchange - ok
14:49:46.0079 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
14:49:46.0089 0x10cc  vmicrdv - ok
14:49:46.0203 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
14:49:46.0214 0x10cc  vmicshutdown - ok
14:49:46.0228 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
14:49:46.0240 0x10cc  vmictimesync - ok
14:49:46.0284 0x10cc  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
14:49:46.0293 0x10cc  vmicvss - ok
14:49:46.0522 0x10cc  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:49:46.0581 0x10cc  volmgr - ok
14:49:46.0626 0x10cc  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:49:46.0677 0x10cc  volmgrx - ok
14:49:46.0730 0x10cc  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:49:46.0739 0x10cc  volsnap - ok
14:49:46.0925 0x10cc  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
14:49:46.0945 0x10cc  vpci - ok
14:49:46.0973 0x10cc  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:49:46.0982 0x10cc  vsmraid - ok
14:49:47.0227 0x10cc  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
14:49:47.0424 0x10cc  VSS - ok
14:49:47.0481 0x10cc  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
14:49:47.0492 0x10cc  VSTXRAID - ok
14:49:47.0517 0x10cc  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:49:47.0518 0x10cc  vwifibus - ok
14:49:47.0662 0x10cc  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:49:47.0665 0x10cc  vwififlt - ok
14:49:47.0690 0x10cc  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:49:47.0691 0x10cc  vwifimp - ok
14:49:47.0839 0x10cc  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
14:49:48.0098 0x10cc  W32Time - ok
14:49:48.0131 0x10cc  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
14:49:48.0133 0x10cc  WacomPen - ok
14:49:48.0185 0x10cc  [ FB78C5AAD079B5322B58EAEF8E76A127, CB07034EF718D4EF993A22A2DD2ED161003243DACEE521A2B818E5FCB0AC9D09 ] WACService      C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe
14:49:48.0188 0x10cc  WACService - ok
14:49:48.0346 0x10cc  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:49:48.0350 0x10cc  Wanarp - ok
14:49:48.0356 0x10cc  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:49:48.0358 0x10cc  Wanarpv6 - ok
14:49:48.0966 0x10cc  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
14:49:48.0980 0x10cc  WAS - ok
14:49:49.0810 0x10cc  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
14:49:49.0971 0x10cc  wbengine - ok
14:49:49.0999 0x10cc  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:49:50.0034 0x10cc  WbioSrvc - ok
14:49:50.0728 0x10cc  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
14:49:50.0771 0x10cc  Wcmsvc - ok
14:49:51.0063 0x10cc  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:49:51.0084 0x10cc  wcncsvc - ok
14:49:51.0273 0x10cc  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:49:51.0902 0x10cc  WcsPlugInService - ok
14:49:52.0136 0x10cc  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
14:49:52.0137 0x10cc  Wd - ok
14:49:52.0252 0x10cc  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
14:49:52.0270 0x10cc  WdBoot - ok
14:49:53.0470 0x10cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:49:53.0575 0x10cc  Wdf01000 - ok
14:49:54.0296 0x10cc  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
14:49:54.0344 0x10cc  WdFilter - ok
14:49:54.0732 0x10cc  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:49:54.0904 0x10cc  WdiServiceHost - ok
14:49:54.0956 0x10cc  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:49:54.0964 0x10cc  WdiSystemHost - ok
14:49:55.0095 0x10cc  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll
14:49:55.0106 0x10cc  WebClient - ok
14:49:55.0171 0x10cc  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:49:55.0367 0x10cc  Wecsvc - ok
14:49:55.0421 0x10cc  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:49:55.0426 0x10cc  wercplsupport - ok
14:49:55.0485 0x10cc  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:49:55.0491 0x10cc  WerSvc - ok
14:49:55.0602 0x10cc  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
14:49:55.0607 0x10cc  WFPLWFS - ok
14:49:55.0713 0x10cc  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
14:49:55.0717 0x10cc  WiaRpc - ok
14:49:55.0843 0x10cc  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:49:55.0845 0x10cc  WIMMount - ok
14:49:55.0935 0x10cc  WinDefend - ok
14:49:57.0466 0x10cc  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:49:58.0476 0x10cc  WinHttpAutoProxySvc - ok
14:50:00.0095 0x10cc  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:50:00.0266 0x10cc  Winmgmt - ok
14:50:02.0759 0x10cc  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:50:03.0696 0x10cc  WinRM - ok
14:50:03.0946 0x10cc  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:50:03.0951 0x10cc  WinUsb - ok
14:50:04.0236 0x10cc  [ DAF801153E8F33E13AB278332250D78A, 0F277DA63E8A058A474994CF3A8345DEA967B78E54F4F97FEC995499A1D541A0 ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
14:50:04.0266 0x10cc  WirelessButtonDriver - ok
14:50:06.0576 0x10cc  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
14:50:06.0765 0x10cc  WlanSvc - ok
14:50:10.0810 0x10cc  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
14:50:11.0302 0x10cc  wlidsvc - ok
14:50:11.0674 0x10cc  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
14:50:11.0765 0x10cc  WmiAcpi - ok
14:50:12.0745 0x10cc  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:50:12.0758 0x10cc  wmiApSrv - ok
14:50:13.0110 0x10cc  WMPNetworkSvc - ok
14:50:13.0597 0x10cc  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
14:50:13.0978 0x10cc  wpcfltr - ok
14:50:14.0486 0x10cc  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:50:14.0605 0x10cc  WPCSvc - ok
14:50:15.0125 0x10cc  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:50:15.0423 0x10cc  WPDBusEnum - ok
14:50:15.0467 0x10cc  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
14:50:15.0713 0x10cc  WpdUpFltr - ok
14:50:16.0010 0x10cc  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:50:16.0018 0x10cc  ws2ifsl - ok
14:50:16.0386 0x10cc  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:50:16.0393 0x10cc  wscsvc - ok
14:50:16.0539 0x10cc  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
14:50:16.0572 0x10cc  WSDPrintDevice - ok
14:50:16.0577 0x10cc  WSearch - ok
14:50:17.0535 0x10cc  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
14:50:17.0949 0x10cc  WSService - ok
14:50:18.0539 0x10cc  [ F2463B2E9818D242B4F72B237E9BD545, 3ACD98FB3BD8E12E6A66390CF0ED88050AB90A5B888C1E55914D362E03A1EB93 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:50:18.0767 0x10cc  wuauserv - ok
14:50:18.0809 0x10cc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:50:18.0881 0x10cc  WudfPf - ok
14:50:18.0967 0x10cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
14:50:18.0974 0x10cc  WUDFRd - ok
14:50:19.0011 0x10cc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:50:19.0016 0x10cc  wudfsvc - ok
14:50:19.0025 0x10cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
14:50:19.0030 0x10cc  WUDFWpdFs - ok
14:50:19.0106 0x10cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
14:50:19.0111 0x10cc  WUDFWpdMtp - ok
14:50:19.0347 0x10cc  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:50:19.0364 0x10cc  WwanSvc - ok
14:50:19.0381 0x10cc  ================ Scan global ===============================
14:50:20.0226 0x10cc  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
14:50:20.0347 0x10cc  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
14:50:20.0540 0x10cc  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
14:50:20.0630 0x10cc  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
14:50:20.0649 0x10cc  [ Global ] - ok
14:50:20.0650 0x10cc  ================ Scan MBR ==================================
14:50:20.0672 0x10cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:50:20.0706 0x10cc  \Device\Harddisk0\DR0 - ok
14:50:20.0706 0x10cc  ================ Scan VBR ==================================
14:50:20.0713 0x10cc  [ 35045C8EA35757708274AD89BE0B7D2A ] \Device\Harddisk0\DR0\Partition1
14:50:20.0727 0x10cc  \Device\Harddisk0\DR0\Partition1 - ok
14:50:20.0755 0x10cc  [ EFCAB0B976C470B2FF83CCC23D8D44FC ] \Device\Harddisk0\DR0\Partition2
14:50:20.0764 0x10cc  \Device\Harddisk0\DR0\Partition2 - ok
14:50:20.0778 0x10cc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:50:20.0781 0x10cc  \Device\Harddisk0\DR0\Partition3 - ok
14:50:20.0889 0x10cc  [ B81B90294E5FC4499BCC4A794A1A5E5B ] \Device\Harddisk0\DR0\Partition4
14:50:20.0892 0x10cc  \Device\Harddisk0\DR0\Partition4 - ok
14:50:20.0932 0x10cc  [ B117E0D572DDE36CBF0390E31C8AE1D8 ] \Device\Harddisk0\DR0\Partition5
14:50:21.0034 0x10cc  \Device\Harddisk0\DR0\Partition5 - ok
14:50:21.0034 0x10cc  ================ Scan generic autorun ======================
14:50:21.0223 0x10cc  [ B53D3AFAA2A39BE79BF0D093063DB958, 9AE40F5A18906B2640B54B2ECF32D27F2E3D883DD7FF55EEC9F1D6E6201DED43 ] C:\Windows\system32\igfxtray.exe
14:50:21.0229 0x10cc  IgfxTray - ok
14:50:21.0253 0x10cc  [ 2698A43DF7F9284AB9A5D1C09803F4B4, 4C3E63514D5BF217750D966E20283B49D4EBA66143129548AE10076B35C07610 ] C:\Windows\system32\hkcmd.exe
14:50:21.0286 0x10cc  HotKeysCmds - ok
14:50:21.0342 0x10cc  [ C7325FC085E4CBB35608C01003EF0E36, D562E4C3A6ECD702EF38A32B8122B7737909278DEFF7F8F3D7FEA76D1FD8C2DC ] C:\Windows\system32\igfxpers.exe
14:50:21.0358 0x10cc  Persistence - ok
14:50:21.0677 0x10cc  [ 21247A9F74DA9C8AF98E6847F82D07A8, BE84D3CD0A2149E3FC5EDC78C09C0A94FD3CE354B7C5C3F88457C6C1FAF82ECF ] C:\Program Files\IDT\WDM\sttray64.exe
14:50:21.0743 0x10cc  SysTrayApp - ok
14:50:21.0746 0x10cc  SynTPEnh - ok
14:50:22.0621 0x10cc  [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:50:22.0636 0x10cc  AdobeAAMUpdater-1.0 - ok
14:50:23.0044 0x10cc  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
14:50:23.0045 0x10cc  NCPluginUpdater - ok
14:50:23.0145 0x10cc  [ D6FF94ED4D086489A453134F0AE33FD3, 47E1CE640E9AB6B8DD148DACA80B1D07BCF69DF9F6B109285419447B9A4025FF ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
14:50:23.0246 0x10cc  CLVirtualDrive - ok
14:50:23.0312 0x10cc  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
14:50:23.0315 0x10cc  RemoteControl10 - ok
14:50:23.0362 0x10cc  [ EBAE9EE13F51F38B57D616CF4A420682, E27969D5F0B796C2C8DA7C46680AB6C797A8F297B105477B71B4871F8F7B62FD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
14:50:23.0384 0x10cc  HP Quick Launch - ok
14:50:23.0472 0x10cc  [ 9F3655267BA37004F519ABDDB3AEE244, 971BA4937F103F09C166BBCAE6D48688251AD603A743C81D9A50480BFEF22C83 ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
14:50:23.0526 0x10cc  HP CoolSense - ok
14:50:23.0686 0x10cc  [ 3B01B800A43CF3FAF5AAA78315BC2148, C6868579F19FAD74FF347B7CCF35E8807724EF34B5885464F2BC46F9B6B39648 ] C:\Program Files (x86)\Winamp\winampa.exe
14:50:23.0690 0x10cc  WinampAgent - ok
14:50:24.0566 0x10cc  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:50:24.0595 0x10cc  Adobe ARM - ok
14:50:24.0867 0x10cc  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
14:50:25.0315 0x10cc  GrooveMonitor - ok
14:50:26.0497 0x10cc  [ E0DF6506C36AA207F41EFED13D876D83, 4C2C3654D51632B6BC89B1DBD8D3551EFDF736D9C8BD9C0203654CB149EBE03E ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
14:50:29.0180 0x10cc  Acrobat Assistant 8.0 - ok
14:50:30.0912 0x10cc  [ 10E89F598469C60D8C87A8218089A87D, BE40B0DAB9F19E325086605A795469FC8A501FA66E05AD4D990E3C1A0326BAEF ] C:\Users\John\AppData\Local\Akamai\netsession_win.exe
14:50:31.0295 0x10cc  Akamai NetSession Interface - ok
14:50:32.0007 0x10cc  [ 52FD61AFC3D2BF55226A7E5AC8C06673, 4D3E022FF7627416F88D56F6ED5C3481A70C32506A8F9FC0B88FE4AB0341F08C ] C:\Users\John\AppData\Roaming\Spotify\Spotify.exe
14:50:32.0243 0x10cc  Spotify - ok
14:50:32.0462 0x10cc  [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\John\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
14:50:32.0495 0x10cc  Spotify Web Helper - ok
14:50:32.0502 0x10cc  Waiting for KSN requests completion. In queue: 4
14:50:33.0518 0x10cc  Waiting for KSN requests completion. In queue: 4
14:50:34.0522 0x10cc  Waiting for KSN requests completion. In queue: 4
14:50:35.0534 0x10cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated )
14:50:35.0632 0x10cc  Win FW state via NFP2: enabled
14:50:38.0151 0x10cc  ============================================================
14:50:38.0151 0x10cc  Scan finished
14:50:38.0151 0x10cc  ============================================================
14:50:38.0162 0x17c4  Detected object count: 0
14:50:38.0162 0x17c4  Actual detected object count: 0
 


#4 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 September 2014 - 02:10 PM

# AdwCleaner v3.309 - Report created 10/09/2014 at 15:00:36
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : John - LIVINGROOM-PC
# Running from : C:\Users\John\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : f1f78e38
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\WinSpeed
Folder Deleted : C:\ProgramData\deAl4rEal
Folder Deleted : C:\ProgramData\eeAeSYtoshoup
Folder Deleted : C:\ProgramData\WorldWideCoupon
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\John\Documents\Optimizer Pro
File Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\freehdsport@freehdsport.tv.xpi
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : Optimizer Pro Schedule
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASMANCS
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\WinSpeed\WINSPE~1.DLL
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17054
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
 
*************************
 
AdwCleaner[R0].txt - [4049 octets] - [12/11/2013 17:01:38]
AdwCleaner[R1].txt - [4109 octets] - [12/11/2013 17:26:27]
AdwCleaner[R2].txt - [4526 octets] - [10/09/2014 14:52:24]
AdwCleaner[S0].txt - [4440 octets] - [10/09/2014 15:00:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4500 octets] ##########


#5 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 September 2014 - 02:31 PM

JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by John on Wed 09/10/2014 at 15:19:13.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilDealKeeper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilDealKeeper_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilDealKeeper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilDealKeeper_RASMANCS
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\John\appdata\locallow\ytd"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/10/2014 at 15:27:41.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 September 2014 - 10:15 PM

And last one from ESET:

 

C:\AdwCleaner\Quarantine\C\ProgramData\WinSpeed\WinSpeed_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application deleted - quarantined
C:\Users\John\Downloads\java_installer (1).exe a variant of Win32/SoftPulse.K potentially unwanted application deleted - quarantined
C:\Users\John\Downloads\java_installer.exe a variant of Win32/SoftPulse.K potentially unwanted application deleted - quarantined
C:\Users\John\Downloads\setup.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 11 September 2014 - 11:52 AM

Still Hijacked?

If so what is your browser?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 12 September 2014 - 12:54 PM

Chrome was still infected after all of that. IE might have been but I didn't really notice anything when I was running it. I installed a new version of Chrome and it doesn't seem to be infected anymore. Is there a scan I can do to find out? Thank you for the help so far.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 12 September 2014 - 01:34 PM

See quietman7's post 3 here. I suspect the hijacker was in Chromes add ons...you reinstalled so that clear.. check IE.

http://www.bleepingcomputer.com/forums/t/513638/malware-or-virus-affecting-my-computer/?hl=%2Bremoval+%2Btool#entry3204205

Edited by boopme, 12 September 2014 - 01:35 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 14 September 2014 - 01:39 PM

It's back in Chrome in full force. I was just browsing non-shady sites and it started up again. It opens new windows when I click anywhere in a web page, it embeds ads into webpages, dialogue boxes popup telling me to call an 800 number and sometimes these cannot be gotten rid of and I have to close chrome in task manager.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 15 September 2014 - 01:09 PM

Lets get a deeper look to see where it is.
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 BadgerByBirth

BadgerByBirth
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 22 September 2014 - 11:06 AM

Will do. Thanks!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 22 September 2014 - 12:30 PM

You're welcome!
New topic
http://www.bleepingcomputer.com/forums/t/549344/random-windows-popup-in-chrome-trying-to-get-me-to-call-tech-support-etc/#entry3486112

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users