Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chinese pop-up adware


  • Please log in to reply
4 replies to this topic

#1 lbai0002

lbai0002

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 11 September 2014 - 09:40 PM

My mom's computer has Chinese-language pop-up ads appearing all over her screen.  They start to come up when her computer starts, and they seem to come from many different websites, like 21444.cn and joypush.cn.  Some of them use Internet Explorer to show their pop-ups, but some of them do not.

 

Her computer runs Windows 7.  It has Malwarebytes Premium installed, which is blocking a few of the pop-ups.

 

We've used the following to try to get rid of the pop-ups:

 

Malwarebytes

Avast

Adwcleaner

Junkware Removal Tool

 

The ads still haven't gone away.

 

Any help would be greatly appreciated.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 12 September 2014 - 11:04 AM

Look in you browser (s) add ons, extensions for anything Chinese or unknown and disable it and see.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .

    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 12 September 2014 - 11:05 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 12 September 2014 - 07:48 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Jun (administrator) on 12-09-2014 at 20:41:55
Running from "C:\Users\Jun\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
TAP-Windows Adapter V9 = MyTap (Connected)
Fortinet virtual adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Desktop3
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.nj.comcast.net.

Ethernet adapter MyTap:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-83-99-6D-1B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::100e:509e:e6:6338%26(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.15.61.30(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : Friday, September 12, 2014 7:12:30 PM
   Lease Expires . . . . . . . . . . : Saturday, September 12, 2015 7:12:30 PM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 10.15.61.29
   DHCPv6 IAID . . . . . . . . . . . : 553713539
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4E-5A-2C-84-2B-2B-89-46-76
   DNS Servers . . . . . . . . . . . : 10.15.51.11
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.nj.comcast.net.
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 84-2B-2B-89-46-76
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9de6:97b5:ee8e:d9c6%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, September 12, 2014 7:04:07 PM
   Lease Expires . . . . . . . . . . : Saturday, September 13, 2014 7:04:07 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 243542827
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4E-5A-2C-84-2B-2B-89-46-76
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Fortinet virtual adapter
   Physical Address. . . . . . . . . : 00-09-0F-FE-00-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2887:e6a:f5f0:c2e1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2887:e6a:f5f0:c2e1%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.nj.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.nj.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{83996D1B-AC02-4102-8951-686530D97494}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{89ED6E5D-0C71-44C5-896D-1809BFC7C825}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  e2-pr-dc01.e2eng.local
Address:  10.15.51.11

Name:    google.com
Addresses:  2607:f8b0:4006:80a::1004
      173.194.43.33
      173.194.43.37
      173.194.43.38
      173.194.43.35
      173.194.43.36
      173.194.43.40
      173.194.43.39
      173.194.43.46
      173.194.43.34
      173.194.43.32
      173.194.43.41


Pinging google.com [173.194.43.37] with 32 bytes of data:
Reply from 173.194.43.37: bytes=32 time=42ms TTL=248
Reply from 173.194.43.37: bytes=32 time=40ms TTL=248

Ping statistics for 173.194.43.37:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 42ms, Average = 41ms
Server:  e2-pr-dc01.e2eng.local
Address:  10.15.51.11

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=106ms TTL=243
Reply from 206.190.36.45: bytes=32 time=107ms TTL=243

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 106ms, Maximum = 107ms, Average = 106ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 26...00 ff 83 99 6d 1b ......TAP-Windows Adapter V9
 10...84 2b 2b 89 46 76 ......Broadcom NetLink ™ Gigabit Ethernet
 14...00 09 0f fe 00 01 ......Fortinet virtual adapter
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.104     20
          0.0.0.0        128.0.0.0      10.15.61.29      10.15.61.30     30
        10.15.0.0      255.255.0.0      10.15.61.29      10.15.61.30     30
       10.15.61.1  255.255.255.255      10.15.61.29      10.15.61.30     30
      10.15.61.28  255.255.255.252         On-link       10.15.61.30    286
      10.15.61.30  255.255.255.255         On-link       10.15.61.30    286
      10.15.61.31  255.255.255.255         On-link       10.15.61.30    286
    71.168.210.65  255.255.255.255      192.168.1.1    192.168.1.104     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        128.0.0.0        128.0.0.0      10.15.61.29      10.15.61.30     30
      192.168.1.0    255.255.255.0         On-link     192.168.1.104    276
      192.168.1.1  255.255.255.255      192.168.1.1    192.168.1.104     20
    192.168.1.104  255.255.255.255         On-link     192.168.1.104    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.104    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.104    276
        224.0.0.0        240.0.0.0         On-link       10.15.61.30    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.104    276
  255.255.255.255  255.255.255.255         On-link       10.15.61.30    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:2887:e6a:f5f0:c2e1/128
                                    On-link
 10    276 fe80::/64                On-link
 26    286 fe80::/64                On-link
 13    306 fe80::/64                On-link
 26    286 fe80::100e:509e:e6:6338/128
                                    On-link
 13    306 fe80::2887:e6a:f5f0:c2e1/128
                                    On-link
 10    276 fe80::9de6:97b5:ee8e:d9c6/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
 26    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2014 07:10:57 PM) (Source: MsiInstaller) (User: Desktop3)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011007}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/12/2014 07:10:57 PM) (Source: MsiInstaller) (User: Desktop3)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011008}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/11/2014 08:08:55 PM) (Source: MsiInstaller) (User: Desktop3)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011007}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/11/2014 08:08:55 PM) (Source: MsiInstaller) (User: Desktop3)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011008}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/11/2014 02:08:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/10/2014 10:40:38 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {10fff4bf-b775-4e29-a8b3-8339afcc04b1}


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (09/12/2014 07:10:57 PM) (Source: MsiInstaller)(User: Desktop3)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (09/12/2014 07:10:57 PM) (Source: MsiInstaller)(User: Desktop3)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (09/11/2014 08:08:55 PM) (Source: MsiInstaller)(User: Desktop3)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (09/11/2014 08:08:55 PM) (Source: MsiInstaller)(User: Desktop3)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (09/11/2014 02:08:31 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\pdf995\res\drivedir\copy64.exe

Error: (09/10/2014 10:40:38 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {10fff4bf-b775-4e29-a8b3-8339afcc04b1}



=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.0.16600 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoCAD LT 2011 - English (HKLM\...\AutoCAD LT 2011 - English) (Version: 18.1.52.0 - Autodesk)
AutoCAD LT 2011 - English (Version: 18.1.52.0 - Autodesk) Hidden
AutoCAD LT 2011 Language Pack - English (Version: 18.1.52.0 - Autodesk) Hidden
AutoCAD LT 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD LT 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk AutoCAD LT 2014 - English (HKLM\...\AutoCAD LT 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Material Library 2011 (HKLM\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2014 (HKLM\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{5DB87A63-9420-48CC-9F9A-B8801D38D6B5}) (Version: 12.35.01 - Broadcom Corporation)
CAPS 3.10 (HKLM\...\{E9D11918-7B62-4A96-819E-AEFEA05A2548}) (Version: 3.10 - Greenheck)
Chvac Version 7 (HKLM\...\Chvac Version 7) (Version:  - )
Content Manager (HKCU\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
СÐÜÌìÆø 1.0 (HKLM\...\СÐÜÌìÆø) (Version: 1.0 - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
eQUEST 3-64 (HKLM\...\eQUEST 3-64) (Version: 3.64 - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Express Burn (HKLM\...\ExpressBurn) (Version:  - NCH Software)
Fire Version 6.0 (HKLM\...\Fire Version 6.0) (Version:  - )
FortiClient Endpoint Security (HKLM\...\{34D6AD5A-C03D-45FF-AA8A-8B306E01B96D}) (Version: 4.2.2.0267 - Fortinet Inc)
free-4-pc bundle (HKLM\...\free-4-pc bundle) (Version: 2.0.0.5 - free-4-pc)
GASVENT 2 for Windows (HKLM\...\GASVENT 2 for Windows) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Grab & Burn, Version 4.0.1 ( Build 2005-09-21, Win32, CSS ) (HKLM\...\Rocket Division Software Grab & Burn_is1) (Version:  - Rocket Division Software)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.2.0.21397 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.2.3.23179 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM\...\LastPass) (Version:  - LastPass)
LogMeIn (HKLM\...\{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}) (Version: 4.1.1558 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft XML Parser (Version: 8.50.2162.6 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Munters PsyCalc (HKLM\...\Munters PsyCalc) (Version:  - )
NJStar Chinese WP (HKLM\...\NJStar Chinese WP) (Version: 5.25 - NJStar Software Corp.)
OpenVPN 2.3.3-I002  (HKLM\...\OpenVPN) (Version: 2.3.3-I002 - )
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
Pdf995 (HKLM\...\Pdf995) (Version:  - )
PPLite 1.0.0.0078 (HKLM\...\PPLite) (Version:  - )
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PsyChart Version 2.01 (HKLM\...\PsyChart Version 2.01) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QUOTE Version 2.0 (HKLM\...\QUOTE Version 2.0) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - )
RHVAC Version 8 (HKLM\...\RHVAC Version 8) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Simple Hydraulic Calculator (HKLM\...\Simple Hydraulic Calculator) (Version: 1.4.8 - Igneus Incorporated)
Strongvault Online Backup (HKLM\...\{5E33D30D-D896-4D92-B033-5F45819B2937}) (Version:  - )
Taco 2002 HX Selection (HKLM\...\Taco 2002 HX Selection) (Version:  - MicroComputer Task Group)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Uniblue RegistryBooster (HKLM\...\Uniblue RegistryBooster) (Version: 4.7.7.19 - Uniblue Systems Ltd)
Uniblue RegistryBooster (Version: 4.7.7.19 - Uniblue Systems Ltd) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinHex (HKLM\...\WinHex) (Version:  - )
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 3036.8 MB
Available physical RAM: 1244.5 MB
Total Pagefile: 6071.9 MB
Available Pagefile: 3969.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.6 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.27 GB) (Free:140.4 GB) NTFS
3 Drive e: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
4 Drive g: (My Passport) (Fixed) (Total:465.11 GB) (Free:437.63 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP3

Administrator            Guest                    Jun                      


**** End of log ****
 


20:45:39.0052 0x7004  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:45:42.0271 0x7004  ============================================================
20:45:42.0271 0x7004  Current date / time: 2014/09/12 20:45:42.0271
20:45:42.0271 0x7004  SystemInfo:
20:45:42.0271 0x7004  
20:45:42.0271 0x7004  OS Version: 6.1.7601 ServicePack: 1.0
20:45:42.0271 0x7004  Product type: Workstation
20:45:42.0272 0x7004  ComputerName: DESKTOP3
20:45:42.0288 0x7004  UserName: Jun
20:45:42.0288 0x7004  Windows directory: C:\Windows
20:45:42.0288 0x7004  System windows directory: C:\Windows
20:45:42.0288 0x7004  Processor architecture: Intel x86
20:45:42.0288 0x7004  Number of processors: 2
20:45:42.0288 0x7004  Page size: 0x1000
20:45:42.0288 0x7004  Boot type: Normal boot
20:45:42.0288 0x7004  ============================================================
20:45:43.0826 0x7004  KLMD registered as C:\Windows\system32\drivers\33451928.sys
20:45:44.0385 0x7004  System UUID: {4AD46A01-7966-A43F-1F87-907624C3F814}
20:45:45.0557 0x7004  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:45:45.0582 0x7004  Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 ( 465.11 Gb ), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:45:49.0483 0x7004  ============================================================
20:45:49.0483 0x7004  \Device\Harddisk0\DR0:
20:45:49.0502 0x7004  MBR partitions:
20:45:49.0502 0x7004  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000
20:45:49.0502 0x7004  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x24089000
20:45:49.0502 0x7004  \Device\Harddisk1\DR1:
20:45:49.0503 0x7004  MBR partitions:
20:45:49.0503 0x7004  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
20:45:49.0503 0x7004  ============================================================
20:45:49.0528 0x7004  C: <-> \Device\Harddisk0\DR0\Partition2
20:45:49.0552 0x7004  G: <-> \Device\Harddisk1\DR1\Partition1
20:45:49.0553 0x7004  ============================================================
20:45:49.0553 0x7004  Initialize success
20:45:49.0553 0x7004  ============================================================
20:45:50.0932 0x7110  ============================================================
20:45:50.0932 0x7110  Scan started
20:45:50.0932 0x7110  Mode: Manual;
20:45:50.0932 0x7110  ============================================================
20:45:50.0932 0x7110  KSN ping started
20:45:53.0624 0x7110  KSN ping finished: true
20:45:55.0638 0x7110  ================ Scan system memory ========================
20:45:55.0638 0x7110  System memory - ok
20:45:55.0641 0x7110  ================ Scan services =============================
20:45:55.0778 0x7110  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:45:55.0783 0x7110  1394ohci - ok
20:45:55.0849 0x7110  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:45:55.0856 0x7110  ACPI - ok
20:45:55.0918 0x7110  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:45:55.0921 0x7110  AcpiPmi - ok
20:45:56.0032 0x7110  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:45:56.0035 0x7110  AdobeARMservice - ok
20:45:56.0107 0x7110  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:56.0114 0x7110  AdobeFlashPlayerUpdateSvc - ok
20:45:56.0220 0x7110  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:45:56.0283 0x7110  adp94xx - ok
20:45:56.0339 0x7110  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:45:56.0346 0x7110  adpahci - ok
20:45:56.0372 0x7110  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:45:56.0376 0x7110  adpu320 - ok
20:45:56.0398 0x7110  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:45:56.0400 0x7110  AeLookupSvc - ok
20:45:56.0420 0x7110  [ 7A841462AD4749F8A07B27AE8E8947B8, 029B0FBB42AC042EF13BD6AD66EC39104FA102553439DE56E7DC2EA02398E03F ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
20:45:56.0423 0x7110  AERTFilters - ok
20:45:56.0489 0x7110  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
20:45:56.0538 0x7110  AFD - ok
20:45:56.0596 0x7110  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:45:56.0633 0x7110  agp440 - ok
20:45:56.0657 0x7110  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
20:45:56.0661 0x7110  aic78xx - ok
20:45:56.0675 0x7110  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
20:45:56.0677 0x7110  ALG - ok
20:45:56.0715 0x7110  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:45:56.0717 0x7110  aliide - ok
20:45:56.0723 0x7110  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:45:56.0726 0x7110  amdagp - ok
20:45:56.0765 0x7110  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:45:56.0767 0x7110  amdide - ok
20:45:56.0784 0x7110  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:45:56.0787 0x7110  AmdK8 - ok
20:45:56.0797 0x7110  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:45:56.0800 0x7110  AmdPPM - ok
20:45:56.0819 0x7110  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:45:56.0822 0x7110  amdsata - ok
20:45:56.0839 0x7110  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:45:56.0843 0x7110  amdsbs - ok
20:45:56.0860 0x7110  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:45:56.0862 0x7110  amdxata - ok
20:45:56.0899 0x7110  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
20:45:56.0901 0x7110  AppID - ok
20:45:56.0921 0x7110  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:45:56.0923 0x7110  AppIDSvc - ok
20:45:56.0962 0x7110  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
20:45:56.0965 0x7110  Appinfo - ok
20:45:57.0050 0x7110  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:45:57.0052 0x7110  Apple Mobile Device - ok
20:45:57.0078 0x7110  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:45:57.0081 0x7110  arc - ok
20:45:57.0093 0x7110  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:45:57.0096 0x7110  arcsas - ok
20:45:57.0190 0x7110  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:45:57.0212 0x7110  aspnet_state - ok
20:45:57.0265 0x7110  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
20:45:57.0292 0x7110  aswHwid - ok
20:45:57.0319 0x7110  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:45:57.0322 0x7110  aswMonFlt - ok
20:45:57.0363 0x7110  [ A4614218584E41C31C7D1CBFF0432ED5, C9632FDB13FB0DD73A5FA5E2DFA5EFF97A9CD719DC0D28097B765077AD0FB3E7 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
20:45:57.0366 0x7110  aswRdr - ok
20:45:57.0395 0x7110  [ B7750AF7EDFD95674EB7CA92BCDD3358, A097577004F3CF71E2F9465F02B073D39926D7DEE2E2A9516D888158A5CB19E9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
20:45:57.0397 0x7110  aswRvrt - ok
20:45:57.0438 0x7110  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:45:57.0456 0x7110  aswSnx - ok
20:45:57.0500 0x7110  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:45:57.0511 0x7110  aswSP - ok
20:45:57.0560 0x7110  [ 83378AE48209388D0F9BD16A44D19EEC, 0BEBD1E425077D81B5439E90B2C518EA8B94F590B551F52289842012BA3BAB2C ] aswStm          C:\Windows\system32\drivers\aswStm.sys
20:45:57.0563 0x7110  aswStm - ok
20:45:57.0583 0x7110  [ 90BEE0170D70D6744CEF2355EEAF8086, 8F9FF53F529B854934020E2F8163605DC794FF48464D3D4439BAAF70ECE8E963 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
20:45:57.0591 0x7110  aswVmm - ok
20:45:57.0622 0x7110  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:45:57.0624 0x7110  AsyncMac - ok
20:45:57.0657 0x7110  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:45:57.0659 0x7110  atapi - ok
20:45:57.0713 0x7110  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:45:57.0725 0x7110  AudioEndpointBuilder - ok
20:45:57.0740 0x7110  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:45:57.0750 0x7110  Audiosrv - ok
20:45:57.0856 0x7110  [ 3817558D8D5BBC8B0F190CF0D7C4720F, 7CD250DD22BE0E6CF6BEA639EA8220E46158CA7DF33FF803967CEAEA7FBD14E5 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
20:45:57.0860 0x7110  Autodesk Content Service - ok
20:45:57.0992 0x7110  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:45:57.0994 0x7110  avast! Antivirus - ok
20:45:58.0037 0x7110  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:45:58.0041 0x7110  AxInstSV - ok
20:45:58.0078 0x7110  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
20:45:58.0089 0x7110  b06bdrv - ok
20:45:58.0123 0x7110  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:45:58.0129 0x7110  b57nd60x - ok
20:45:58.0181 0x7110  [ AFFEC9E725E6CF9762C6BC2FD35C6AE4, B8C415C181E205CB4036AA6B8D32FDE590A0ACC483A82FC32EA3713A2382DF65 ] bd0001          C:\Windows\system32\DRIVERS\bd0001.sys
20:45:58.0184 0x7110  bd0001 - ok
20:45:58.0195 0x7110  bd0002 - ok
20:45:58.0223 0x7110  [ A312927AD16F89A4DBA4B90FA094896F, 50EF13BF661716D2746DF0A6C675D3D6B84FE0800E9CB6D1C13681BDB8CF9BD5 ] bd0004          C:\Windows\system32\DRIVERS\bd0004.sys
20:45:58.0227 0x7110  bd0004 - ok
20:45:58.0241 0x7110  [ BD91AEECAC2FFD9A1DE0AFC4AA8A1C93, 83B313209ADAD5A9BCA7B93A8F6C1CF5EAF160D7DC7FD3D60B8AA12E1412BE08 ] BDArKit         C:\Windows\system32\DRIVERS\BDArKit.sys
20:45:58.0244 0x7110  BDArKit - ok
20:45:58.0278 0x7110  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
20:45:58.0281 0x7110  BDESVC - ok
20:45:58.0324 0x7110  [ 1E620EF164FFA9E12D2D9A4E617001F0, 1E22C16CA240FF3E6DABE0DA0B1F00D13C713BD567FB73D48D98FF57228F3F47 ] BDMWrench       C:\Windows\system32\DRIVERS\BDMWrench.sys
20:45:58.0329 0x7110  BDMWrench - ok
20:45:58.0409 0x7110  [ B1A472DB435DD8C414BCC4998E6E3B57, 1A7E96F99A3B0F87EF7774D8819F934BAFC5E15B676649565943DC1528C5CEAD ] BDSGRTP         C:\Program Files\Common Files\Baidu\BaiduProtect\1.2.17.49\BaiduProtect.exe
20:45:58.0443 0x7110  BDSGRTP - ok
20:45:58.0467 0x7110  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:45:58.0469 0x7110  Beep - ok
20:45:58.0519 0x7110  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
20:45:58.0530 0x7110  BFE - ok
20:45:58.0570 0x7110  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
20:45:58.0587 0x7110  BITS - ok
20:45:58.0609 0x7110  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:45:58.0611 0x7110  blbdrive - ok
20:45:58.0662 0x7110  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:45:58.0671 0x7110  Bonjour Service - ok
20:45:58.0707 0x7110  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:45:58.0711 0x7110  bowser - ok
20:45:58.0747 0x7110  [ 104C980400850EA84F86CD31AE2EEECE, 5EE5A220DD58DF10E317FA0E5B1583DB09ADE44C99B75636BB6392AFBF00E5CF ] BPowMon         C:\Program Files\Broadcom\BPowMon\BPowMon.exe
20:45:58.0751 0x7110  BPowMon - ok
20:45:58.0784 0x7110  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:45:58.0786 0x7110  BrFiltLo - ok
20:45:58.0812 0x7110  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:45:58.0814 0x7110  BrFiltUp - ok
20:45:58.0849 0x7110  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
20:45:58.0854 0x7110  Browser - ok
20:45:58.0881 0x7110  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:45:58.0890 0x7110  Brserid - ok
20:45:58.0903 0x7110  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:45:58.0907 0x7110  BrSerWdm - ok
20:45:58.0919 0x7110  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:45:58.0922 0x7110  BrUsbMdm - ok
20:45:58.0934 0x7110  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:45:58.0936 0x7110  BrUsbSer - ok
20:45:58.0950 0x7110  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:45:58.0954 0x7110  BTHMODEM - ok
20:45:58.0989 0x7110  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
20:45:58.0994 0x7110  bthserv - ok
20:45:59.0013 0x7110  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:45:59.0016 0x7110  cdfs - ok
20:45:59.0049 0x7110  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:45:59.0053 0x7110  cdrom - ok
20:45:59.0094 0x7110  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:45:59.0097 0x7110  CertPropSvc - ok
20:45:59.0116 0x7110  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:45:59.0120 0x7110  circlass - ok
20:45:59.0138 0x7110  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
20:45:59.0144 0x7110  CLFS - ok
20:45:59.0187 0x7110  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:45:59.0191 0x7110  clr_optimization_v2.0.50727_32 - ok
20:45:59.0237 0x7110  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:45:59.0272 0x7110  clr_optimization_v4.0.30319_32 - ok
20:45:59.0299 0x7110  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:45:59.0302 0x7110  CmBatt - ok
20:45:59.0343 0x7110  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:45:59.0345 0x7110  cmdide - ok
20:45:59.0392 0x7110  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
20:45:59.0401 0x7110  CNG - ok
20:45:59.0419 0x7110  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:45:59.0421 0x7110  Compbatt - ok
20:45:59.0435 0x7110  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:45:59.0437 0x7110  CompositeBus - ok
20:45:59.0449 0x7110  COMSysApp - ok
20:45:59.0465 0x7110  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:45:59.0468 0x7110  crcdisk - ok
20:45:59.0514 0x7110  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:45:59.0518 0x7110  CryptSvc - ok
20:45:59.0565 0x7110  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:45:59.0578 0x7110  DcomLaunch - ok
20:45:59.0606 0x7110  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
20:45:59.0613 0x7110  defragsvc - ok
20:45:59.0644 0x7110  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:45:59.0647 0x7110  DfsC - ok
20:45:59.0694 0x7110  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:45:59.0701 0x7110  Dhcp - ok
20:45:59.0727 0x7110  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
20:45:59.0729 0x7110  discache - ok
20:45:59.0758 0x7110  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:45:59.0762 0x7110  Disk - ok
20:45:59.0797 0x7110  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:45:59.0802 0x7110  Dnscache - ok
20:45:59.0842 0x7110  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:45:59.0848 0x7110  dot3svc - ok
20:45:59.0866 0x7110  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
20:45:59.0871 0x7110  DPS - ok
20:45:59.0918 0x7110  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:45:59.0920 0x7110  drmkaud - ok
20:45:59.0974 0x7110  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:45:59.0991 0x7110  DXGKrnl - ok
20:46:00.0019 0x7110  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
20:46:00.0024 0x7110  EapHost - ok
20:46:00.0140 0x7110  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
20:46:00.0254 0x7110  ebdrv - ok
20:46:00.0288 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
20:46:00.0293 0x7110  EFS - ok
20:46:00.0360 0x7110  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:46:00.0373 0x7110  ehRecvr - ok
20:46:00.0401 0x7110  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
20:46:00.0405 0x7110  ehSched - ok
20:46:00.0437 0x7110  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:46:00.0449 0x7110  elxstor - ok
20:46:00.0488 0x7110  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:46:00.0490 0x7110  ErrDev - ok
20:46:00.0535 0x7110  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
20:46:00.0544 0x7110  EventSystem - ok
20:46:00.0564 0x7110  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:46:00.0570 0x7110  exfat - ok
20:46:00.0585 0x7110  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:46:00.0589 0x7110  fastfat - ok
20:46:00.0643 0x7110  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
20:46:00.0656 0x7110  Fax - ok
20:46:00.0718 0x7110  [ 7B0CC7362AAF9977E0B534F917002F2F, 7961E12739AC2A6B708CD6E3DFD444C6578A6FBA1B2366EE36D819ED94CCD168 ] FA_Scheduler    C:\Program Files\Fortinet\FortiClient\scheduler.exe
20:46:00.0726 0x7110  FA_Scheduler - ok
20:46:00.0745 0x7110  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:46:00.0748 0x7110  fdc - ok
20:46:00.0766 0x7110  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
20:46:00.0769 0x7110  fdPHost - ok
20:46:00.0792 0x7110  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:46:00.0796 0x7110  FDResPub - ok
20:46:00.0811 0x7110  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:46:00.0814 0x7110  FileInfo - ok
20:46:00.0831 0x7110  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:46:00.0834 0x7110  Filetrace - ok
20:46:00.0908 0x7110  [ 65570FE2FE17C5D3DF2132DA0FBE760B, 4AF06BE0EA231523A05727C26FC39840516526962F279C7DF892E3DDA9DB0808 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:46:00.0927 0x7110  FLEXnet Licensing Service - ok
20:46:00.0955 0x7110  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:46:00.0957 0x7110  flpydisk - ok
20:46:00.0983 0x7110  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:46:00.0988 0x7110  FltMgr - ok
20:46:01.0049 0x7110  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
20:46:01.0070 0x7110  FontCache - ok
20:46:01.0108 0x7110  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:01.0112 0x7110  FontCache3.0.0.0 - ok
20:46:01.0150 0x7110  [ 0E5F40E5C4E129B371B4268521581AB6, A4A237338ED8B8A9544C583AA40BCA42386C22F230E26689853AD25316E769D5 ] fortiapd        C:\Windows\system32\drivers\fortiapd.sys
20:46:01.0152 0x7110  fortiapd - ok
20:46:01.0161 0x7110  [ EFF623353D292D52C6C353DA24A6242D, BB19B072427F6367ECD146E14F107692F8E6482C726B23F1A21A163981EA18A9 ] Fortidrv2       C:\Windows\system32\DRIVERS\fortidrv.sys
20:46:01.0163 0x7110  Fortidrv2 - ok
20:46:01.0182 0x7110  [ F7DED75F52AE42584C1EF6587ABFF390, D29785DF415F16D74F41969B37A14B1AED3DB7472A4318AE175C60DEAA2C7490 ] Fortips         C:\Windows\system32\drivers\fortips.sys
20:46:01.0186 0x7110  Fortips - ok
20:46:01.0222 0x7110  [ FACB507D321E25EEE1EEDCC533F6939E, E9EEA987F1DB381505E0500F71A8C67BE56C8683E44D0BFEAAF2F02F32CFCEEC ] FortiRdr        C:\Windows\system32\drivers\FortiRdr2.sys
20:46:01.0225 0x7110  FortiRdr - ok
20:46:01.0238 0x7110  [ 3E334C062DF1E5B8E7F987BF674A3800, F615DDB4A1FFB21C15B61616C83EF57033E259089DC55EF0FAE2C7591661DC85 ] FortiShield     C:\Windows\system32\drivers\FortiShield.sys
20:46:01.0240 0x7110  FortiShield - ok
20:46:01.0270 0x7110  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:46:01.0273 0x7110  FsDepends - ok
20:46:01.0314 0x7110  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:46:01.0316 0x7110  Fs_Rec - ok
20:46:01.0329 0x7110  [ 6F8AC27B43ECE9504FA5D521E086A92A, C1F3F10BE0B43D03F33A16D49953F67247CC2BD3D1EAC2F209AD68FF0D7866C1 ] ft_vnic         C:\Windows\system32\DRIVERS\ftvnic.sys
20:46:01.0331 0x7110  ft_vnic - ok
20:46:01.0376 0x7110  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:46:01.0381 0x7110  fvevol - ok
20:46:01.0402 0x7110  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:46:01.0405 0x7110  gagp30kx - ok
20:46:01.0443 0x7110  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:46:01.0448 0x7110  GEARAspiWDM - ok
20:46:01.0495 0x7110  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:46:01.0510 0x7110  gpsvc - ok
20:46:01.0613 0x7110  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:01.0617 0x7110  gupdate - ok
20:46:01.0623 0x7110  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:01.0626 0x7110  gupdatem - ok
20:46:01.0643 0x7110  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:46:01.0649 0x7110  gusvc - ok
20:46:01.0665 0x7110  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:46:01.0668 0x7110  hcw85cir - ok
20:46:01.0712 0x7110  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:46:01.0716 0x7110  HDAudBus - ok
20:46:01.0732 0x7110  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:46:01.0734 0x7110  HidBatt - ok
20:46:01.0745 0x7110  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:46:01.0748 0x7110  HidBth - ok
20:46:01.0772 0x7110  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:46:01.0775 0x7110  HidIr - ok
20:46:01.0792 0x7110  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
20:46:01.0796 0x7110  hidserv - ok
20:46:01.0838 0x7110  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:46:01.0840 0x7110  HidUsb - ok
20:46:01.0865 0x7110  [ F2AC470AF3721A13E1472C104E067E4E, F0DBAB3550868E60DAF4BFF32762292548BA9025ED7D30438FF97F5877885B7A ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
20:46:01.0869 0x7110  HitmanProScheduler - ok
20:46:01.0905 0x7110  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:46:01.0911 0x7110  hkmsvc - ok
20:46:01.0954 0x7110  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:46:01.0962 0x7110  HomeGroupListener - ok
20:46:02.0008 0x7110  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:46:02.0016 0x7110  HomeGroupProvider - ok
20:46:02.0057 0x7110  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:46:02.0060 0x7110  HpSAMD - ok
20:46:02.0104 0x7110  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:46:02.0116 0x7110  HTTP - ok
20:46:02.0151 0x7110  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:46:02.0153 0x7110  hwpolicy - ok
20:46:02.0201 0x7110  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:46:02.0205 0x7110  i8042prt - ok
20:46:02.0235 0x7110  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:46:02.0243 0x7110  iaStorV - ok
20:46:02.0306 0x7110  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:02.0326 0x7110  idsvc - ok
20:46:02.0355 0x7110  IEEtwCollectorService - ok
20:46:02.0643 0x7110  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:46:02.0883 0x7110  igfx - ok
20:46:02.0934 0x7110  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:46:02.0937 0x7110  iirsp - ok
20:46:02.0991 0x7110  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:46:03.0010 0x7110  IKEEXT - ok
20:46:03.0104 0x7110  [ 94B1FF5D243D34B31380A2F79FC48959, 6D527F4779F9FC6855A65E21AC9B515E3B9CE69ACDF421C9ECECFDD9FB711432 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:46:03.0186 0x7110  IntcAzAudAddService - ok
20:46:03.0224 0x7110  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:46:03.0227 0x7110  intelide - ok
20:46:03.0244 0x7110  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:46:03.0247 0x7110  intelppm - ok
20:46:03.0269 0x7110  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:46:03.0275 0x7110  IPBusEnum - ok
20:46:03.0290 0x7110  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:46:03.0293 0x7110  IpFilterDriver - ok
20:46:03.0347 0x7110  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:46:03.0361 0x7110  iphlpsvc - ok
20:46:03.0401 0x7110  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:46:03.0404 0x7110  IPMIDRV - ok
20:46:03.0417 0x7110  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:46:03.0421 0x7110  IPNAT - ok
20:46:03.0479 0x7110  [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:46:03.0495 0x7110  iPod Service - ok
20:46:03.0514 0x7110  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:46:03.0516 0x7110  IRENUM - ok
20:46:03.0528 0x7110  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:46:03.0532 0x7110  isapnp - ok
20:46:03.0572 0x7110  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:46:03.0578 0x7110  iScsiPrt - ok
20:46:03.0607 0x7110  [ 7EA81534E80570BDF6EE4A4248BBA4D6, 528ABF349BD9D54DFA8D6AC88B2CED0C80D70EEB8D445C223DD48CAEAF41FD3A ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
20:46:03.0613 0x7110  k57nd60x - ok
20:46:03.0634 0x7110  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:46:03.0637 0x7110  kbdclass - ok
20:46:03.0649 0x7110  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:46:03.0653 0x7110  kbdhid - ok
20:46:03.0667 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
20:46:03.0672 0x7110  KeyIso - ok
20:46:03.0714 0x7110  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:46:03.0717 0x7110  KSecDD - ok
20:46:03.0730 0x7110  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:46:03.0734 0x7110  KSecPkg - ok
20:46:03.0762 0x7110  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:46:03.0773 0x7110  KtmRm - ok
20:46:03.0809 0x7110  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:46:03.0817 0x7110  LanmanServer - ok
20:46:03.0851 0x7110  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:46:03.0859 0x7110  LanmanWorkstation - ok
20:46:03.0891 0x7110  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:46:03.0894 0x7110  lltdio - ok
20:46:03.0911 0x7110  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:46:03.0919 0x7110  lltdsvc - ok
20:46:03.0930 0x7110  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:46:03.0934 0x7110  lmhosts - ok
20:46:04.0030 0x7110  [ 2DBE437F190686B191A44E9688EA1AD5, 7E9545F21C334C035465EC81DCFE18D56B227692A24E5D2D6858CD98291EAF1A ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
20:46:04.0039 0x7110  LMIGuardianSvc - ok
20:46:04.0059 0x7110  [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049, CFB86B860FF4F856DA75EB132E06B77C71DC5D994799C08EDC01F2CA8B47AB44 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
20:46:04.0062 0x7110  LMIInfo - ok
20:46:04.0085 0x7110  [ F1BF7AB2B04B3AA0E50BBF23B17EC8D2, 2275FDF3593564BDDDFDE20E2E5CC299C8C9E55F3847D2AF030EC17777DCFFA5 ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
20:46:04.0091 0x7110  LMIMaint - ok
20:46:04.0137 0x7110  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
20:46:04.0139 0x7110  lmimirr - ok
20:46:04.0145 0x7110  LMIRfsClientNP - ok
20:46:04.0155 0x7110  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
20:46:04.0158 0x7110  LMIRfsDriver - ok
20:46:04.0204 0x7110  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
20:46:04.0214 0x7110  LogMeIn - ok
20:46:04.0242 0x7110  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:46:04.0246 0x7110  LSI_FC - ok
20:46:04.0273 0x7110  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:46:04.0277 0x7110  LSI_SAS - ok
20:46:04.0287 0x7110  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:46:04.0291 0x7110  LSI_SAS2 - ok
20:46:04.0308 0x7110  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:46:04.0313 0x7110  LSI_SCSI - ok
20:46:04.0329 0x7110  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:46:04.0332 0x7110  luafv - ok
20:46:04.0388 0x7110  [ EE7444334BCE24AC3464D538F1F78633, 1C57E08D777DB25AB306D5D0D3D7D5F07E8DAA6889309EE3D1DE461DBBC1CB33 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:46:04.0390 0x7110  MBAMProtector - ok
20:46:04.0504 0x7110  [ 27AE89868F121E1410576208E701FF3F, 2B1DB57C132AAAE6E7B72D4A00D28F7F4DF2F6356090F5A33DFB43A43A344F50 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
20:46:04.0555 0x7110  MBAMScheduler - ok
20:46:04.0597 0x7110  [ ECFB4F401FF8EEFC4FD0142A71F2449D, AE975B07FE69C7F598D4EFE4C575DEC6277D47D17001EDCF7D2216F559C78454 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
20:46:04.0616 0x7110  MBAMService - ok
20:46:04.0683 0x7110  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:46:04.0693 0x7110  MBAMSwissArmy - ok
20:46:04.0729 0x7110  [ E339A41466B6F2860D90D437FCC443C3, 45DC49A4BACEDD3D8A5288BE9255628F73CBD0A8D3B63CD8B9C548BF3972A460 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:46:04.0732 0x7110  MBAMWebAccessControl - ok
20:46:04.0768 0x7110  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:46:04.0774 0x7110  Mcx2Svc - ok
20:46:04.0796 0x7110  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:46:04.0799 0x7110  megasas - ok
20:46:04.0823 0x7110  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:46:04.0830 0x7110  MegaSR - ok
20:46:04.0852 0x7110  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
20:46:04.0858 0x7110  MMCSS - ok
20:46:04.0868 0x7110  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
20:46:04.0870 0x7110  Modem - ok
20:46:04.0912 0x7110  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:46:04.0915 0x7110  monitor - ok
20:46:04.0954 0x7110  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:46:04.0957 0x7110  mouclass - ok
20:46:04.0967 0x7110  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:46:04.0969 0x7110  mouhid - ok
20:46:05.0004 0x7110  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:46:05.0010 0x7110  mountmgr - ok
20:46:05.0056 0x7110  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:46:05.0061 0x7110  MozillaMaintenance - ok
20:46:05.0093 0x7110  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:46:05.0098 0x7110  mpio - ok
20:46:05.0117 0x7110  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:46:05.0120 0x7110  mpsdrv - ok
20:46:05.0173 0x7110  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:46:05.0195 0x7110  MpsSvc - ok
20:46:05.0233 0x7110  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:46:05.0237 0x7110  MRxDAV - ok
20:46:05.0276 0x7110  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:46:05.0280 0x7110  mrxsmb - ok
20:46:05.0318 0x7110  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:46:05.0324 0x7110  mrxsmb10 - ok
20:46:05.0341 0x7110  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:46:05.0345 0x7110  mrxsmb20 - ok
20:46:05.0382 0x7110  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:46:05.0384 0x7110  msahci - ok
20:46:05.0401 0x7110  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:46:05.0406 0x7110  msdsm - ok
20:46:05.0428 0x7110  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
20:46:05.0435 0x7110  MSDTC - ok
20:46:05.0483 0x7110  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:46:05.0485 0x7110  Msfs - ok
20:46:05.0503 0x7110  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:46:05.0504 0x7110  mshidkmdf - ok
20:46:05.0540 0x7110  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:46:05.0543 0x7110  msisadrv - ok
20:46:05.0574 0x7110  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:46:05.0580 0x7110  MSiSCSI - ok
20:46:05.0585 0x7110  msiserver - ok
20:46:05.0601 0x7110  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:46:05.0603 0x7110  MSKSSRV - ok
20:46:05.0614 0x7110  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:46:05.0616 0x7110  MSPCLOCK - ok
20:46:05.0627 0x7110  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:46:05.0629 0x7110  MSPQM - ok
20:46:05.0648 0x7110  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:46:05.0653 0x7110  MsRPC - ok
20:46:05.0697 0x7110  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:46:05.0700 0x7110  mssmbios - ok
20:46:05.0706 0x7110  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:46:05.0708 0x7110  MSTEE - ok
20:46:05.0717 0x7110  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:46:05.0720 0x7110  MTConfig - ok
20:46:05.0740 0x7110  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:46:05.0743 0x7110  Mup - ok
20:46:05.0789 0x7110  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
20:46:05.0799 0x7110  napagent - ok
20:46:05.0824 0x7110  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:46:05.0832 0x7110  NativeWifiP - ok
20:46:05.0889 0x7110  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:46:05.0909 0x7110  NDIS - ok
20:46:05.0949 0x7110  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:46:05.0952 0x7110  NdisCap - ok
20:46:05.0977 0x7110  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:46:05.0980 0x7110  NdisTapi - ok
20:46:06.0019 0x7110  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:46:06.0022 0x7110  Ndisuio - ok
20:46:06.0064 0x7110  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:46:06.0068 0x7110  NdisWan - ok
20:46:06.0128 0x7110  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:46:06.0131 0x7110  NDProxy - ok
20:46:06.0148 0x7110  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:46:06.0152 0x7110  NetBIOS - ok
20:46:06.0187 0x7110  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:46:06.0196 0x7110  NetBT - ok
20:46:06.0207 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
20:46:06.0212 0x7110  Netlogon - ok
20:46:06.0245 0x7110  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
20:46:06.0255 0x7110  Netman - ok
20:46:06.0305 0x7110  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:06.0311 0x7110  NetMsmqActivator - ok
20:46:06.0334 0x7110  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:06.0338 0x7110  NetPipeActivator - ok
20:46:06.0391 0x7110  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
20:46:06.0403 0x7110  netprofm - ok
20:46:06.0452 0x7110  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:06.0457 0x7110  NetTcpActivator - ok
20:46:06.0470 0x7110  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:06.0473 0x7110  NetTcpPortSharing - ok
20:46:06.0501 0x7110  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:46:06.0503 0x7110  nfrd960 - ok
20:46:06.0561 0x7110  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:46:06.0573 0x7110  NlaSvc - ok
20:46:06.0607 0x7110  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:46:06.0641 0x7110  Npfs - ok
20:46:06.0667 0x7110  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
20:46:06.0674 0x7110  nsi - ok
20:46:06.0716 0x7110  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:46:06.0718 0x7110  nsiproxy - ok
20:46:06.0809 0x7110  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:46:06.0851 0x7110  Ntfs - ok
20:46:06.0872 0x7110  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
20:46:06.0874 0x7110  Null - ok
20:46:06.0908 0x7110  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:46:06.0913 0x7110  nvraid - ok
20:46:06.0932 0x7110  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:46:06.0936 0x7110  nvstor - ok
20:46:06.0949 0x7110  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:46:06.0953 0x7110  nv_agp - ok
20:46:06.0995 0x7110  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:46:06.0999 0x7110  ohci1394 - ok
20:46:07.0049 0x7110  [ EC60B429624E6643420C3A22EAC1DB14, EE5BCCEACDF20E2DAE07B336AB8ABA74BDB3EC94FF4753EEE578710EB98C0E06 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
20:46:07.0051 0x7110  OpenVPNService - ok
20:46:07.0119 0x7110  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:07.0124 0x7110  ose - ok
20:46:07.0311 0x7110  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:46:07.0530 0x7110  osppsvc - ok
20:46:07.0612 0x7110  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:46:07.0623 0x7110  p2pimsvc - ok
20:46:07.0665 0x7110  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:46:07.0676 0x7110  p2psvc - ok
20:46:07.0703 0x7110  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:46:07.0706 0x7110  Parport - ok
20:46:07.0743 0x7110  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:46:07.0746 0x7110  partmgr - ok
20:46:07.0756 0x7110  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:46:07.0758 0x7110  Parvdm - ok
20:46:07.0779 0x7110  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:46:07.0787 0x7110  PcaSvc - ok
20:46:07.0829 0x7110  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
20:46:07.0834 0x7110  pci - ok
20:46:07.0872 0x7110  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:46:07.0874 0x7110  pciide - ok
20:46:07.0892 0x7110  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:46:07.0897 0x7110  pcmcia - ok
20:46:07.0915 0x7110  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:46:07.0918 0x7110  pcw - ok
20:46:07.0945 0x7110  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:46:07.0960 0x7110  PEAUTH - ok
20:46:08.0063 0x7110  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
20:46:08.0113 0x7110  pla - ok
20:46:08.0171 0x7110  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:46:08.0182 0x7110  PlugPlay - ok
20:46:08.0208 0x7110  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:46:08.0213 0x7110  PNRPAutoReg - ok
20:46:08.0236 0x7110  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:46:08.0245 0x7110  PNRPsvc - ok
20:46:08.0279 0x7110  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:46:08.0290 0x7110  PolicyAgent - ok
20:46:08.0334 0x7110  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
20:46:08.0343 0x7110  Power - ok
20:46:08.0367 0x7110  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:46:08.0374 0x7110  PptpMiniport - ok
20:46:08.0395 0x7110  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:46:08.0400 0x7110  Processor - ok
20:46:08.0447 0x7110  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:46:08.0456 0x7110  ProfSvc - ok
20:46:08.0471 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:46:08.0476 0x7110  ProtectedStorage - ok
20:46:08.0496 0x7110  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:46:08.0500 0x7110  Psched - ok
20:46:08.0560 0x7110  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:46:08.0605 0x7110  ql2300 - ok
20:46:08.0670 0x7110  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:46:08.0675 0x7110  ql40xx - ok
20:46:08.0705 0x7110  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
20:46:08.0714 0x7110  QWAVE - ok
20:46:08.0731 0x7110  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:46:08.0734 0x7110  QWAVEdrv - ok
20:46:08.0764 0x7110  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:46:08.0766 0x7110  RasAcd - ok
20:46:08.0813 0x7110  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:46:08.0819 0x7110  RasAgileVpn - ok
20:46:08.0845 0x7110  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:46:08.0853 0x7110  RasAuto - ok
20:46:08.0871 0x7110  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:46:08.0876 0x7110  Rasl2tp - ok
20:46:08.0920 0x7110  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
20:46:08.0930 0x7110  RasMan - ok
20:46:08.0951 0x7110  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:46:08.0955 0x7110  RasPppoe - ok
20:46:08.0975 0x7110  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:46:08.0979 0x7110  RasSstp - ok
20:46:09.0025 0x7110  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:46:09.0033 0x7110  rdbss - ok
20:46:09.0055 0x7110  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:46:09.0058 0x7110  rdpbus - ok
20:46:09.0098 0x7110  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:46:09.0101 0x7110  RDPCDD - ok
20:46:09.0130 0x7110  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:46:09.0132 0x7110  RDPENCDD - ok
20:46:09.0151 0x7110  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:46:09.0153 0x7110  RDPREFMP - ok
20:46:09.0192 0x7110  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:46:09.0197 0x7110  RDPWD - ok
20:46:09.0240 0x7110  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:46:09.0247 0x7110  rdyboost - ok
20:46:09.0272 0x7110  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:46:09.0279 0x7110  RemoteAccess - ok
20:46:09.0306 0x7110  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:46:09.0314 0x7110  RemoteRegistry - ok
20:46:09.0342 0x7110  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:46:09.0348 0x7110  RpcEptMapper - ok
20:46:09.0379 0x7110  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
20:46:09.0389 0x7110  RpcLocator - ok
20:46:09.0419 0x7110  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
20:46:09.0436 0x7110  RpcSs - ok
20:46:09.0470 0x7110  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:46:09.0474 0x7110  rspndr - ok
20:46:09.0496 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
20:46:09.0502 0x7110  SamSs - ok
20:46:09.0560 0x7110  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:46:09.0565 0x7110  sbp2port - ok
20:46:09.0611 0x7110  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:46:09.0619 0x7110  SCardSvr - ok
20:46:09.0654 0x7110  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:46:09.0657 0x7110  scfilter - ok
20:46:09.0722 0x7110  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
20:46:09.0742 0x7110  Schedule - ok
20:46:09.0773 0x7110  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:46:09.0776 0x7110  SCPolicySvc - ok
20:46:09.0809 0x7110  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:46:09.0816 0x7110  SDRSVC - ok
20:46:09.0891 0x7110  [ 16A252022535B680046F6E34E136D378, 31BCDAA742FDEC9E062C61E78D9E72A7ACBF77D5FEEE76933D0D378787F88E53 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:46:09.0917 0x7110  SeaPort - ok
20:46:09.0967 0x7110  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:46:09.0980 0x7110  secdrv - ok
20:46:10.0027 0x7110  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
20:46:10.0036 0x7110  seclogon - ok
20:46:10.0076 0x7110  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
20:46:10.0088 0x7110  SENS - ok
20:46:10.0121 0x7110  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:46:10.0129 0x7110  SensrSvc - ok
20:46:10.0157 0x7110  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:46:10.0161 0x7110  Serenum - ok
20:46:10.0181 0x7110  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:46:10.0187 0x7110  Serial - ok
20:46:10.0206 0x7110  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:46:10.0209 0x7110  sermouse - ok
20:46:10.0291 0x7110  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:46:10.0300 0x7110  SessionEnv - ok
20:46:10.0337 0x7110  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:46:10.0340 0x7110  sffdisk - ok
20:46:10.0388 0x7110  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:46:10.0396 0x7110  sffp_mmc - ok
20:46:10.0445 0x7110  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:46:10.0447 0x7110  sffp_sd - ok
20:46:10.0458 0x7110  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:46:10.0468 0x7110  sfloppy - ok
20:46:10.0513 0x7110  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:46:10.0523 0x7110  SharedAccess - ok
20:46:10.0578 0x7110  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:46:10.0592 0x7110  ShellHWDetection - ok
20:46:10.0605 0x7110  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:46:10.0611 0x7110  sisagp - ok
20:46:10.0631 0x7110  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:46:10.0637 0x7110  SiSRaid2 - ok
20:46:10.0656 0x7110  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:46:10.0665 0x7110  SiSRaid4 - ok
20:46:10.0707 0x7110  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:46:10.0711 0x7110  Smb - ok
20:46:10.0741 0x7110  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:46:10.0748 0x7110  SNMPTRAP - ok
20:46:10.0769 0x7110  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:46:10.0771 0x7110  spldr - ok
20:46:10.0818 0x7110  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
20:46:10.0834 0x7110  Spooler - ok
20:46:10.0996 0x7110  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
20:46:11.0130 0x7110  sppsvc - ok
20:46:11.0179 0x7110  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:46:11.0186 0x7110  sppuinotify - ok
20:46:11.0230 0x7110  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:46:11.0238 0x7110  srv - ok
20:46:11.0282 0x7110  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:46:11.0291 0x7110  srv2 - ok
20:46:11.0311 0x7110  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:46:11.0315 0x7110  srvnet - ok
20:46:11.0342 0x7110  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:46:11.0350 0x7110  SSDPSRV - ok
20:46:11.0369 0x7110  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:46:11.0377 0x7110  SstpSvc - ok
20:46:11.0403 0x7110  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:46:11.0405 0x7110  stexstor - ok
20:46:11.0447 0x7110  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:46:11.0463 0x7110  StiSvc - ok
20:46:11.0497 0x7110  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:46:11.0500 0x7110  swenum - ok
20:46:11.0533 0x7110  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
20:46:11.0554 0x7110  swprv - ok
20:46:11.0662 0x7110  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
20:46:11.0733 0x7110  SysMain - ok
20:46:11.0756 0x7110  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:46:11.0764 0x7110  TabletInputService - ok
20:46:11.0808 0x7110  [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
20:46:11.0815 0x7110  tap0901 - ok
20:46:11.0868 0x7110  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:46:11.0878 0x7110  TapiSrv - ok
20:46:11.0897 0x7110  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
20:46:11.0904 0x7110  TBS - ok
20:46:11.0987 0x7110  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:46:12.0033 0x7110  Tcpip - ok
20:46:12.0327 0x7110  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:46:12.0371 0x7110  TCPIP6 - ok
20:46:12.0462 0x7110  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:46:12.0465 0x7110  tcpipreg - ok
20:46:12.0500 0x7110  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:46:12.0503 0x7110  TDPIPE - ok
20:46:12.0550 0x7110  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:46:12.0555 0x7110  TDTCP - ok
20:46:12.0596 0x7110  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:46:12.0601 0x7110  tdx - ok
20:46:12.0644 0x7110  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:46:12.0647 0x7110  TermDD - ok
20:46:12.0721 0x7110  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
20:46:12.0765 0x7110  TermService - ok
20:46:12.0817 0x7110  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
20:46:12.0893 0x7110  Themes - ok
20:46:12.0909 0x7110  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:46:12.0915 0x7110  THREADORDER - ok
20:46:13.0018 0x7110  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
20:46:13.0025 0x7110  TrkWks - ok
20:46:13.0088 0x7110  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:46:13.0093 0x7110  TrustedInstaller - ok
20:46:13.0138 0x7110  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:46:13.0141 0x7110  tssecsrv - ok
20:46:13.0190 0x7110  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:46:13.0195 0x7110  TsUsbFlt - ok
20:46:13.0259 0x7110  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:46:13.0263 0x7110  tunnel - ok
20:46:13.0290 0x7110  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:46:13.0293 0x7110  uagp35 - ok
20:46:13.0324 0x7110  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:46:13.0331 0x7110  udfs - ok
20:46:13.0372 0x7110  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:46:13.0382 0x7110  UI0Detect - ok
20:46:13.0416 0x7110  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:46:13.0420 0x7110  uliagpkx - ok
20:46:13.0436 0x7110  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
20:46:13.0440 0x7110  umbus - ok
20:46:13.0473 0x7110  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:46:13.0475 0x7110  UmPass - ok
20:46:13.0496 0x7110  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
20:46:13.0509 0x7110  upnphost - ok
20:46:13.0563 0x7110  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:46:13.0566 0x7110  USBAAPL - ok
20:46:13.0624 0x7110  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:46:13.0628 0x7110  usbaudio - ok
20:46:13.0660 0x7110  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:46:13.0663 0x7110  usbccgp - ok
20:46:13.0697 0x7110  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:46:13.0701 0x7110  usbcir - ok
20:46:13.0737 0x7110  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:46:13.0740 0x7110  usbehci - ok
20:46:13.0787 0x7110  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:46:13.0793 0x7110  usbhub - ok
20:46:13.0802 0x7110  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:46:13.0805 0x7110  usbohci - ok
20:46:13.0827 0x7110  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:46:13.0829 0x7110  usbprint - ok
20:46:13.0844 0x7110  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:46:13.0857 0x7110  USBSTOR - ok
20:46:13.0869 0x7110  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:46:13.0871 0x7110  usbuhci - ok
20:46:13.0961 0x7110  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:46:13.0967 0x7110  usbvideo - ok
20:46:13.0990 0x7110  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
20:46:13.0996 0x7110  UxSms - ok
20:46:14.0007 0x7110  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
20:46:14.0011 0x7110  VaultSvc - ok
20:46:14.0036 0x7110  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:46:14.0039 0x7110  vdrvroot - ok
20:46:14.0092 0x7110  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
20:46:14.0110 0x7110  vds - ok
20:46:14.0130 0x7110  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:46:14.0134 0x7110  vga - ok
20:46:14.0151 0x7110  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:46:14.0154 0x7110  VgaSave - ok
20:46:14.0239 0x7110  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:46:14.0244 0x7110  vhdmp - ok
20:46:14.0272 0x7110  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:46:14.0276 0x7110  viaagp - ok
20:46:14.0295 0x7110  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
20:46:14.0298 0x7110  ViaC7 - ok
20:46:14.0337 0x7110  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:46:14.0340 0x7110  viaide - ok
20:46:14.0358 0x7110  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:46:14.0362 0x7110  volmgr - ok
20:46:14.0382 0x7110  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:46:14.0391 0x7110  volmgrx - ok
20:46:14.0411 0x7110  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:46:14.0418 0x7110  volsnap - ok
20:46:14.0432 0x7110  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:46:14.0437 0x7110  vsmraid - ok
20:46:14.0496 0x7110  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
20:46:14.0529 0x7110  VSS - ok
20:46:14.0561 0x7110  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:46:14.0565 0x7110  vwifibus - ok
20:46:14.0609 0x7110  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
20:46:14.0624 0x7110  W32Time - ok
20:46:14.0646 0x7110  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:46:14.0650 0x7110  WacomPen - ok
20:46:14.0684 0x7110  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:46:14.0691 0x7110  WANARP - ok
20:46:14.0735 0x7110  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:46:14.0738 0x7110  Wanarpv6 - ok
20:46:14.0825 0x7110  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:46:14.0866 0x7110  WatAdminSvc - ok
20:46:14.0945 0x7110  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
20:46:14.0997 0x7110  wbengine - ok
20:46:15.0019 0x7110  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:46:15.0029 0x7110  WbioSrvc - ok
20:46:15.0089 0x7110  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:46:15.0099 0x7110  wcncsvc - ok
20:46:15.0121 0x7110  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:46:15.0128 0x7110  WcsPlugInService - ok
20:46:15.0152 0x7110  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:46:15.0155 0x7110  Wd - ok
20:46:15.0191 0x7110  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
20:46:15.0194 0x7110  WDC_SAM - ok
20:46:15.0249 0x7110  [ 7D1E301E2EEAF6D3730887DE933413E6, 5F16138B8860FD6BCA68F885B738161FFE8463DE261B1FBB825595A3D54915EC ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
20:46:15.0253 0x7110  WDDMService - ok
20:46:15.0301 0x7110  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:46:15.0316 0x7110  Wdf01000 - ok
20:46:15.0329 0x7110  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:46:15.0337 0x7110  WdiServiceHost - ok
20:46:15.0343 0x7110  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:46:15.0350 0x7110  WdiSystemHost - ok
20:46:15.0373 0x7110  [ 138AB06ADBBF300AA804D7974A5AEC82, 61A99CB8176C291E858F9D964A9B2EC36970F3BFFF3D5F933A16E9B28BF922DD ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
20:46:15.0377 0x7110  WDSmartWareBackgroundService - ok
20:46:15.0411 0x7110  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
20:46:15.0421 0x7110  WebClient - ok
20:46:15.0440 0x7110  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:46:15.0448 0x7110  Wecsvc - ok
20:46:15.0469 0x7110  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:46:15.0479 0x7110  wercplsupport - ok
20:46:15.0496 0x7110  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
20:46:15.0504 0x7110  WerSvc - ok
20:46:15.0551 0x7110  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:46:15.0554 0x7110  WfpLwf - ok
20:46:15.0577 0x7110  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:46:15.0580 0x7110  WIMMount - ok
20:46:15.0635 0x7110  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:46:15.0651 0x7110  WinDefend - ok
20:46:15.0675 0x7110  WinHttpAutoProxySvc - ok
20:46:15.0727 0x7110  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:46:15.0732 0x7110  Winmgmt - ok
20:46:15.0801 0x7110  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
20:46:15.0902 0x7110  WinRM - ok
20:46:15.0980 0x7110  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:46:15.0983 0x7110  WinUsb - ok
20:46:16.0041 0x7110  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:46:16.0113 0x7110  Wlansvc - ok
20:46:16.0208 0x7110  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:46:16.0316 0x7110  wlidsvc - ok
20:46:16.0479 0x7110  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:46:16.0495 0x7110  WmiAcpi - ok
20:46:16.0564 0x7110  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:46:16.0568 0x7110  wmiApSrv - ok
20:46:16.0736 0x7110  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:46:16.0832 0x7110  WMPNetworkSvc - ok
20:46:16.0910 0x7110  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:46:16.0918 0x7110  WPCSvc - ok
20:46:16.0980 0x7110  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:46:16.0988 0x7110  WPDBusEnum - ok
20:46:17.0011 0x7110  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:46:17.0013 0x7110  ws2ifsl - ok
20:46:17.0027 0x7110  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:46:17.0035 0x7110  wscsvc - ok
20:46:17.0052 0x7110  WSearch - ok
20:46:17.0232 0x7110  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
20:46:17.0347 0x7110  wuauserv - ok
20:46:17.0445 0x7110  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:46:17.0461 0x7110  WudfPf - ok
20:46:17.0503 0x7110  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:46:17.0509 0x7110  WUDFRd - ok
20:46:17.0568 0x7110  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:46:17.0577 0x7110  wudfsvc - ok
20:46:17.0653 0x7110  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:46:17.0663 0x7110  WwanSvc - ok
20:46:17.0771 0x7110  ================ Scan global ===============================
20:46:17.0808 0x7110  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
20:46:17.0841 0x7110  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
20:46:17.0859 0x7110  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
20:46:17.0899 0x7110  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:46:17.0927 0x7110  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
20:46:17.0962 0x7110  [ Global ] - ok
20:46:17.0968 0x7110  ================ Scan MBR ==================================
20:46:17.0984 0x7110  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
20:46:18.0244 0x7110  \Device\Harddisk0\DR0 - ok
20:46:18.0252 0x7110  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:46:18.0265 0x7110  \Device\Harddisk1\DR1 - ok
20:46:18.0269 0x7110  ================ Scan VBR ==================================
20:46:18.0271 0x7110  [ CFC9CFBE7AFF9C375D0DBF0B2C7F85D3 ] \Device\Harddisk0\DR0\Partition1
20:46:18.0274 0x7110  \Device\Harddisk0\DR0\Partition1 - ok
20:46:18.0282 0x7110  [ 06EFE51F1B54731AB5F2D46D97074FC6 ] \Device\Harddisk0\DR0\Partition2
20:46:18.0283 0x7110  \Device\Harddisk0\DR0\Partition2 - ok
20:46:18.0296 0x7110  [ 679468958EAF69D7BAF921957BB6C2FA ] \Device\Harddisk1\DR1\Partition1
20:46:18.0372 0x7110  \Device\Harddisk1\DR1\Partition1 - ok
20:46:18.0374 0x7110  ================ Scan generic autorun ======================
20:46:18.0847 0x7110  [ 0EE886B38B4A4BC23338887005AB8F29, 46B135C0DA80CB9E1EA39C3F9AD4D24BB4BCE0FC6BADFDEBAF4C7ACC3B2F6FEB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:46:19.0074 0x7110  RtHDVCpl - ok
20:46:19.0135 0x7110  [ 234051C0D242A6F4A79AE5212C1323D4, CA40BDB2AC40D1685310B4D56E97C91B72626D5C2CC3A986139CB37BA1071E7E ] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
20:46:19.0138 0x7110  LogMeIn GUI - ok
20:46:19.0169 0x7110  [ 2C1B1E9174D94E9F6EE3CF373ABAB7DD, 729D283DF70F727824EBCA223D5E5B27D16E3E2B5312B1B34CAE1E763192D7B5 ] C:\Windows\system32\igfxtray.exe
20:46:19.0175 0x7110  IgfxTray - ok
20:46:19.0201 0x7110  [ 87D78CF6365BDDACBE9D34B60FE0E23B, 4561DE7171FD9035FEDF7EEA059859732996A5E72364D0D9F230563A1A6AE3D4 ] C:\Windows\system32\hkcmd.exe
20:46:19.0207 0x7110  HotKeysCmds - ok
20:46:19.0224 0x7110  [ 89D3DE5E2C77DCD99C56F0E46310AEA0, 02E1B2353E5D5F65D7968698AFE079A4DF11C230F6213C07D128F47147BACA29 ] C:\Windows\system32\igfxpers.exe
20:46:19.0231 0x7110  Persistence - ok
20:46:19.0310 0x7110  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:46:19.0332 0x7110  Adobe ARM - ok
20:46:19.0379 0x7110  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
20:46:19.0385 0x7110  SunJavaUpdateSched - ok
20:46:19.0452 0x7110  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files\QuickTime\QTTask.exe
20:46:19.0461 0x7110  QuickTime Task - ok
20:46:19.0539 0x7110  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:46:19.0544 0x7110  APSDaemon - ok
20:46:19.0585 0x7110  [ D2E3E6D94A9E1CFA1561D9C748136FD0, C8CD851F1872086D18A329B47C7DEFAD2CE2E3A8F4321411247D06D07B2DB1D3 ] C:\Program Files\iTunes\iTunesHelper.exe
20:46:19.0589 0x7110  iTunesHelper - ok
20:46:19.0764 0x7110  [ 0DA52198B5B578AAB33C1FAAA87CD866, 914E31E3C02812ED8C9154E1D0460DB537D5E1D2AE5683F8F603CA1202E48157 ] C:\Program Files\yyfm0529\201407122358\yymusic05.exe
20:46:19.0849 0x7110  yyfm0529_201407122358 - ok
20:46:19.0945 0x7110  [ 7167D29C23239AAB53F6AA0F7CB82EB1, F9998B23ED169C1B8EF718E3F44D4E64AE950A29B31E57E8238A3E263C99E875 ] C:\Program Files\yyfm0529\201407122358\YFMSever.exe
20:46:19.0967 0x7110  yyfm0529_News_201407122358 - ok
20:46:20.0217 0x7110  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:46:20.0333 0x7110  AvastUI.exe - ok
20:46:20.0431 0x7110  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:46:20.0513 0x7110  Sidebar - ok
20:46:20.0547 0x7110  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:46:20.0553 0x7110  mctadmin - ok
20:46:20.0652 0x7110  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:46:20.0676 0x7110  Sidebar - ok
20:46:20.0701 0x7110  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:46:20.0723 0x7110  mctadmin - ok
20:46:20.0832 0x7110  [ CAB62D6FE89FA137B233CA1EA5DDE791, 80A5854D8DF86A9426FF2324128EF03862F1659D8CE7DC003581167CA933D5F3 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
20:46:20.0853 0x7110  Autodesk Sync - ok
20:46:20.0900 0x7110  riliquicken - ok
20:46:20.0901 0x7110  Funshion - ok
20:46:20.0906 0x7110  Waiting for KSN requests completion. In queue: 57
20:46:21.0907 0x7110  Waiting for KSN requests completion. In queue: 57
20:46:22.0907 0x7110  Waiting for KSN requests completion. In queue: 57
20:46:23.0907 0x7110  Waiting for KSN requests completion. In queue: 57
20:46:25.0321 0x7110  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
20:46:25.0372 0x7110  Win FW state via NFP2: enabled
20:46:28.0134 0x7110  ============================================================
20:46:28.0134 0x7110  Scan finished
20:46:28.0134 0x7110  ============================================================
20:46:28.0165 0x7108  Detected object count: 0
20:46:28.0165 0x7108  Actual detected object count: 0


Edited by lbai0002, 12 September 2014 - 07:52 PM.


#4 lbai0002

lbai0002
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 13 September 2014 - 12:47 PM

I ran ESET OnlineScan, but my dad accidentally closed the scanner before I could save the log.  However, he did say that a few threats were deleted, and the pop-ups seem to be gone.  But her browser's homepage does still keep changing to a Chinese language website, hao123.com.

 

Edit: Never mind, the pop-ups aren't completely gone yet.


Edited by lbai0002, 13 September 2014 - 09:43 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 15 September 2014 - 12:41 PM

What is your browser?

Uninstall these in Control Panel
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java™ 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)

Uniblue RegistryBooster (HKLM\...\Uniblue RegistryBooster) (Version: 4.7.7.19 - Uniblue Systems Ltd)

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users