Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After Methods and Methods, W7 still freeze


  • This topic is locked This topic is locked
2 replies to this topic

#1 ofwgkta

ofwgkta

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kuala Lumpur, Malaysia
  • Local time:07:23 AM

Posted 19 September 2014 - 02:59 PM

Hello, I had this problem where my laptop freeze after 10 mins of logging in. I tried TDSSKiller followed by rkill, then mbam. But mbam has stopped working. I tried using hitmanpro but it stuck halfway, same goes to eek. But when I ran through Superantispyware, it has detected a worm.syshost and a trojan.agent/gen.kryptik. Which has been cleared. But nevertheless, the laptop still freeze.So I ran Combofix which took about 1 hour but the problem still arise. So I ran HijackThis and I'm lost -.-'.

 

I'm using a Lenovo Y500 I7-3630QM 8GB RAM 64bit Windows 7 Ultimate Service Pack 1 (Build 7601)

 

Here's few logs I have done so far. Please help me

 

12:38:25.0183 0x0204  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:38:28.0943 0x0204  ============================================================
12:38:28.0943 0x0204  Current date / time: 2014/09/19 12:38:28.0943
12:38:28.0943 0x0204  SystemInfo:
12:38:28.0943 0x0204  
12:38:28.0943 0x0204  OS Version: 6.1.7601 ServicePack: 1.0
12:38:28.0943 0x0204  Product type: Workstation
12:38:28.0943 0x0204  ComputerName: USER-PC
12:38:28.0943 0x0204  UserName: user
12:38:28.0943 0x0204  Windows directory: C:\Windows
12:38:28.0943 0x0204  System windows directory: C:\Windows
12:38:28.0943 0x0204  Running under WOW64
12:38:28.0943 0x0204  Processor architecture: Intel x64
12:38:28.0943 0x0204  Number of processors: 8
12:38:28.0943 0x0204  Page size: 0x1000
12:38:28.0943 0x0204  Boot type: Safe boot with network
12:38:28.0943 0x0204  ============================================================
12:38:29.0255 0x0204  KLMD registered as C:\Windows\system32\drivers\38101215.sys
12:38:29.0505 0x0204  System UUID: {B0D389A6-A3B0-3464-346F-87E23D46B8FD}
12:38:30.0097 0x0204  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:30.0097 0x0204  Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 ( 465.73 Gb ), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:38:30.0144 0x0204  ============================================================
12:38:30.0144 0x0204  \Device\Harddisk0\DR0:
12:38:30.0144 0x0204  MBR partitions:
12:38:30.0144 0x0204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x62800
12:38:30.0144 0x0204  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x63000, BlocksNum 0x30CDB000
12:38:30.0144 0x0204  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x30D3E000, BlocksNum 0x439C8800
12:38:30.0144 0x0204  \Device\Harddisk1\DR1:
12:38:30.0144 0x0204  MBR partitions:
12:38:30.0144 0x0204  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
12:38:30.0144 0x0204  ============================================================
12:38:30.0191 0x0204  C: <-> \Device\Harddisk0\DR0\Partition2
12:38:30.0269 0x0204  G: <-> \Device\Harddisk1\DR1\Partition1
12:38:30.0331 0x0204  D: <-> \Device\Harddisk0\DR0\Partition3
12:38:30.0331 0x0204  ============================================================
12:38:30.0331 0x0204  Initialize success
12:38:30.0331 0x0204  ============================================================
12:38:32.0625 0x0684  ============================================================
12:38:32.0625 0x0684  Scan started
12:38:32.0625 0x0684  Mode: Manual; 
12:38:32.0625 0x0684  ============================================================
12:38:32.0625 0x0684  KSN ping started
12:38:35.0401 0x0684  KSN ping finished: true
12:38:36.0010 0x0684  ================ Scan system memory ========================
12:38:36.0010 0x0684  System memory - ok
12:38:36.0010 0x0684  ================ Scan services =============================
12:38:36.0088 0x0684  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:38:36.0088 0x0684  !SASCORE - ok
12:38:36.0291 0x0684  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:38:36.0291 0x0684  1394ohci - ok
12:38:36.0400 0x0684  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\EEK\BIN\a2ddax64.sys
12:38:36.0400 0x0684  A2DDA - ok
12:38:36.0431 0x0684  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:38:36.0431 0x0684  ACPI - ok
12:38:36.0525 0x0684  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:38:36.0525 0x0684  AcpiPmi - ok
12:38:36.0540 0x0684  [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
12:38:36.0540 0x0684  ACPIVPC - ok
12:38:36.0649 0x0684  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:36.0649 0x0684  AdobeARMservice - ok
12:38:36.0805 0x0684  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:36.0821 0x0684  AdobeFlashPlayerUpdateSvc - ok
12:38:36.0868 0x0684  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:38:36.0883 0x0684  adp94xx - ok
12:38:36.0915 0x0684  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:38:36.0915 0x0684  adpahci - ok
12:38:36.0946 0x0684  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:38:36.0946 0x0684  adpu320 - ok
12:38:36.0977 0x0684  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:38:36.0977 0x0684  AeLookupSvc - ok
12:38:37.0024 0x0684  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
12:38:37.0024 0x0684  AFD - ok
12:38:37.0102 0x0684  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:38:37.0102 0x0684  agp440 - ok
12:38:37.0149 0x0684  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:38:37.0149 0x0684  ALG - ok
12:38:37.0180 0x0684  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:38:37.0180 0x0684  aliide - ok
12:38:37.0195 0x0684  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:38:37.0195 0x0684  amdide - ok
12:38:37.0211 0x0684  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:38:37.0211 0x0684  AmdK8 - ok
12:38:37.0242 0x0684  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:38:37.0242 0x0684  AmdPPM - ok
12:38:37.0273 0x0684  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:38:37.0273 0x0684  amdsata - ok
12:38:37.0351 0x0684  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:38:37.0351 0x0684  amdsbs - ok
12:38:37.0383 0x0684  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:38:37.0383 0x0684  amdxata - ok
12:38:37.0429 0x0684  [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
12:38:37.0445 0x0684  AMPPAL - ok
12:38:37.0445 0x0684  [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
12:38:37.0445 0x0684  AMPPALP - ok
12:38:37.0601 0x0684  [ CCB61487A9D9416EC8985279E37608BF, 02097150E4C80F58417E7FF8617B14452F2B3B183ABE8075BC7EB1C1F08B5DA8 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
12:38:37.0617 0x0684  AMPPALR3 - ok
12:38:37.0663 0x0684  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:38:37.0663 0x0684  AppID - ok
12:38:37.0695 0x0684  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:38:37.0695 0x0684  AppIDSvc - ok
12:38:37.0710 0x0684  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
12:38:37.0726 0x0684  Appinfo - ok
12:38:37.0788 0x0684  [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:38:37.0788 0x0684  Apple Mobile Device - ok
12:38:37.0835 0x0684  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:38:37.0835 0x0684  AppMgmt - ok
12:38:37.0882 0x0684  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:38:37.0882 0x0684  arc - ok
12:38:37.0913 0x0684  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:38:37.0913 0x0684  arcsas - ok
12:38:38.0022 0x0684  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:38:38.0022 0x0684  aspnet_state - ok
12:38:38.0038 0x0684  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:38.0038 0x0684  AsyncMac - ok
12:38:38.0069 0x0684  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:38:38.0069 0x0684  atapi - ok
12:38:38.0116 0x0684  [ EF3B9AD9D03047EBA1369732B2F55AFE, 19D5CE66C492666EB2C94E6ED2347F923B1815196955F1BC4B9E397625FE1FFD ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
12:38:38.0116 0x0684  AthBTPort - ok
12:38:38.0194 0x0684  [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
12:38:38.0194 0x0684  Atheros Bt&Wlan Coex Agent - ok
12:38:38.0241 0x0684  [ 88D8999350D12127438D57B54A432946, 77990D0CB02ADE52B5ECDD9EAC26CA4A5DF19342636EDE9B5FCB9972BD736875 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
12:38:38.0241 0x0684  AtherosSvc - ok
12:38:38.0350 0x0684  [ 16567AB05CD34F46D0DCBB129CA143C2, 4C76D866C8A897C43E8D5EA6119FE6470024995CA99C898A3A190603DC60E5EC ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:38:38.0412 0x0684  athr - ok
12:38:38.0459 0x0684  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:38.0475 0x0684  AudioEndpointBuilder - ok
12:38:38.0490 0x0684  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:38:38.0506 0x0684  AudioSrv - ok
12:38:38.0584 0x0684  [ 3817558D8D5BBC8B0F190CF0D7C4720F, 7CD250DD22BE0E6CF6BEA639EA8220E46158CA7DF33FF803967CEAEA7FBD14E5 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
12:38:38.0584 0x0684  Autodesk Content Service - ok
12:38:38.0615 0x0684  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:38:38.0615 0x0684  AxInstSV - ok
12:38:38.0662 0x0684  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:38:38.0677 0x0684  b06bdrv - ok
12:38:38.0724 0x0684  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:38:38.0740 0x0684  b57nd60a - ok
12:38:38.0771 0x0684  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:38:38.0771 0x0684  BDESVC - ok
12:38:38.0771 0x0684  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:38:38.0771 0x0684  Beep - ok
12:38:38.0833 0x0684  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:38:38.0849 0x0684  BFE - ok
12:38:38.0880 0x0684  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:38:38.0896 0x0684  BITS - ok
12:38:38.0927 0x0684  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:38.0927 0x0684  blbdrive - ok
12:38:38.0974 0x0684  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:38:38.0974 0x0684  Bonjour Service - ok
12:38:39.0021 0x0684  [ 369D7E0E01117A1A4A23C9C6A04EED06, 000793ECF7BF88A108A9FF623AF03508AD360854D08BD70DF32C22EBFE78E119 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
12:38:39.0021 0x0684  BootDefragDriver - ok
12:38:39.0036 0x0684  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:38:39.0036 0x0684  bowser - ok
12:38:39.0067 0x0684  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:38:39.0067 0x0684  BrFiltLo - ok
12:38:39.0083 0x0684  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:38:39.0083 0x0684  BrFiltUp - ok
12:38:39.0114 0x0684  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
12:38:39.0114 0x0684  Browser - ok
12:38:39.0145 0x0684  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:38:39.0145 0x0684  Brserid - ok
12:38:39.0177 0x0684  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:39.0177 0x0684  BrSerWdm - ok
12:38:39.0192 0x0684  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:39.0192 0x0684  BrUsbMdm - ok
12:38:39.0192 0x0684  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:39.0192 0x0684  BrUsbSer - ok
12:38:39.0255 0x0684  [ 72EA2FCD6456BFC6936EDA474EA08E48, 1026D73B9420B77E971F55E9959F239D688830AF4BB42BDBF3200D8D3AB5A6EA ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
12:38:39.0270 0x0684  BTATH_A2DP - ok
12:38:39.0270 0x0684  [ FFA0D38141FB7B93AFF465B82596D1EC, E893D7F6B24A9E2D4D427AB7CE1393DA281AA3A95F92F70B98BAD8F10C816110 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
12:38:39.0270 0x0684  btath_avdt - ok
12:38:39.0301 0x0684  [ A65A9B2C3A9985D8122B2B6D3D2F4C1B, 8C3E95D2153040C8AF5434301CAC3ECE2600C829EE83ABBE136797A17EE04216 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
12:38:39.0301 0x0684  BTATH_BUS - ok
12:38:39.0317 0x0684  [ E95F7E9F4C8A88610F4142E60CF196BE, EE2ECCDE1C6EE1E365D4DD966F6F4BA9646A21E8BE594884B39BCA87A25DB3B6 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
12:38:39.0333 0x0684  BTATH_HCRP - ok
12:38:39.0333 0x0684  [ 1A5C05524C0C503C87F930F154B7145D, 8A71E9E2524E63E9871734A0625A680A1A7C04A775F5F8B2A4AEEAE9379EE174 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:38:39.0333 0x0684  BTATH_LWFLT - ok
12:38:39.0364 0x0684  [ C2FD5B24F648DAC8143C51514307B0EC, D3A7BC3C96385685A725A21C2EBCC0B7387EAC6FC43B94C12B01CC582F020451 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
12:38:39.0364 0x0684  BTATH_RCP - ok
12:38:39.0395 0x0684  [ 958F4AEC324A2BB0DC5B8F9197E779A0, 9D9E02156BA72DE9F7A43B9FE1CCEDADAD8965455F26F4C316EA41D08CAF0418 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
12:38:39.0411 0x0684  BtFilter - ok
12:38:39.0457 0x0684  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:38:39.0457 0x0684  BthEnum - ok
12:38:39.0489 0x0684  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:38:39.0489 0x0684  BTHMODEM - ok
12:38:39.0520 0x0684  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:38:39.0520 0x0684  BthPan - ok
12:38:39.0551 0x0684  [ 0D25B6D300BA26A5F2C3B2A8E96B158B, 45C4D18367BDBD85D442221286FE4E9EBC053F1927A32403B2DEBF95AD4E6676 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:38:39.0567 0x0684  BTHPORT - ok
12:38:39.0582 0x0684  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:38:39.0582 0x0684  bthserv - ok
12:38:39.0613 0x0684  [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
12:38:39.0629 0x0684  BTHSSecurityMgr - ok
12:38:39.0645 0x0684  [ 1F9912F8EC5BFA53432E71E150636A8A, D8DE353FA5A6B95EA1CBC79731657044C09BED38B831B8365DCCA8A6DEA67111 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:38:39.0645 0x0684  BTHUSB - ok
12:38:39.0660 0x0684  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:38:39.0676 0x0684  cdfs - ok
12:38:39.0707 0x0684  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:38:39.0707 0x0684  cdrom - ok
12:38:39.0754 0x0684  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:38:39.0754 0x0684  CertPropSvc - ok
12:38:39.0785 0x0684  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:38:39.0785 0x0684  circlass - ok
12:38:39.0816 0x0684  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\EEK\bin\cleanhlp64.sys
12:38:39.0816 0x0684  cleanhlp - ok
12:38:39.0847 0x0684  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:38:39.0863 0x0684  CLFS - ok
12:38:39.0941 0x0684  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:39.0941 0x0684  clr_optimization_v2.0.50727_32 - ok
12:38:39.0972 0x0684  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:38:39.0988 0x0684  clr_optimization_v2.0.50727_64 - ok
12:38:40.0066 0x0684  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:40.0066 0x0684  clr_optimization_v4.0.30319_32 - ok
12:38:40.0081 0x0684  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:38:40.0081 0x0684  clr_optimization_v4.0.30319_64 - ok
12:38:40.0113 0x0684  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:38:40.0113 0x0684  CmBatt - ok
12:38:40.0128 0x0684  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:38:40.0128 0x0684  cmdide - ok
12:38:40.0159 0x0684  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
12:38:40.0159 0x0684  CNG - ok
12:38:40.0175 0x0684  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:38:40.0175 0x0684  Compbatt - ok
12:38:40.0222 0x0684  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:38:40.0222 0x0684  CompositeBus - ok
12:38:40.0237 0x0684  COMSysApp - ok
12:38:40.0300 0x0684  [ EA551EFC7CE28FA3D1DC188F12E488AD, F0B8942A5AC0D91E6286B4EA81F4B327563445881F718A5BC2FB07C169EB6423 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:38:40.0315 0x0684  cphs - ok
12:38:40.0331 0x0684  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:38:40.0331 0x0684  crcdisk - ok
12:38:40.0362 0x0684  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:38:40.0362 0x0684  CryptSvc - ok
12:38:40.0393 0x0684  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:38:40.0409 0x0684  CSC - ok
12:38:40.0440 0x0684  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:38:40.0456 0x0684  CscService - ok
12:38:40.0503 0x0684  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:38:40.0503 0x0684  DcomLaunch - ok
12:38:40.0549 0x0684  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:38:40.0565 0x0684  defragsvc - ok
12:38:40.0596 0x0684  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:38:40.0596 0x0684  DfsC - ok
12:38:40.0659 0x0684  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:38:40.0659 0x0684  Dhcp - ok
12:38:40.0674 0x0684  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:38:40.0674 0x0684  discache - ok
12:38:40.0705 0x0684  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:38:40.0705 0x0684  Disk - ok
12:38:40.0752 0x0684  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:38:40.0752 0x0684  dmvsc - ok
12:38:40.0768 0x0684  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:38:40.0783 0x0684  Dnscache - ok
12:38:40.0815 0x0684  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:38:40.0815 0x0684  dot3svc - ok
12:38:40.0846 0x0684  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:38:40.0846 0x0684  DPS - ok
12:38:40.0877 0x0684  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:38:40.0877 0x0684  drmkaud - ok
12:38:40.0939 0x0684  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:38:40.0939 0x0684  dtsoftbus01 - ok
12:38:41.0002 0x0684  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:38:41.0017 0x0684  DXGKrnl - ok
12:38:41.0064 0x0684  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:38:41.0064 0x0684  EapHost - ok
12:38:41.0173 0x0684  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:38:41.0236 0x0684  ebdrv - ok
12:38:41.0267 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
12:38:41.0267 0x0684  EFS - ok
12:38:41.0314 0x0684  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:38:41.0329 0x0684  ehRecvr - ok
12:38:41.0345 0x0684  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:38:41.0345 0x0684  ehSched - ok
12:38:41.0376 0x0684  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
12:38:41.0376 0x0684  ElbyCDIO - ok
12:38:41.0407 0x0684  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:38:41.0423 0x0684  elxstor - ok
12:38:41.0439 0x0684  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:38:41.0439 0x0684  ErrDev - ok
12:38:41.0485 0x0684  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:38:41.0485 0x0684  EventSystem - ok
12:38:41.0641 0x0684  [ E7ECD510AED32C19477976310173FAC3, BC68505D654D3742FB59C51715C51B5DBDF89574A0A446B16E612E17058A89ED ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:38:41.0657 0x0684  EvtEng - ok
12:38:41.0673 0x0684  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:38:41.0673 0x0684  exfat - ok
12:38:41.0704 0x0684  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:38:41.0719 0x0684  fastfat - ok
12:38:41.0766 0x0684  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:38:41.0782 0x0684  Fax - ok
12:38:41.0797 0x0684  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:38:41.0797 0x0684  fdc - ok
12:38:41.0813 0x0684  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:38:41.0813 0x0684  fdPHost - ok
12:38:41.0829 0x0684  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:38:41.0829 0x0684  FDResPub - ok
12:38:41.0829 0x0684  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:38:41.0829 0x0684  FileInfo - ok
12:38:41.0844 0x0684  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:38:41.0844 0x0684  Filetrace - ok
12:38:41.0953 0x0684  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:38:41.0985 0x0684  FLEXnet Licensing Service 64 - ok
12:38:42.0016 0x0684  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:38:42.0016 0x0684  flpydisk - ok
12:38:42.0047 0x0684  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:38:42.0047 0x0684  FltMgr - ok
12:38:42.0094 0x0684  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
12:38:42.0125 0x0684  FontCache - ok
12:38:42.0172 0x0684  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:42.0172 0x0684  FontCache3.0.0.0 - ok
12:38:42.0203 0x0684  [ 1899D0FB4C5AD0D6D0BFA258C54903F7, 017090A7DB940CA65A713415B922F36FA7E10EAD226ECB9350ED1D43FD625E0F ] FPSensor        C:\Windows\system32\Drivers\FPSensor.sys
12:38:42.0203 0x0684  FPSensor - ok
12:38:42.0234 0x0684  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:38:42.0234 0x0684  FsDepends - ok
12:38:42.0250 0x0684  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:38:42.0250 0x0684  Fs_Rec - ok
12:38:42.0281 0x0684  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:38:42.0281 0x0684  fvevol - ok
12:38:42.0312 0x0684  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:38:42.0312 0x0684  gagp30kx - ok
12:38:42.0343 0x0684  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:38:42.0343 0x0684  GEARAspiWDM - ok
12:38:42.0390 0x0684  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:38:42.0406 0x0684  gpsvc - ok
12:38:42.0437 0x0684  [ 500CBE92D24D21B78120BF0FD0196F58, 62514A8A96AA0092B7327CFF2E1168A5619DCFC947E7995FEE81A32F83AF3AE1 ] GUBootStartup   C:\Windows\System32\drivers\GUBootStartup.sys
12:38:42.0437 0x0684  GUBootStartup - ok
12:38:42.0531 0x0684  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:42.0531 0x0684  gupdate - ok
12:38:42.0546 0x0684  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:42.0546 0x0684  gupdatem - ok
12:38:42.0593 0x0684  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:38:42.0593 0x0684  gusvc - ok
12:38:42.0640 0x0684  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:38:42.0640 0x0684  hcw85cir - ok
12:38:42.0671 0x0684  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:42.0687 0x0684  HdAudAddService - ok
12:38:42.0702 0x0684  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:38:42.0702 0x0684  HDAudBus - ok
12:38:42.0718 0x0684  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:38:42.0718 0x0684  HidBatt - ok
12:38:42.0749 0x0684  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:38:42.0749 0x0684  HidBth - ok
12:38:42.0765 0x0684  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:38:42.0765 0x0684  HidIr - ok
12:38:42.0796 0x0684  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:38:42.0796 0x0684  hidserv - ok
12:38:42.0811 0x0684  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:38:42.0811 0x0684  HidUsb - ok
12:38:42.0858 0x0684  [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
12:38:42.0858 0x0684  hitmanpro37 - ok
12:38:42.0905 0x0684  [ 846FCDB73941A5B8FC4299A234659713, A08AD3D82EF977C2CC095FDB39E50AEE2C30FA7FDCCA192F2174A979CCFD16AA ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
12:38:42.0905 0x0684  HitmanProScheduler - ok
12:38:42.0921 0x0684  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:38:42.0936 0x0684  hkmsvc - ok
12:38:42.0967 0x0684  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:42.0967 0x0684  HomeGroupListener - ok
12:38:42.0999 0x0684  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:43.0014 0x0684  HomeGroupProvider - ok
12:38:43.0030 0x0684  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:38:43.0030 0x0684  HpSAMD - ok
12:38:43.0077 0x0684  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:38:43.0092 0x0684  HTTP - ok
12:38:43.0108 0x0684  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:38:43.0108 0x0684  hwpolicy - ok
12:38:43.0170 0x0684  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:38:43.0170 0x0684  i8042prt - ok
12:38:43.0217 0x0684  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:38:43.0233 0x0684  iaStor - ok
12:38:43.0342 0x0684  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:38:43.0342 0x0684  IAStorDataMgrSvc - ok
12:38:43.0357 0x0684  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:38:43.0373 0x0684  iaStorV - ok
12:38:43.0435 0x0684  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:43.0451 0x0684  idsvc - ok
12:38:43.0872 0x0684  [ 0638D16029B1C800908D965AC78970C7, C88F026D04B8FD351F397103478E013450F302DA072ACA92C8C822F6654BD0B3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:38:44.0262 0x0684  igfx - ok
12:38:44.0293 0x0684  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:38:44.0293 0x0684  iirsp - ok
12:38:44.0340 0x0684  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:38:44.0371 0x0684  IKEEXT - ok
12:38:44.0512 0x0684  [ 9885D894297D2C69B1833DD484175AA2, 99564F3B3936153AC327A232D7AFBBBC8823EBB79DE49C498E5AEBAB09AC7F8A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:44.0637 0x0684  IntcAzAudAddService - ok
12:38:44.0683 0x0684  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:38:44.0699 0x0684  IntcDAud - ok
12:38:44.0715 0x0684  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:38:44.0730 0x0684  intelide - ok
12:38:44.0746 0x0684  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:38:44.0746 0x0684  intelppm - ok
12:38:44.0777 0x0684  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:38:44.0777 0x0684  IPBusEnum - ok
12:38:44.0793 0x0684  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:44.0793 0x0684  IpFilterDriver - ok
12:38:44.0824 0x0684  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:38:44.0839 0x0684  iphlpsvc - ok
12:38:44.0855 0x0684  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:38:44.0855 0x0684  IPMIDRV - ok
12:38:44.0871 0x0684  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:38:44.0886 0x0684  IPNAT - ok
12:38:44.0933 0x0684  [ 755E4BA6DCE627A2683BB7640553C8D6, 7E88C31CE78A784F3FCB6D99412A09D5100E7A4FD779BE0B81489BD1D20D5F68 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:38:44.0964 0x0684  iPod Service - ok
12:38:44.0980 0x0684  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:38:44.0980 0x0684  IRENUM - ok
12:38:44.0995 0x0684  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:38:44.0995 0x0684  isapnp - ok
12:38:45.0027 0x0684  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:38:45.0027 0x0684  iScsiPrt - ok
12:38:45.0042 0x0684  [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:38:45.0042 0x0684  iusb3hcs - ok
12:38:45.0073 0x0684  [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
12:38:45.0073 0x0684  iusb3hub - ok
12:38:45.0120 0x0684  [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:38:45.0136 0x0684  iusb3xhc - ok
12:38:45.0167 0x0684  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:45.0167 0x0684  kbdclass - ok
12:38:45.0198 0x0684  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:45.0198 0x0684  kbdhid - ok
12:38:45.0214 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
12:38:45.0214 0x0684  KeyIso - ok
12:38:45.0229 0x0684  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:38:45.0229 0x0684  KSecDD - ok
12:38:45.0245 0x0684  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:38:45.0245 0x0684  KSecPkg - ok
12:38:45.0261 0x0684  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:38:45.0261 0x0684  ksthunk - ok
12:38:45.0323 0x0684  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:38:45.0323 0x0684  KtmRm - ok
12:38:45.0354 0x0684  [ E84DA1A93978B3700EA63414357B9BA3, B6119D23457CDEE2CCEBA433F5427B183387C3C54E9E51B42D7C79D1524727A4 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
12:38:45.0354 0x0684  L1C - ok
12:38:45.0401 0x0684  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:38:45.0401 0x0684  LanmanServer - ok
12:38:45.0432 0x0684  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:45.0432 0x0684  LanmanWorkstation - ok
12:38:45.0463 0x0684  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX64.sys
12:38:45.0463 0x0684  LHDmgr - ok
12:38:45.0510 0x0684  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:38:45.0510 0x0684  lltdio - ok
12:38:45.0541 0x0684  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:38:45.0541 0x0684  lltdsvc - ok
12:38:45.0557 0x0684  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:38:45.0557 0x0684  lmhosts - ok
12:38:45.0604 0x0684  [ C56E64BA70DC822B84D100A6F8D690D3, 1F511FBDDDD6E8CC83C8D0BD152BBE8C4C9E103D2DDED93564DC0FB9962DD040 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:38:45.0604 0x0684  LMS - ok
12:38:45.0651 0x0684  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:38:45.0651 0x0684  LSI_FC - ok
12:38:45.0666 0x0684  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:38:45.0666 0x0684  LSI_SAS - ok
12:38:45.0666 0x0684  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:38:45.0666 0x0684  LSI_SAS2 - ok
12:38:45.0682 0x0684  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:38:45.0682 0x0684  LSI_SCSI - ok
12:38:45.0729 0x0684  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:38:45.0729 0x0684  luafv - ok
12:38:45.0729 0x0684  MBAMSwissArmy - ok
12:38:45.0744 0x0684  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:38:45.0760 0x0684  Mcx2Svc - ok
12:38:45.0775 0x0684  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:38:45.0775 0x0684  megasas - ok
12:38:45.0791 0x0684  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:38:45.0807 0x0684  MegaSR - ok
12:38:45.0838 0x0684  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:38:45.0838 0x0684  MEIx64 - ok
12:38:45.0963 0x0684  [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2014_64 C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
12:38:45.0963 0x0684  mi-raysat_3dsmax2014_64 - ok
12:38:46.0009 0x0684  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:38:46.0009 0x0684  MMCSS - ok
12:38:46.0025 0x0684  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:38:46.0025 0x0684  Modem - ok
12:38:46.0056 0x0684  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:38:46.0056 0x0684  monitor - ok
12:38:46.0087 0x0684  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:38:46.0087 0x0684  mouclass - ok
12:38:46.0103 0x0684  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:38:46.0103 0x0684  mouhid - ok
12:38:46.0134 0x0684  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:38:46.0134 0x0684  mountmgr - ok
12:38:46.0150 0x0684  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:38:46.0150 0x0684  mpio - ok
12:38:46.0165 0x0684  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:38:46.0165 0x0684  mpsdrv - ok
12:38:46.0212 0x0684  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:38:46.0228 0x0684  MpsSvc - ok
12:38:46.0243 0x0684  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:38:46.0259 0x0684  MRxDAV - ok
12:38:46.0259 0x0684  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:46.0259 0x0684  mrxsmb - ok
12:38:46.0290 0x0684  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:46.0306 0x0684  mrxsmb10 - ok
12:38:46.0306 0x0684  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:46.0306 0x0684  mrxsmb20 - ok
12:38:46.0321 0x0684  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:38:46.0321 0x0684  msahci - ok
12:38:46.0337 0x0684  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:38:46.0337 0x0684  msdsm - ok
12:38:46.0353 0x0684  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:38:46.0353 0x0684  MSDTC - ok
12:38:46.0384 0x0684  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:38:46.0384 0x0684  Msfs - ok
12:38:46.0399 0x0684  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:38:46.0399 0x0684  mshidkmdf - ok
12:38:46.0399 0x0684  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:38:46.0399 0x0684  msisadrv - ok
12:38:46.0431 0x0684  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:38:46.0431 0x0684  MSiSCSI - ok
12:38:46.0431 0x0684  msiserver - ok
12:38:46.0462 0x0684  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:38:46.0462 0x0684  MSKSSRV - ok
12:38:46.0477 0x0684  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:46.0477 0x0684  MSPCLOCK - ok
12:38:46.0493 0x0684  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:38:46.0493 0x0684  MSPQM - ok
12:38:46.0509 0x0684  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:38:46.0524 0x0684  MsRPC - ok
12:38:46.0540 0x0684  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:38:46.0540 0x0684  mssmbios - ok
12:38:46.0555 0x0684  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:38:46.0555 0x0684  MSTEE - ok
12:38:46.0571 0x0684  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:38:46.0571 0x0684  MTConfig - ok
12:38:46.0587 0x0684  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:38:46.0587 0x0684  Mup - ok
12:38:46.0649 0x0684  [ DF3D9BD8DE05798CE1D7C52C150FAC71, 77EE6D9B28BDBD914C062AB0FB439B3336297EDCD76CE1E78437B5AE924500EE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:38:46.0665 0x0684  MyWiFiDHCPDNS - ok
12:38:46.0711 0x0684  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:38:46.0727 0x0684  napagent - ok
12:38:46.0758 0x0684  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:38:46.0774 0x0684  NativeWifiP - ok
12:38:46.0867 0x0684  [ E4534BCCDD1EA7A7A256BB9D6688A5FC, 68AFEDC17BF449DF7FC9CC9D7F020C1D82ABE91C40C7E6419DF87FAFDA700A0E ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
12:38:46.0867 0x0684  NAUpdate - ok
12:38:46.0930 0x0684  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:38:46.0945 0x0684  NDIS - ok
12:38:46.0992 0x0684  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:46.0992 0x0684  NdisCap - ok
12:38:47.0008 0x0684  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:47.0008 0x0684  NdisTapi - ok
12:38:47.0055 0x0684  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:47.0055 0x0684  Ndisuio - ok
12:38:47.0070 0x0684  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:47.0070 0x0684  NdisWan - ok
12:38:47.0086 0x0684  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:38:47.0086 0x0684  NDProxy - ok
12:38:47.0101 0x0684  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:38:47.0101 0x0684  NetBIOS - ok
12:38:47.0117 0x0684  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:38:47.0117 0x0684  NetBT - ok
12:38:47.0133 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
12:38:47.0133 0x0684  Netlogon - ok
12:38:47.0164 0x0684  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:38:47.0179 0x0684  Netman - ok
12:38:47.0242 0x0684  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:47.0242 0x0684  NetMsmqActivator - ok
12:38:47.0242 0x0684  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:47.0257 0x0684  NetPipeActivator - ok
12:38:47.0289 0x0684  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:38:47.0289 0x0684  netprofm - ok
12:38:47.0304 0x0684  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:47.0304 0x0684  NetTcpActivator - ok
12:38:47.0304 0x0684  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:47.0304 0x0684  NetTcpPortSharing - ok
12:38:47.0632 0x0684  [ 3184D1564F9970F4EC81AF0347AD42B7, 95F3BD3671BF2B962E12AD46E01F12D24AFB8B7366960625295438B8A0C5DF3A ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw00.sys
12:38:47.0944 0x0684  NETwNs64 - ok
12:38:47.0975 0x0684  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:38:47.0975 0x0684  nfrd960 - ok
12:38:48.0006 0x0684  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:38:48.0006 0x0684  NlaSvc - ok
12:38:48.0069 0x0684  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
12:38:48.0069 0x0684  NPF - ok
12:38:48.0084 0x0684  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:38:48.0084 0x0684  Npfs - ok
12:38:48.0115 0x0684  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:38:48.0115 0x0684  nsi - ok
12:38:48.0115 0x0684  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:38:48.0115 0x0684  nsiproxy - ok
12:38:48.0178 0x0684  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:38:48.0209 0x0684  Ntfs - ok
12:38:48.0209 0x0684  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:38:48.0209 0x0684  Null - ok
12:38:48.0240 0x0684  [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:38:48.0256 0x0684  NVHDA - ok
12:38:48.0583 0x0684  [ 7A711D08F1FD1AB8149B6199F84A0EB7, 973597EE38B238902C7355E91B0A2FA79AD67BA26C30DE5C3E6649AA934F639B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:38:48.0880 0x0684  nvlddmkm - ok
12:38:48.0989 0x0684  [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:38:49.0020 0x0684  NvNetworkService - ok
12:38:49.0067 0x0684  [ 7B4BD86B22DFE63FC08E5F4E24B54438, FFBADA98BD97EFB39A4815A4312792308C4F178ABAAD593B5EB78A24D8777D66 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
12:38:49.0067 0x0684  nvpciflt - ok
12:38:49.0098 0x0684  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:38:49.0098 0x0684  nvraid - ok
12:38:49.0114 0x0684  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:38:49.0114 0x0684  nvstor - ok
12:38:49.0192 0x0684  [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:38:49.0192 0x0684  NvStreamKms - ok
12:38:49.0223 0x0684  NvStreamSvc - ok
12:38:49.0270 0x0684  [ B9F3591981D761A5CA1D24C369764D96, 74C0CB77129F3B9929469489BCFCCA77B4692E2C06FB038401C5671C25A6CCDB ] NVSvc           C:\Windows\system32\nvvsvc.exe
12:38:49.0285 0x0684  NVSvc - ok
12:38:49.0348 0x0684  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:38:49.0348 0x0684  nvvad_WaveExtensible - ok
12:38:49.0363 0x0684  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:38:49.0363 0x0684  nv_agp - ok
12:38:49.0395 0x0684  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:38:49.0395 0x0684  ohci1394 - ok
12:38:49.0457 0x0684  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:49.0457 0x0684  ose - ok
12:38:49.0613 0x0684  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:38:49.0753 0x0684  osppsvc - ok
12:38:49.0785 0x0684  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:38:49.0800 0x0684  p2pimsvc - ok
12:38:49.0831 0x0684  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:38:49.0847 0x0684  p2psvc - ok
12:38:49.0878 0x0684  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:38:49.0878 0x0684  Parport - ok
12:38:49.0894 0x0684  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:38:49.0894 0x0684  partmgr - ok
12:38:49.0909 0x0684  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:38:49.0925 0x0684  PcaSvc - ok
12:38:49.0941 0x0684  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:38:49.0941 0x0684  pci - ok
12:38:49.0956 0x0684  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:38:49.0956 0x0684  pciide - ok
12:38:49.0972 0x0684  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:38:49.0987 0x0684  pcmcia - ok
12:38:50.0003 0x0684  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:38:50.0003 0x0684  pcw - ok
12:38:50.0019 0x0684  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:38:50.0034 0x0684  PEAUTH - ok
12:38:50.0097 0x0684  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:38:50.0128 0x0684  PeerDistSvc - ok
12:38:50.0175 0x0684  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:38:50.0175 0x0684  PerfHost - ok
12:38:50.0237 0x0684  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:38:50.0253 0x0684  pla - ok
12:38:50.0299 0x0684  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:38:50.0315 0x0684  PlugPlay - ok
12:38:50.0331 0x0684  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:38:50.0331 0x0684  PNRPAutoReg - ok
12:38:50.0346 0x0684  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:38:50.0362 0x0684  PNRPsvc - ok
12:38:50.0393 0x0684  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:38:50.0393 0x0684  PolicyAgent - ok
12:38:50.0424 0x0684  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:38:50.0424 0x0684  Power - ok
12:38:50.0455 0x0684  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:38:50.0471 0x0684  PptpMiniport - ok
12:38:50.0487 0x0684  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:38:50.0487 0x0684  Processor - ok
12:38:50.0502 0x0684  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
12:38:50.0518 0x0684  ProfSvc - ok
12:38:50.0533 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:50.0533 0x0684  ProtectedStorage - ok
12:38:50.0565 0x0684  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:38:50.0565 0x0684  Psched - ok
12:38:50.0596 0x0684  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:38:50.0596 0x0684  PxHlpa64 - ok
12:38:50.0658 0x0684  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:38:50.0689 0x0684  ql2300 - ok
12:38:50.0689 0x0684  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:38:50.0705 0x0684  ql40xx - ok
12:38:50.0736 0x0684  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:38:50.0736 0x0684  QWAVE - ok
12:38:50.0752 0x0684  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:38:50.0752 0x0684  QWAVEdrv - ok
12:38:50.0767 0x0684  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:38:50.0767 0x0684  RasAcd - ok
12:38:50.0799 0x0684  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:50.0799 0x0684  RasAgileVpn - ok
12:38:50.0814 0x0684  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:38:50.0814 0x0684  RasAuto - ok
12:38:50.0830 0x0684  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:50.0830 0x0684  Rasl2tp - ok
12:38:50.0845 0x0684  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:38:50.0861 0x0684  RasMan - ok
12:38:50.0877 0x0684  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:50.0877 0x0684  RasPppoe - ok
12:38:50.0892 0x0684  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:38:50.0892 0x0684  RasSstp - ok
12:38:50.0908 0x0684  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:38:50.0908 0x0684  rdbss - ok
12:38:50.0939 0x0684  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:38:50.0939 0x0684  rdpbus - ok
12:38:50.0955 0x0684  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:50.0955 0x0684  RDPCDD - ok
12:38:50.0986 0x0684  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:38:50.0986 0x0684  RDPDR - ok
12:38:51.0001 0x0684  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:38:51.0001 0x0684  RDPENCDD - ok
12:38:51.0001 0x0684  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:38:51.0001 0x0684  RDPREFMP - ok
12:38:51.0033 0x0684  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:38:51.0033 0x0684  RdpVideoMiniport - ok
12:38:51.0048 0x0684  [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:38:51.0048 0x0684  RDPWD - ok
12:38:51.0079 0x0684  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:38:51.0095 0x0684  rdyboost - ok
12:38:51.0157 0x0684  [ 46D01172EDDACDD1EB75648D5E17D5E2, 74D91D53A63ABF3FD3C44B410AABDB8BCFBC16E9BD419B0AA8DF36F775CC33B6 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:38:51.0157 0x0684  RegSrvc - ok
12:38:51.0189 0x0684  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:38:51.0189 0x0684  RemoteAccess - ok
12:38:51.0220 0x0684  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:38:51.0220 0x0684  RemoteRegistry - ok
12:38:51.0235 0x0684  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:38:51.0251 0x0684  RFCOMM - ok
12:38:51.0313 0x0684  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
12:38:51.0313 0x0684  rpcapd - ok
12:38:51.0329 0x0684  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:38:51.0329 0x0684  RpcEptMapper - ok
12:38:51.0360 0x0684  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:38:51.0360 0x0684  RpcLocator - ok
12:38:51.0376 0x0684  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:38:51.0376 0x0684  RpcSs - ok
12:38:51.0407 0x0684  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:38:51.0407 0x0684  rspndr - ok
12:38:51.0454 0x0684  [ E54A5586A28D0630A79A68BBAB84BFCF, F6FBF1E4C64351CEB205DDCD17C35EA26439E98F3528F96AE326959A7C26B488 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
12:38:51.0469 0x0684  RSUSBVSTOR - ok
12:38:51.0501 0x0684  [ 20A466B9EA2BD828C0EC723F99B8CFE7, E05AD3C273EC1D3EB2257E565775AB2FE5C797777FCF90FDB714979F8D78C514 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:38:51.0516 0x0684  RTL8167 - ok
12:38:51.0781 0x0684  [ EC635823A35E248074F5FC55A2FABA45, 85ECC9ADD5D4F9052A43840BE0C223A02284F510CDFA84818F45BC6D9816F4A4 ] rtsuvc          C:\Windows\system32\DRIVERS\rtsuvc.sys
12:38:51.0984 0x0684  rtsuvc - ok
12:38:52.0015 0x0684  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:38:52.0015 0x0684  s3cap - ok
12:38:52.0047 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
12:38:52.0047 0x0684  SamSs - ok
12:38:52.0078 0x0684  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:38:52.0093 0x0684  SASDIFSV - ok
12:38:52.0109 0x0684  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:38:52.0109 0x0684  SASKUTIL - ok
12:38:52.0125 0x0684  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:38:52.0125 0x0684  sbp2port - ok
12:38:52.0156 0x0684  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:38:52.0156 0x0684  SCardSvr - ok
12:38:52.0187 0x0684  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:38:52.0187 0x0684  scfilter - ok
12:38:52.0234 0x0684  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:52.0249 0x0684  Schedule - ok
12:38:52.0281 0x0684  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:52.0281 0x0684  SCPolicySvc - ok
12:38:52.0312 0x0684  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:38:52.0312 0x0684  sdbus - ok
12:38:52.0327 0x0684  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:52.0343 0x0684  SDRSVC - ok
12:38:52.0374 0x0684  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:52.0374 0x0684  secdrv - ok
12:38:52.0405 0x0684  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:38:52.0405 0x0684  seclogon - ok
12:38:52.0421 0x0684  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:38:52.0421 0x0684  SENS - ok
12:38:52.0437 0x0684  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:52.0437 0x0684  SensrSvc - ok
12:38:52.0468 0x0684  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:38:52.0468 0x0684  Serenum - ok
12:38:52.0483 0x0684  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
12:38:52.0483 0x0684  Serial - ok
12:38:52.0515 0x0684  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:38:52.0515 0x0684  sermouse - ok
12:38:52.0593 0x0684  [ A98524A3569B8E18A46386F7630EFF21, 377710E35008CE45CE87E933F467E5A008BA45C31F0749E4D6514315568B84E2 ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
12:38:52.0593 0x0684  Service KMSELDI - ok
12:38:52.0639 0x0684  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:52.0655 0x0684  SessionEnv - ok
12:38:52.0686 0x0684  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:38:52.0686 0x0684  sffdisk - ok
12:38:52.0702 0x0684  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:38:52.0717 0x0684  sffp_mmc - ok
12:38:52.0733 0x0684  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:38:52.0733 0x0684  sffp_sd - ok
12:38:52.0749 0x0684  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:38:52.0749 0x0684  sfloppy - ok
12:38:52.0780 0x0684  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:52.0795 0x0684  SharedAccess - ok
12:38:52.0827 0x0684  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:52.0842 0x0684  ShellHWDetection - ok
12:38:52.0858 0x0684  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:38:52.0858 0x0684  SiSRaid2 - ok
12:38:52.0873 0x0684  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:38:52.0889 0x0684  SiSRaid4 - ok
12:38:52.0920 0x0684  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:52.0920 0x0684  Smb - ok
12:38:52.0951 0x0684  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:52.0951 0x0684  SNMPTRAP - ok
12:38:52.0951 0x0684  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:52.0951 0x0684  spldr - ok
12:38:52.0983 0x0684  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:52.0998 0x0684  Spooler - ok
12:38:53.0107 0x0684  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:53.0185 0x0684  sppsvc - ok
12:38:53.0201 0x0684  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:53.0201 0x0684  sppuinotify - ok
12:38:53.0232 0x0684  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:53.0248 0x0684  srv - ok
12:38:53.0263 0x0684  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:53.0263 0x0684  srv2 - ok
12:38:53.0279 0x0684  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:53.0295 0x0684  srvnet - ok
12:38:53.0310 0x0684  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:53.0310 0x0684  SSDPSRV - ok
12:38:53.0326 0x0684  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:53.0326 0x0684  SstpSvc - ok
12:38:53.0373 0x0684  [ 0887B293199AA2055888FABA989ED0A6, 25B0B95F461E90549F17B09143BC7553ACD8C2860064F1146F8EC163DDFFD26A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:38:53.0388 0x0684  Stereo Service - ok
12:38:53.0404 0x0684  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:38:53.0404 0x0684  stexstor - ok
12:38:53.0435 0x0684  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:53.0451 0x0684  stisvc - ok
12:38:53.0466 0x0684  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:38:53.0466 0x0684  storflt - ok
12:38:53.0497 0x0684  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:38:53.0497 0x0684  storvsc - ok
12:38:53.0513 0x0684  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:38:53.0529 0x0684  swenum - ok
12:38:53.0607 0x0684  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:38:53.0607 0x0684  SwitchBoard - ok
12:38:53.0653 0x0684  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:53.0669 0x0684  swprv - ok
12:38:53.0700 0x0684  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
12:38:53.0700 0x0684  Synth3dVsc - ok
12:38:53.0763 0x0684  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:53.0794 0x0684  SysMain - ok
12:38:53.0825 0x0684  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:53.0825 0x0684  TabletInputService - ok
12:38:53.0825 0x0684  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:53.0841 0x0684  TapiSrv - ok
12:38:53.0856 0x0684  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:53.0856 0x0684  TBS - ok
12:38:53.0919 0x0684  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:53.0950 0x0684  Tcpip - ok
12:38:53.0997 0x0684  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:54.0043 0x0684  TCPIP6 - ok
12:38:54.0059 0x0684  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:54.0059 0x0684  tcpipreg - ok
12:38:54.0075 0x0684  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:54.0075 0x0684  TDPIPE - ok
12:38:54.0075 0x0684  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:54.0075 0x0684  TDTCP - ok
12:38:54.0090 0x0684  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:54.0106 0x0684  tdx - ok
12:38:54.0121 0x0684  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:38:54.0121 0x0684  TermDD - ok
12:38:54.0137 0x0684  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
12:38:54.0137 0x0684  terminpt - ok
12:38:54.0184 0x0684  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:38:54.0199 0x0684  TermService - ok
12:38:54.0215 0x0684  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:54.0215 0x0684  Themes - ok
12:38:54.0231 0x0684  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:54.0231 0x0684  THREADORDER - ok
12:38:54.0433 0x0684  [ EBD7ABC7984E0E5992E63CD99AE3544D, 58896358416FB382994E1D30CAABF886AF050552AFC697F1FCD59A9EC61D4757 ] TorchCrashHandler C:\Users\user\AppData\Local\Torch\Update\TorchCrashHandler.exe
12:38:54.0449 0x0684  TorchCrashHandler - ok
12:38:54.0480 0x0684  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:54.0480 0x0684  TrkWks - ok
12:38:54.0543 0x0684  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:54.0543 0x0684  TrustedInstaller - ok
12:38:54.0589 0x0684  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:54.0589 0x0684  tssecsrv - ok
12:38:54.0621 0x0684  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:38:54.0621 0x0684  TsUsbFlt - ok
12:38:54.0636 0x0684  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:38:54.0636 0x0684  TsUsbGD - ok
12:38:54.0667 0x0684  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
12:38:54.0667 0x0684  tsusbhub - ok
12:38:54.0683 0x0684  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:54.0683 0x0684  tunnel - ok
12:38:54.0699 0x0684  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:38:54.0699 0x0684  uagp35 - ok
12:38:54.0730 0x0684  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:54.0730 0x0684  udfs - ok
12:38:54.0761 0x0684  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:54.0761 0x0684  UI0Detect - ok
12:38:54.0792 0x0684  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:38:54.0792 0x0684  uliagpkx - ok
12:38:54.0808 0x0684  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:54.0808 0x0684  umbus - ok
12:38:54.0823 0x0684  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:38:54.0823 0x0684  UmPass - ok
12:38:54.0839 0x0684  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:38:54.0855 0x0684  UmRdpService - ok
12:38:54.0886 0x0684  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:54.0886 0x0684  upnphost - ok
12:38:54.0933 0x0684  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:38:54.0933 0x0684  USBAAPL64 - ok
12:38:54.0979 0x0684  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:38:54.0979 0x0684  usbaudio - ok
12:38:54.0995 0x0684  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:54.0995 0x0684  usbccgp - ok
12:38:55.0026 0x0684  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:38:55.0026 0x0684  usbcir - ok
12:38:55.0057 0x0684  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:38:55.0057 0x0684  usbehci - ok
12:38:55.0089 0x0684  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:55.0089 0x0684  usbhub - ok
12:38:55.0104 0x0684  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:38:55.0104 0x0684  usbohci - ok
12:38:55.0120 0x0684  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:38:55.0120 0x0684  usbprint - ok
12:38:55.0151 0x0684  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:38:55.0151 0x0684  usbscan - ok
12:38:55.0167 0x0684  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:55.0167 0x0684  USBSTOR - ok
12:38:55.0182 0x0684  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:38:55.0182 0x0684  usbuhci - ok
12:38:55.0229 0x0684  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:38:55.0229 0x0684  usbvideo - ok
12:38:55.0260 0x0684  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
12:38:55.0260 0x0684  usb_rndisx - ok
12:38:55.0276 0x0684  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:55.0276 0x0684  UxSms - ok
12:38:55.0291 0x0684  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:55.0291 0x0684  VaultSvc - ok
12:38:55.0323 0x0684  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
12:38:55.0323 0x0684  VClone - ok
12:38:55.0354 0x0684  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:38:55.0354 0x0684  vdrvroot - ok
12:38:55.0385 0x0684  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:38:55.0401 0x0684  vds - ok
12:38:55.0432 0x0684  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:55.0432 0x0684  vga - ok
12:38:55.0432 0x0684  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:55.0432 0x0684  VgaSave - ok
12:38:55.0447 0x0684  VGPU - ok
12:38:55.0463 0x0684  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:38:55.0463 0x0684  vhdmp - ok
12:38:55.0494 0x0684  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:38:55.0494 0x0684  viaide - ok
12:38:55.0525 0x0684  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:38:55.0525 0x0684  vmbus - ok
12:38:55.0541 0x0684  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:38:55.0541 0x0684  VMBusHID - ok
12:38:55.0557 0x0684  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:38:55.0557 0x0684  volmgr - ok
12:38:55.0572 0x0684  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:55.0588 0x0684  volmgrx - ok
12:38:55.0603 0x0684  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:38:55.0603 0x0684  volsnap - ok
12:38:55.0635 0x0684  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:38:55.0635 0x0684  vsmraid - ok
12:38:55.0713 0x0684  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:38:55.0744 0x0684  VSS - ok
12:38:55.0759 0x0684  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:55.0759 0x0684  vwifibus - ok
12:38:55.0791 0x0684  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:55.0791 0x0684  vwififlt - ok
12:38:55.0822 0x0684  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:38:55.0822 0x0684  vwifimp - ok
12:38:55.0837 0x0684  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:55.0853 0x0684  W32Time - ok
12:38:55.0869 0x0684  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:38:55.0869 0x0684  WacomPen - ok
12:38:55.0900 0x0684  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:55.0900 0x0684  WANARP - ok
12:38:55.0900 0x0684  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:55.0915 0x0684  Wanarpv6 - ok
12:38:55.0962 0x0684  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:38:55.0993 0x0684  wbengine - ok
12:38:56.0025 0x0684  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:56.0040 0x0684  WbioSrvc - ok
12:38:56.0040 0x0684  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:56.0056 0x0684  wcncsvc - ok
12:38:56.0071 0x0684  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:56.0071 0x0684  WcsPlugInService - ok
12:38:56.0103 0x0684  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:38:56.0103 0x0684  Wd - ok
12:38:56.0149 0x0684  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:56.0165 0x0684  Wdf01000 - ok
12:38:56.0196 0x0684  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:56.0196 0x0684  WdiServiceHost - ok
12:38:56.0196 0x0684  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:56.0196 0x0684  WdiSystemHost - ok
12:38:56.0212 0x0684  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:56.0212 0x0684  WebClient - ok
12:38:56.0243 0x0684  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:56.0243 0x0684  Wecsvc - ok
12:38:56.0259 0x0684  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:56.0259 0x0684  wercplsupport - ok
12:38:56.0290 0x0684  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:56.0305 0x0684  WerSvc - ok
12:38:56.0321 0x0684  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:56.0321 0x0684  WfpLwf - ok
12:38:56.0337 0x0684  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:56.0337 0x0684  WIMMount - ok
12:38:56.0352 0x0684  WinDefend - ok
12:38:56.0368 0x0684  WinHttpAutoProxySvc - ok
12:38:56.0415 0x0684  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:56.0430 0x0684  Winmgmt - ok
12:38:56.0477 0x0684  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\BatteryCare\WinRing0x64.sys
12:38:56.0477 0x0684  WinRing0_1_2_0 - ok
12:38:56.0571 0x0684  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:56.0602 0x0684  WinRM - ok
12:38:56.0664 0x0684  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:56.0664 0x0684  WinUsb - ok
12:38:56.0711 0x0684  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:56.0727 0x0684  Wlansvc - ok
12:38:56.0758 0x0684  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:38:56.0758 0x0684  WmiAcpi - ok
12:38:56.0789 0x0684  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:56.0789 0x0684  wmiApSrv - ok
12:38:56.0805 0x0684  WMPNetworkSvc - ok
12:38:56.0836 0x0684  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:56.0836 0x0684  WPCSvc - ok
12:38:56.0851 0x0684  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:56.0851 0x0684  WPDBusEnum - ok
12:38:56.0867 0x0684  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:56.0867 0x0684  ws2ifsl - ok
12:38:56.0883 0x0684  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:38:56.0883 0x0684  wscsvc - ok
12:38:56.0883 0x0684  WSearch - ok
12:38:56.0976 0x0684  [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:57.0023 0x0684  wuauserv - ok
12:38:57.0039 0x0684  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:57.0039 0x0684  WudfPf - ok
12:38:57.0070 0x0684  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:57.0070 0x0684  WUDFRd - ok
12:38:57.0101 0x0684  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:57.0101 0x0684  wudfsvc - ok
12:38:57.0117 0x0684  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:57.0117 0x0684  WwanSvc - ok
12:38:57.0288 0x0684  [ 17E44886E695DBC78AC33854BD5EA6D2, BC764274363B8042326042DC0872ED30BDD76C7516FD0BFEB7280FB76B66DED4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
12:38:57.0351 0x0684  ZeroConfigService - ok
12:38:57.0382 0x0684  [ 352437DBA7BCB691397AC60D101B2CC3, AC127B735047DD6B9C2701FBB95B5F7DD2B896C1476D2FA248AE9F7BA1744F38 ] {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64 C:\Windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys
12:38:57.0382 0x0684  {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64 - ok
12:38:57.0429 0x0684  ================ Scan global ===============================
12:38:57.0460 0x0684  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:57.0475 0x0684  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
12:38:57.0491 0x0684  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
12:38:57.0507 0x0684  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:57.0538 0x0684  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:57.0538 0x0684  [ Global ] - ok
12:38:57.0538 0x0684  ================ Scan MBR ==================================
12:38:57.0553 0x0684  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:57.0959 0x0684  \Device\Harddisk0\DR0 - ok
12:38:57.0959 0x0684  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:38:57.0959 0x0684  \Device\Harddisk1\DR1 - ok
12:38:57.0959 0x0684  ================ Scan VBR ==================================
12:38:57.0959 0x0684  [ 8ED59864DF62B904548EDBF0B1654784 ] \Device\Harddisk0\DR0\Partition1
12:38:58.0021 0x0684  \Device\Harddisk0\DR0\Partition1 - ok
12:38:58.0021 0x0684  [ 8044CBBA7D94E0D2EDFAEE6A12A2907A ] \Device\Harddisk0\DR0\Partition2
12:38:58.0099 0x0684  \Device\Harddisk0\DR0\Partition2 - ok
12:38:58.0099 0x0684  [ 08C11C7AEE8A69D1D7C258A45D159760 ] \Device\Harddisk0\DR0\Partition3
12:38:58.0099 0x0684  \Device\Harddisk0\DR0\Partition3 - ok
12:38:58.0099 0x0684  [ 28C0133A2B041992098312F4A4479E81 ] \Device\Harddisk1\DR1\Partition1
12:38:58.0552 0x0684  \Device\Harddisk1\DR1\Partition1 - ok
12:38:58.0552 0x0684  ================ Scan generic autorun ======================
12:38:58.0552 0x0684  Nvtmru - ok
12:38:58.0599 0x0684  [ 9B1D2D8CBEB87B41F0C9A61F7CBFD6D2, 3611850D440709DC5163C942A2C375912F87D838318B26763B878EFEC034B532 ] C:\Windows\system32\hkcmd.exe
12:38:58.0614 0x0684  HotKeysCmds - ok
12:38:58.0864 0x0684  [ 6B5F46E7B2D543E41F976FFF1F4B45E9, D5272AD3F679E199EBAE2D9C506F49A04599FE8E96568C290091AAF18D11C4C3 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
12:38:59.0067 0x0684  Energy Management - ok
12:38:59.0160 0x0684  [ 25A10B3E55C31A5EA93F22D358667967, 96F39D5D167030406F6CF76FF54E90542201A8903295E4658F2D9943726D2A12 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
12:38:59.0176 0x0684  AtherosBtStack - ok
12:38:59.0379 0x0684  [ 30CC998F5A7184EAFC043BEC43CCF82D, DC696C2C236234761B1EC979B8426BFE27E4AA494EE4963A25BC1DDD58B0C1EA ] C:\Windows\RTFTrack.exe
12:38:59.0550 0x0684  RtsFT - ok
12:38:59.0940 0x0684  [ B0666DF6D554879AE8A7C91E26A5972F, 81112CFA81E26C388D36F0472A4983728AFE4C4C04910849AF22C191E206CF39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:39:00.0283 0x0684  RtHDVCpl - ok
12:39:00.0346 0x0684  [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:39:00.0377 0x0684  RtHDVBg_Dolby - ok
12:39:00.0455 0x0684  [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:39:00.0502 0x0684  NvBackend - ok
12:39:00.0517 0x0684  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:39:00.0533 0x0684  ShadowPlay - ok
12:39:00.0564 0x0684  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:39:00.0564 0x0684  SwitchBoard - ok
12:39:00.0767 0x0684  [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
12:39:00.0783 0x0684  IAStorIcon - ok
12:39:00.0845 0x0684  [ 50D1476C84446135A990F4939DC2DC1D, D062F92863E32EC075BD672F3C185CE8C9329F8B679D5508C396131B1DB30EF7 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
12:39:00.0861 0x0684  Dolby Home Theater v4 - ok
12:39:00.0939 0x0684  [ 89D583FC41D48328128A974C25AFAEB7, C5204DA8487D4872A479C81149CAD928A9DD85500FDB9AD5B94AC4BB241F68F2 ] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
12:39:00.0939 0x0684  TkBellExe - ok
12:39:01.0032 0x0684  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
12:39:01.0032 0x0684  VirtualCloneDrive - ok
12:39:01.0344 0x0684  [ 296216E31508EB2143F2388958CBCBC1, 7919817E8C54C9766944D95C9FE0526C932BFC8BAF02E89BE2E068AC431678EC ] C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:01.0375 0x0684  e7b93b397c3976f2e9ec654820857a9d - ok
12:39:01.0672 0x0684  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:39:01.0703 0x0684  Sidebar - ok
12:39:01.0765 0x0684  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:39:01.0781 0x0684  mctadmin - ok
12:39:01.0812 0x0684  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:39:01.0828 0x0684  Sidebar - ok
12:39:01.0828 0x0684  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:39:01.0828 0x0684  mctadmin - ok
12:39:01.0890 0x0684  [ 3DD640321C7AFBCFA322C54616E6C211, 54BDE044CA62BC5DCF026A3A924A54AC891C7F54883893CDC227F3AB21CF3810 ] C:\Program Files (x86)\BatteryCare\BatteryCare.exe
12:39:01.0906 0x0684  BatteryCare - ok
12:39:01.0906 0x0684  SMΔRT-Protection - ok
12:39:02.0062 0x0684  [ 1E2CF357B62A8C8A3AC2B831D68733C5, DF70BB7437BC3437D4AFC9D150FE9CABFD51F929694455C943276AA91D63E672 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
12:39:02.0093 0x0684  Autodesk Sync - ok
12:39:02.0109 0x0684  [ 296216E31508EB2143F2388958CBCBC1, 7919817E8C54C9766944D95C9FE0526C932BFC8BAF02E89BE2E068AC431678EC ] C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:02.0124 0x0684  e7b93b397c3976f2e9ec654820857a9d - ok
12:39:02.0499 0x0684  [ D8C1FBB3D14C3B33A3E374366CAC7F76, 035909B8AD34EE3169F18973F13F22ECCB452FDA029AF55962012C112E34C6AC ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:39:02.0717 0x0684  SUPERAntiSpyware - ok
12:39:02.0717 0x0684  Waiting for KSN requests completion. In queue: 104
12:39:03.0731 0x0684  Waiting for KSN requests completion. In queue: 104
12:39:04.0745 0x0684  Waiting for KSN requests completion. In queue: 104
12:39:05.0572 0x0798  Object required for P2P: [ 296216E31508EB2143F2388958CBCBC1 ] C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:05.0759 0x0684  Waiting for KSN requests completion. In queue: 9
12:39:06.0773 0x0684  Waiting for KSN requests completion. In queue: 9
12:39:07.0787 0x0684  Waiting for KSN requests completion. In queue: 9
12:39:08.0723 0x0798  Object send P2P result: true
12:39:08.0723 0x0798  Object required for P2P: [ 296216E31508EB2143F2388958CBCBC1 ] C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:08.0801 0x0684  Waiting for KSN requests completion. In queue: 8
12:39:09.0815 0x0684  Waiting for KSN requests completion. In queue: 8
12:39:10.0829 0x0684  Waiting for KSN requests completion. In queue: 8
12:39:11.0843 0x0684  Waiting for KSN requests completion. In queue: 8
12:39:11.0859 0x0798  Object send P2P result: true
12:39:12.0857 0x0684  Have new async UDS detects: 2
12:39:12.0857 0x0684  e7b93b397c3976f2e9ec654820857a9d - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:39:12.0904 0x0684  e7b93b397c3976f2e9ec654820857a9d ( UDS:DangerousObject.Multi.Generic ) - infected
12:39:12.0904 0x0684  Force sending object to P2P due to detect: C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:16.0071 0x0684  Object send P2P result: true
12:39:18.0988 0x0684  e7b93b397c3976f2e9ec654820857a9d - detected UDS:DangerousObject.Multi.Generic ( 0 )
12:39:18.0988 0x0684  e7b93b397c3976f2e9ec654820857a9d ( UDS:DangerousObject.Multi.Generic ) - infected
12:39:18.0988 0x0684  Force sending object to P2P due to detect: C:\Users\user\AppData\Local\Temp\IEMonitor.exe
12:39:22.0155 0x0684  Object send P2P result: true
12:39:25.0134 0x0684  Win FW state via NFP2: enabled
12:39:28.0020 0x0684  ============================================================
12:39:28.0020 0x0684  Scan finished
12:39:28.0020 0x0684  ============================================================
12:39:28.0020 0x06a0  Detected object count: 2
12:39:28.0020 0x06a0  Actual detected object count: 2
12:39:33.0792 0x06a0  C:\Users\user\AppData\Local\Temp\IEMonitor.exe - copied to quarantine
12:39:33.0792 0x06a0  HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run:e7b93b397c3976f2e9ec654820857a9d - will be deleted on reboot
12:39:33.0792 0x06a0  C:\Users\user\AppData\Local\Temp\IEMonitor.exe - will be deleted on reboot
12:39:33.0792 0x06a0  e7b93b397c3976f2e9ec654820857a9d ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
12:39:33.0808 0x06a0  C:\Users\user\AppData\Local\Temp\IEMonitor.exe - copied to quarantine
12:39:33.0808 0x06a0  HKU\S-1-5-21-1705878061-1414804657-3023544569-1000\Software\Microsoft\Windows\CurrentVersion\Run:e7b93b397c3976f2e9ec654820857a9d - will be deleted on reboot
12:39:33.0808 0x06a0  C:\Users\user\AppData\Local\Temp\IEMonitor.exe - will be deleted on reboot
12:39:33.0808 0x06a0  e7b93b397c3976f2e9ec654820857a9d ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
12:39:33.0823 0x06a0  KLMD registered as C:\Windows\system32\drivers\83282659.sys
12:39:42.0559 0x0200  Deinitialize success
 

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/20/2014 12:59:48 AM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * System Restore Disabled
 
   [HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
   "DisableConfig" = dword:00000030
 
Checking Windows Service Integrity: 
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Disabled
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 09/20/2014 01:00:34 AM
Execution time: 0 hours(s), 0 minute(s), and 45 seconds(s)
 
 
ComboFix 14-09-18.01 - user 09/20/2014   1:02.1.8 - x64 NETWORK
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8142.6523 [GMT 8:00]
Running from: c:\users\user\Downloads\35.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Config\uninstinethnfd.exe
c:\program files (x86)\Common Files\Config\ver.xml
c:\programdata\Roaming
c:\windows\SysWow64\hfnapi.dll
c:\windows\SysWow64\hfpapi.dll
c:\windows\SysWow64\installd.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Service KMSELDI
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-19 to 2014-09-19  )))))))))))))))))))))))))))))))
.
.
2014-09-19 18:11 . 2014-09-19 18:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-19 16:56 . 2014-09-19 16:56 -------- d-----w- c:\programdata\TorchCrashHandler
2014-09-19 16:54 . 2014-09-19 16:54 -------- d-----w- c:\windows\ERUNT
2014-09-19 04:41 . 2014-09-19 10:20 33512 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-19 04:41 . 2014-09-19 04:41 -------- d-----w- c:\programdata\RogueKiller
2014-09-18 13:18 . 2014-09-19 10:14 -------- d-----w- c:\program files\HitmanPro
2014-09-18 13:17 . 2014-09-18 13:17 -------- d-----w- c:\users\user\AppData\Roaming\RHEng
2014-09-18 13:17 . 2014-09-18 13:17 -------- d-----w- c:\users\user\AppData\Roaming\rmi
2014-09-18 13:15 . 2014-09-19 04:39 -------- d-----w- C:\TDSSKiller_Quarantine
2014-09-16 15:33 . 2014-09-16 15:33 -------- d-----w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com
2014-09-16 15:33 . 2014-09-19 10:35 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-09-16 15:33 . 2014-09-16 15:33 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-09-16 14:36 . 2014-09-16 14:36 -------- d-----w- c:\users\user\AppData\Roaming\GlarySoft
2014-09-16 14:36 . 2014-09-16 14:36 -------- d-----w- c:\users\user\AppData\Roaming\DiskDefrag
2014-09-16 14:34 . 2014-09-19 04:53 -------- d-----w- C:\EEK
2014-09-16 12:48 . 2014-09-16 12:48 687 ----a-w- C:\awhA044.tmp
2014-09-16 12:39 . 2014-09-16 12:39 687 ----a-w- C:\awh9848.tmp
2014-09-16 12:24 . 2014-09-16 12:24 687 ----a-w- C:\awh9F0C.tmp
2014-09-16 12:10 . 2014-09-16 12:10 687 ----a-w- C:\awh5F6D.tmp
2014-09-16 11:55 . 2014-09-16 11:55 687 ----a-w- C:\awhE4C2.tmp
2014-09-16 11:43 . 2014-09-16 11:43 687 ----a-w- C:\awhDA28.tmp
2014-09-16 11:33 . 2014-09-16 11:33 687 ----a-w- C:\awh3A32.tmp
2014-09-16 10:54 . 2014-09-16 10:54 -------- d-----w- c:\users\user\AppData\Roaming\Age of Mythology Extended Edition
2014-09-16 10:48 . 2014-09-16 10:48 687 ----a-w- C:\awh4D64.tmp
2014-09-16 10:37 . 2014-09-16 10:37 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2014-09-16 10:22 . 2014-09-16 11:28 21976 ----a-w- c:\windows\system32\drivers\SPPD.sys
2014-09-16 10:22 . 2014-09-16 10:22 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2014-09-16 10:21 . 2014-09-16 10:21 -------- d-----w- c:\users\user\AppData\Roaming\URSoft
2014-09-16 10:19 . 2014-09-16 10:19 687 ----a-w- C:\awh2683.tmp
2014-09-16 10:04 . 2014-09-16 10:04 687 ----a-w- C:\awh1959.tmp
2014-09-08 13:07 . 2014-09-08 13:07 687 ----a-w- C:\awh3255.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-16 12:02 . 2012-04-24 21:53 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-16 12:02 . 2012-04-24 21:53 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-14 20:41 . 2014-07-14 20:41 687 ----a-w- C:\awhFB26.tmp
2014-07-09 20:57 . 2014-07-09 20:57 687 ----a-w- C:\awhCD4C.tmp
2014-07-09 20:48 . 2014-07-09 20:48 687 ----a-w- C:\awh8FB1.tmp
2014-06-30 20:13 . 2014-06-30 20:13 687 ----a-w- C:\awhA4B6.tmp
2014-06-27 03:59 . 2014-06-29 05:45 61112 ----a-w- c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys
2010-06-02 12:22 . 2010-06-02 12:22 89944 ----a-w- c:\program files\DSETUP.dll
2010-06-02 12:22 . 2010-06-02 12:22 537432 ----a-w- c:\program files\DXSETUP.exe
2010-06-02 12:22 . 2010-06-02 12:22 1801048 ----a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SM?RT-Protection"="c:\program files (x86)\Smadav\SM?RTP.exe" [?]
"BatteryCare"="c:\program files (x86)\BatteryCare\BatteryCare.exe" [2012-03-08 712192]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-09-09 7763736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-25 508656]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys;c:\windows\SYSNATIVE\Drivers\FPSensor.sys [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys;c:\windows\SYSNATIVE\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\BIN\a2ddax64.sys;c:\eek\BIN\a2ddax64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;c:\program files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe;c:\program files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 12:02]
.
2014-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 07:41]
.
2014-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 07:41]
.
2014-09-19 c:\windows\Tasks\ReclaimerResumeInstallLogin_user.job
- c:\users\user\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-16 10:00]
.
2014-09-16 c:\windows\Tasks\ReclaimerResumeInstall_user.job
- c:\users\user\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-16 10:00]
.
2014-09-16 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0354f65f-f861-45a5-b0c4-3504922ea47b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-09-16 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0d025f19-11b7-48d3-8f7d-c13bb8979957.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 12:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 12:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 12:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-12-28 398104]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-09-26 8071680]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-07-16 791200]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-27 12937872]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-07-10 1214608]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.3.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470203638323: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470203731373: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470213035383: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470213334383: NameServer = 127.0.0.1,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470213637393: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470223038393: NameServer = 127.0.0.1,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470233035353: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470233130313: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470233930333: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470243837353: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470253132373: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470253338323: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470263336333: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470263633303: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470263938323: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470273136363: NameServer = 8.8.4.4,192.168.1.1
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470283433313: NameServer = 127.0.0.1,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470283434303: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{541B732E-7F38-4649-96EC-606E1D348601}\24C61636B6245627279702D4F62696C6560284F6473707F6470293039393: NameServer = 122.255.99.236,203.176.144.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - 
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - 
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{8BA85C75-763B-4103-94EB-9470F12FE0F7} - c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
ShellIconOverlayIdentifiers-{CD55129A-B1A1-438E-A425-CEBC7DC684EE} - c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
ShellIconOverlayIdentifiers-{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
SafeBoot-88584728.sys
SafeBoot-98740625.sys
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1705878061-1414804657-3023544569-1000\Software\SecuROM\License information*]
"datasecu"=hex:8f,24,03,90,cf,33,d5,b2,72,fc,12,68,c9,2b,1f,6e,6b,76,df,d6,9a,
   e6,1c,4b,79,2d,b3,61,07,10,8a,68,ad,df,4f,8e,e9,f7,e4,f2,03,a9,63,a6,1f,4a,\
"rkeysecu"=hex:e0,80,db,88,f4,43,ca,4a,3e,f9,33,ba,31,96,3f,27
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-09-20  02:38:38 - machine was rebooted
ComboFix-quarantined-files.txt  2014-09-19 18:38
.
Pre-Run: 207,441,346,560 bytes free
Post-Run: 207,184,818,176 bytes free
.
- - End Of File - - 9F8AD0296C9B040A3E02C59AE57CDBBD
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 3:33:31 AM, on 9/20/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
CHROME: 30.0.1599.101
 
Boot mode: Safe mode with network support
 
Running processes:
C:\Users\user\Downloads\ht.exe
C:\Windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files (x86)\BatteryCare\BatteryCare.exe
O4 - HKCU\..\Run: [SM?RT-Protection] C:\Program Files (x86)\Smadav\SM?RTP.exe rtp
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{541B732E-7F38-4649-96EC-606E1D348601}: NameServer = 8.8.4.4,192.168.1.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
 
--
End of file - 10243 bytes

Edited by hamluis, 19 September 2014 - 03:03 PM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 24 September 2014 - 07:17 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:23 PM

Posted 29 September 2014 - 07:31 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users