Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes blocking access to malicious site IP 66.45.56.109


  • This topic is locked This topic is locked
10 replies to this topic

#1 sailing2016

sailing2016

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 20 September 2014 - 07:06 PM

I have a Samsung Series 9 NP900X3C notebook with an i5 1.7Ghz processor, 4GB RAM and a Samsung 840 EVO 1TB SSD running Windows 8.1 64-bit with all updates current.  A few days ago, my computer started slowing down and locking up a lot.  The task manager showed a lot of Com Surrogate processes running.  I could stop them and they would start up again using all of the processor, RAM an disk assets until the computer crashed.  I installed AVG Zen and Malwarebytes Premium.  A lot of problems were found and deleted.  Everything seemed okay for a few days, now every several minutes, I get a notice from Malwarebytes stating it blocked outbound traffic to malicious website 66.45.56.109.  I've run multiple AVG & Malwarebytes scans and nothing was found.  The Task Manager doesn't show any increased usage of computer assets or excess numbers of processes.  What should I try next?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 20 September 2014 - 08:35 PM

Hello sailing, let's review these logs ...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Shad0WeN

Shad0WeN

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 20 September 2014 - 10:48 PM

Happened to see this thread and just wanted to say I had the same problem recently, though it was on a Windows XP laptop. It sounds like you may have gotten infected by something called Poweliks and there still might be traces of it. It ran numerous instances of COM Surrogate (dllhost.exe in windows/system32 folder) to the point where it was eating up 100% of the CPU time and made the machine extremely unresponsive. I found that if I killed the afforementioned processes in the Task Manager enough times (several) that they seemed to stop launching until the machine was rebooted.
 
Anyway, to make a long story shorter, I ran scans with several different anti-malware programs but not a single one of them resolved it. After struggling with the issue for a couple of days and frustrated that I was not getting anywhere with it, I finally ran Combofix from this site and that's what fixed it (and consequently how I found out what the infection was after having read the scan log). I also went back and checked the log from a previous scan that I had run with MBAM (free version) and it did mention Poweliks although it seems that it didn't actually fix it - or perhaps it regenerated itself before MBAM could do so. Either way it was still a problem. As far as I know that was the only program that I recall picking up any trace of it. I also ran scans with Spybot, Adaware, Super Antispyware, Microsoft Safety Scanner, Trend Micro Housecall, ESET Online scanner, and McAfee Stinger, as well a few tools like TDSSKiller. I'm not telling you this suggesting that you skip ahead in the troubleshooting process though, just that if that's what it is, it may head that way if nothing else is able to fix it. Good luck!
 
MOD EDIT;
Please note the message text in blue at the top of the Am I infected? What do I do? forum. ComboFix logs should not to be posted outside the Virus, Trojan, Spyware, and Malware Removal Logs forums and then only when requested by a Malware Removal Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for general public or personal use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results. If needed, we will direct you to our Malware Removal Preparation Guide. Thank you for using BleepingComputer as your malware removal source.

Edited by boopme, 21 September 2014 - 12:11 PM.


#4 sailing2016

sailing2016
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 20 September 2014 - 11:38 PM

I think I did everything correctly.  I tried posting all of the logs in one post, but I got an error saying the post was too long, so I will break it up into however many posts necessary.  Thank you so much for you assistance.  I look forward to further instructions.

#

boopme, on 20 Sept 2014 - 9:35 PM, said:

Hello sailing, let's review these logs ...

Please download MiniToolBox
, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  •  
  •  

MiniToolBox by Farbar  Version: 21-07-2014
Ran by toddlewis (administrator) on 20-09-2014 at 23:09:38
Running from "C:\Users\toddlewis\Documents\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6235 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_26" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Wi-Fi" address=169.254.134.89 mask=255.255.0.0

popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : pc2015
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hr.cox.net

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : C4-85-08-E3-5B-99
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : C6-85-08-E3-5B-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-42-E2-12-C4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : C4-85-08-E3-5B-9C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : hr.cox.net
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6235
   Physical Address. . . . . . . . . : C4-85-08-E3-5B-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e159:425f:23d1:6da9%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 20, 2014 8:12:03 PM
   Lease Expires . . . . . . . . . . : Sunday, September 21, 2014 8:13:41 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 381977864
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-02-CC-47-50-B7-C3-77-4E-AD
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       68.105.28.11
                                       68.105.29.11
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 50-B7-C3-77-4E-AD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:14af:1863:bb1a:9fc3(Preferred)
   Link-local IPv6 Address . . . . . : fe80::14af:1863:bb1a:9fc3%36(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 603979776
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-02-CC-47-50-B7-C3-77-4E-AD
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hr.cox.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hr.cox.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #21
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4007:803::1000
   74.125.224.68
   74.125.224.69
   74.125.224.70
   74.125.224.71
   74.125.224.72
   74.125.224.73
   74.125.224.78
   74.125.224.64
   74.125.224.65
   74.125.224.66
   74.125.224.67

Pinging google.com [74.125.224.78] with 32 bytes of data:
Reply from 74.125.224.78: bytes=32 time=230ms TTL=50
Reply from 74.125.224.78: bytes=32 time=119ms TTL=50

Ping statistics for 74.125.224.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 119ms, Maximum = 230ms, Average = 174ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
   206.190.36.45
   98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=113ms TTL=52
Reply from 206.190.36.45: bytes=32 time=116ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 113ms, Maximum = 116ms, Average = 114ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 38...c4 85 08 e3 5b 99 ......Microsoft Wi-Fi Direct Virtual Adapter
 37...c6 85 08 e3 5b 98 ......Microsoft Hosted Network Virtual Adapter
  7...00 ff 42 e2 12 c4 ......TAP-Win32 Adapter V9
  6...c4 85 08 e3 5b 9c ......Bluetooth Device (Personal Area Network)
  4...c4 85 08 e3 5b 98 ......Intel® Centrino® Advanced-N 6235
  3...50 b7 c3 77 4e ad ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 36...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #21
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.108    281
    192.168.1.108  255.255.255.255         On-link     192.168.1.108    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.108    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.108    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.108    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 36    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 36    306 2001::/32                On-link
 36    306 2001:0:9d38:6abd:14af:1863:bb1a:9fc3/128
                                    On-link
  4    281 fe80::/64                On-link
 36    306 fe80::/64                On-link
 36    306 fe80::14af:1863:bb1a:9fc3/128
                                    On-link
  4    281 fe80::e159:425f:23d1:6da9/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    281 ff00::/8                 On-link
 36    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/20/2014 11:58:24 AM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (09/20/2014 11:58:24 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (09/20/2014 11:11:07 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17278, time stamp: 0x53eea0c3
Faulting module name: igd10iumd32.dll, version: 10.18.10.3621, time stamp: 0x5376e397
Exception code: 0xc0000005
Fault offset: 0x0007fa4b
Faulting process id: 0x3250
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (09/20/2014 10:09:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17278, time stamp: 0x53eea0c3
Faulting module name: MSHTML.dll, version: 11.0.9600.17278, time stamp: 0x53eebbe7
Exception code: 0xc0000005
Fault offset: 0x001032c5
Faulting process id: 0x3474
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (09/19/2014 00:24:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: acevents.exe, version: 5.0.2.3, time stamp: 0x50c0e115
Faulting module name: ac.smmw.srvctl.sm.dll, version: 7.0.4.3, time stamp: 0x50c1b0b1
Exception code: 0xc0000005
Fault offset: 0x0000000000003ac9
Faulting process id: 0x5bc
Faulting application start time: 0xacevents.exe0
Faulting application path: acevents.exe1
Faulting module path: acevents.exe2
Report Id: acevents.exe3
Faulting package full name: acevents.exe4
Faulting package-relative application ID: acevents.exe5

Error: (09/19/2014 00:19:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: acevents.exe, version: 5.0.2.3, time stamp: 0x50c0e115
Faulting module name: ac.smmw.srvctl.cache.dll, version: 7.0.4.3, time stamp: 0x50c1b24f
Exception code: 0xc0000005
Fault offset: 0x0000000000001fb9
Faulting process id: 0x1b7c
Faulting application start time: 0xacevents.exe0
Faulting application path: acevents.exe1
Faulting module path: acevents.exe2
Report Id: acevents.exe3
Faulting package full name: acevents.exe4
Faulting package-relative application ID: acevents.exe5

Error: (09/19/2014 11:49:18 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4612.  Message ID: [0x2509].

Error: (09/19/2014 11:38:45 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.3.9600.17039 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18a4

Start Time: 01cfd41c91ed1c64

Termination Time: 0

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: e7f53a68-4012-11e4-8251-c48508e35b9c

Faulting package full name:

Faulting package-relative application ID:

Error: (09/19/2014 11:15:54 AM) (Source: ESENT) (User: )
Description: WinMail (6180) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (09/19/2014 11:15:44 AM) (Source: ESENT) (User: )
Description: WinMail (5744) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

System errors:
=============
Error: (09/20/2014 08:11:38 PM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053

Error: (09/20/2014 08:11:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.

Error: (09/20/2014 08:11:11 PM) (Source: Service Control Manager) (User: )
Description: The Acronis Nonstop Backup Service service did not shut down properly after receiving a preshutdown control.

Error: (09/20/2014 08:11:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

Error: (09/20/2014 11:58:00 AM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053

Error: (09/20/2014 11:58:00 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.

Error: (09/20/2014 11:57:33 AM) (Source: Service Control Manager) (User: )
Description: The Acronis Nonstop Backup Service service did not shut down properly after receiving a preshutdown control.

Error: (09/20/2014 11:57:30 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

Error: (09/20/2014 09:52:45 AM) (Source: DCOM) (User: PC2015)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/20/2014 09:52:15 AM) (Source: DCOM) (User: PC2015)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Microsoft Office Sessions:
=========================
Error: (09/20/2014 11:58:24 AM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (09/20/2014 11:58:24 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (09/20/2014 11:11:07 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1727853eea0c3igd10iumd32.dll10.18.10.36215376e397c00000050007fa4b325001cfd4e29c628701C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\igd10iumd32.dll58560aea-40d8-11e4-bf1e-c48508e35b9c

Error: (09/20/2014 10:09:58 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1727853eea0c3MSHTML.dll11.0.9600.1727853eebbe7c0000005001032c5347401cfd4868305f744C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dllcd5a58f1-40cf-11e4-bf1e-c48508e35b9c

Error: (09/19/2014 00:24:48 PM) (Source: Application Error)(User: )
Description: acevents.exe5.0.2.350c0e115ac.smmw.srvctl.sm.dll7.0.4.350c1b0b1c00000050000000000003ac95bc01cfd4263a93494aC:\Program Files\ActivIdentity\ActivClient\acevents.exeC:\Program Files\ActivIdentity\ActivClient\ac.smmw.srvctl.sm.dll792257ad-4019-11e4-bf1e-c48508e35b9c

Error: (09/19/2014 00:19:57 PM) (Source: Application Error)(User: )
Description: acevents.exe5.0.2.350c0e115ac.smmw.srvctl.cache.dll7.0.4.350c1b24fc00000050000000000001fb91b7c01cfd4258ce24e6dC:\Program Files\ActivIdentity\ActivClient\acevents.exeC:\Program Files\ActivIdentity\ActivClient\ac.smmw.srvctl.cache.dllcb99e539-4018-11e4-bf1d-c48508e35b9c

Error: (09/19/2014 11:49:18 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 4612.  Message ID: [0x2509].

Error: (09/19/2014 11:38:45 AM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.3.9600.1703918a401cfd41c91ed1c640C:\WINDOWS\Explorer.EXEe7f53a68-4012-11e4-8251-c48508e35b9c

Error: (09/19/2014 11:15:54 AM) (Source: ESENT)(User: )
Description: WinMail6180WindowsMail0:

Error: (09/19/2014 11:15:44 AM) (Source: ESENT)(User: )
Description: WinMail5744WindowsMail0:

=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
ActivClient x64 (HKLM\...\{9535BA80-061B-4FF9-98E2-3ACE34B51A0E}) (Version: 7.0.1 - ActivIdentity)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG (HKLM\...\AvgZen) (Version: 1.0.329 - AVG Technologies)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4158 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.105 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG Zen (Version: 1.0.329 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Connectify (HKLM\...\Connectify) (Version: 7.0.0.28979 - Connectify)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WorkForce 645 Series Printer Uninstall (HKLM\...\EPSON WorkForce 645 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare X64 11.7.5.7_WHQL (HKLM\...\Elantech) (Version: 11.7.5.7 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flash Movie Player 1.5 (HKLM-x32\...\Flash Movie Player) (Version: 1.5 - Eolsoft)
FMW 1 (Version: 1.0.230 - AVG Technologies) Hidden
Free WMV To MP4 Converter (HKLM-x32\...\{5B8DDC16-42A2-4870-A843-BD0EFE909A6B}) (Version: 1.0.0 - convertaudiofree)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HFSExplorer 0.21 (HKLM-x32\...\HFSExplorer) (Version: 0.21 - Catacombae Software)
HP Officejet 100 Mobile L411 14.0 Rel. 6 (HKLM\...\{10F8981F-4F44-4201-9654-1440AE3FE7FA}) (Version: 14.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
IntelliMemory (HKLM\...\{E93403C5-8A91-4940-89DB-EED69DA6E82E}) (Version: 1.0.30.0 - Condusiv Technologies)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Kernel for OST to PST Evaluation ver 13.05.01 (HKLM-x32\...\Kernel for OST to PST - Evaluation Version_is1) (Version:  - Lepide Software Pvt.Ltd)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
L411 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Help (x32 Version: 1.000.000.000 - Hewlett-Packard) Hidden
L411_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Player Codec Pack 4.2.5 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.5 - Media Player Codec Pack)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
Movavi Screen Capture Studio 5 (HKLM-x32\...\Movavi Screen Capture Studio 5) (Version: 5.2.0 - MOVAVI)
Movavi Video Suite 12 (HKLM-x32\...\Movavi Video Suite 12) (Version: 12.3.0 - Movavi)
Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Ontrack EasyRecovery Home (HKLM-x32\...\{B8686BCF-5181-477F-9CBE-786391011B9C}_is1) (Version: 11.0.2.0 - Kroll Ontrack Inc.)
Ontrack EasyRecovery Professional (HKLM-x32\...\{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1) (Version: 11.0.2.0 - Kroll Ontrack Inc.)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
Punch! Home and Landscape Design Premium (HKLM-x32\...\{F963F4BD-3B68-4401-A18B-B2C6495F4579}) (Version: 17.0.0 - Punch! Software)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.5 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.30 - Samsung Electronics CO., LTD.) Hidden
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{3C578F10-F74F-4655-B2A6-9F88A6C415E8}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
SKTimeStamp (HKLM\...\{AAD52EF2-3EEB-489C-9F93-B0C1EC1D21A8}) (Version: 1.3.3 - Stefans Tools)
Skype Translate (HKCU\...\7e66679bf240e191) (Version: 1.0.0.43 - Skype Translate)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
SuperTintin 1.2.0.18 (HKLM-x32\...\SuperTintin Skype Video Call Recorder_is1) (Version: 1.2.0.18 - IMTiger Technologies Ltd)
Support Center FAQ (x32 Version: 1.0.5 - Samsung Electronics CO., LTD.) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
theRenamer 7.63 (HKLM-x32\...\{55B6344C-AE4F-4DA8-BF32-D7AE0CB4D2BE}_is1) (Version:  - theRenamer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TransMac version 10.5 (HKLM-x32\...\TransMac_is1) (Version: 10.5 - Acute Systems)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIOR_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIOR_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIOR_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0054-0409-1000-0000000FF1CE}_Office14.VISIOR_{916863AF-F18F-40F3-BDA6-FFA38F785A91}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{B1C9F5CF-2EE4-414A-906B-37896B032E8F}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VyprVPN (HKLM-x32\...\VyprVPN 1.4.1.601) (Version: 1.4.1.601 - Golden Frog, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
YTD Video Downloader 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.4 - GreenTree Applications SRL)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3717.53 MB
Available physical RAM: 1128.62 MB
Total Pagefile: 7557.54 MB
Available Pagefile: 4501.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:908.18 GB) (Free:714.45 GB) NTFS

========================= Users: ========================================

User accounts for \\PC2015

Administrator            Guest                    toddlewis               

**** End of log ****



#5 sailing2016

sailing2016
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 20 September 2014 - 11:42 PM

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

.
.23:13:57.0887 0x2798  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:13:57.0887 0x2798  UEFI system
23:14:02.0927 0x2798  ============================================================
23:14:02.0927 0x2798  Current date / time: 2014/09/20 23:14:02.0927
23:14:02.0927 0x2798  SystemInfo:
23:14:02.0927 0x2798 
23:14:02.0927 0x2798  OS Version: 6.3.9600 ServicePack: 0.0
23:14:02.0927 0x2798  Product type: Workstation
23:14:02.0927 0x2798  ComputerName: PC2015
23:14:02.0927 0x2798  UserName: toddlewis
23:14:02.0927 0x2798  Windows directory: C:\WINDOWS
23:14:02.0927 0x2798  System windows directory: C:\WINDOWS
23:14:02.0927 0x2798  Running under WOW64
23:14:02.0927 0x2798  Processor architecture: Intel x64
23:14:02.0927 0x2798  Number of processors: 4
23:14:02.0927 0x2798  Page size: 0x1000
23:14:02.0927 0x2798  Boot type: Normal boot
23:14:02.0927 0x2798  ============================================================
23:14:03.0067 0x2798  KLMD registered as C:\WINDOWS\system32\drivers\95313596.sys
23:14:03.0239 0x2798  System UUID: {237979C9-F740-8204-7180-FB7B57E3B7C7}
23:14:03.0817 0x2798  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:14:03.0817 0x2798  ============================================================
23:14:03.0817 0x2798  \Device\Harddisk0\DR0:
23:14:03.0817 0x2798  GPT partitions:
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA8756D4-0EA2-11E4-BEFC-C3D7268F8546}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BA8756D5-0EA2-11E4-BEFC-C3D7268F8546}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BA8756D6-0EA2-11E4-BEFC-C3D7268F8546}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BA8756D7-0EA2-11E4-BEFC-C3D7268F8546}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x7185C9C3
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0946F0BC-1AF9-4030-B5A6-2DF0185B86B4}, Name: , StartLBA 0x71A2D800, BlocksNum 0xE0800
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA8756D8-0EA2-11E4-BEFC-C3D7268F8546}, Name: Basic data partition, StartLBA 0x71B0E1C3, BlocksNum 0x29F77FF
23:14:03.0817 0x2798  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA8756D9-0EA2-11E4-4173-636C65706975}, Name: Basic data partition, StartLBA 0x745059C2, BlocksNum 0x1FFFFF
23:14:03.0817 0x2798  MBR partitions:
23:14:03.0817 0x2798  ============================================================
23:14:03.0817 0x2798  C: <-> \Device\Harddisk0\DR0\Partition4
23:14:03.0817 0x2798  ============================================================
23:14:03.0817 0x2798  Initialize success
23:14:03.0817 0x2798  ============================================================
23:14:09.0244 0x3540  ============================================================
23:14:09.0244 0x3540  Scan started
23:14:09.0244 0x3540  Mode: Manual;
23:14:09.0244 0x3540  ============================================================
23:14:09.0244 0x3540  KSN ping started
23:14:11.0691 0x3540  KSN ping finished: true
23:14:12.0019 0x3540  ================ Scan system memory ========================
23:14:12.0019 0x3540  System memory - ok
23:14:12.0019 0x3540  ================ Scan services =============================
23:14:12.0082 0x3540  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:14:12.0082 0x3540  1394ohci - ok
23:14:12.0113 0x3540  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:14:12.0113 0x3540  3ware - ok
23:14:12.0129 0x3540  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:14:12.0138 0x3540  ACPI - ok
23:14:12.0138 0x3540  [ A273E88FAC37A4F819ED99FE4B642F4D, 994DC229B7B4379852928DF0B22E8E575AB239FD8904AF580AA36A44ED717CD9 ] acpials         C:\WINDOWS\system32\DRIVERS\acpials.sys
23:14:12.0154 0x3540  acpials - ok
23:14:12.0154 0x3540  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:14:12.0154 0x3540  acpiex - ok
23:14:12.0154 0x3540  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:14:12.0169 0x3540  acpipagr - ok
23:14:12.0169 0x3540  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:14:12.0169 0x3540  AcpiPmi - ok
23:14:12.0169 0x3540  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:14:12.0169 0x3540  acpitime - ok
23:14:12.0216 0x3540  [ 8325369F44A16CE4261CE268818A1F53, FE0B51D6976D5A39146469E046C8AEE7504A4AE9C948CE861371379D100D20CC ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
23:14:12.0263 0x3540  AcrSch2Svc - ok
23:14:12.0263 0x3540  ActivIdentity Shared Store Service - ok
23:14:12.0263 0x3540  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:14:12.0279 0x3540  AdobeARMservice - ok
23:14:12.0310 0x3540  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:14:12.0310 0x3540  AdobeFlashPlayerUpdateSvc - ok
23:14:12.0341 0x3540  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:14:12.0357 0x3540  ADP80XX - ok
23:14:12.0372 0x3540  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
23:14:12.0372 0x3540  AeLookupSvc - ok
23:14:12.0388 0x3540  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\WINDOWS\system32\DRIVERS\afcdp.sys
23:14:12.0404 0x3540  afcdp - ok
23:14:12.0497 0x3540  [ E23A18DE1A4715A225B899143BD38CD7, B18AB314423467B94D72F154804DED69BA4A99AE1349C8383ADBF19186D897C9 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
23:14:12.0591 0x3540  afcdpsrv - ok
23:14:12.0622 0x3540  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:14:12.0622 0x3540  AFD - ok
23:14:12.0638 0x3540  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:14:12.0638 0x3540  agp440 - ok
23:14:12.0638 0x3540  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:14:12.0638 0x3540  ahcache - ok
23:14:12.0654 0x3540  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
23:14:12.0654 0x3540  ALG - ok
23:14:12.0654 0x3540  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:14:12.0669 0x3540  AmdK8 - ok
23:14:12.0669 0x3540  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:14:12.0669 0x3540  AmdPPM - ok
23:14:12.0685 0x3540  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:14:12.0685 0x3540  amdsata - ok
23:14:12.0685 0x3540  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:14:12.0701 0x3540  amdsbs - ok
23:14:12.0701 0x3540  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:14:12.0701 0x3540  amdxata - ok
23:14:12.0716 0x3540  [ B716710EEE22D85EE26FB5EB26FC5C67, 3679071761AB88BEF40437EDB2C9DF71B1722F73FCF05E58D4EB767370366A9E ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
23:14:12.0716 0x3540  AMPPAL - ok
23:14:12.0747 0x3540  [ AD2E254BAFD4354AFDD8E97EE6F4B1CC, 0F9ADD86683619490C4DFE2C026B1F9C1F4A20D8B63F84D4CBE773B8906A6DB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
23:14:12.0763 0x3540  AMPPALR3 - ok
23:14:12.0763 0x3540  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:14:12.0763 0x3540  AppID - ok
23:14:12.0779 0x3540  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:14:12.0779 0x3540  AppIDSvc - ok
23:14:12.0779 0x3540  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:14:12.0779 0x3540  Appinfo - ok
23:14:12.0794 0x3540  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:14:12.0794 0x3540  Apple Mobile Device - ok
23:14:12.0810 0x3540  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:14:12.0826 0x3540  AppReadiness - ok
23:14:12.0857 0x3540  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:14:12.0872 0x3540  AppXSvc - ok
23:14:12.0888 0x3540  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:14:12.0888 0x3540  arcsas - ok
23:14:12.0888 0x3540  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:14:12.0888 0x3540  AsyncMac - ok
23:14:12.0904 0x3540  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:14:12.0904 0x3540  atapi - ok
23:14:12.0904 0x3540  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:14:12.0919 0x3540  AudioEndpointBuilder - ok
23:14:12.0935 0x3540  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:14:12.0951 0x3540  Audiosrv - ok
23:14:12.0966 0x3540  [ 4EB2E8EE8BA47B58E08B67139C31CB41, 196F759A2BC3E978C3FDB1E37E0D40D56D43CB0004D5333E787CD4727A46F06C ] Avgboota        C:\WINDOWS\system32\DRIVERS\avgboota.sys
23:14:12.0966 0x3540  Avgboota - ok
23:14:12.0966 0x3540  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\WINDOWS\system32\DRIVERS\avgdiska.sys
23:14:12.0982 0x3540  Avgdiska - ok
23:14:12.0982 0x3540  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys
23:14:12.0982 0x3540  Avgfwfd - ok
23:14:13.0013 0x3540  [ E37F597220159C0270BD41FA39DDAEFE, 881DC570DD101BCB959616BC117B56C8474C9317B3E7EC378320E6BF41FE8148 ] avgfws          C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
23:14:13.0044 0x3540  avgfws - ok
23:14:13.0122 0x3540  [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
23:14:13.0185 0x3540  AVGIDSAgent - ok
23:14:13.0185 0x3540  [ 22FED6781A6DFC61E99D2BF6260B7F18, 3A37F2FB8264B25491B15B76E1A2DC9570121328F05C2750D0A052FFD125398A ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
23:14:13.0201 0x3540  AVGIDSDriver - ok
23:14:13.0201 0x3540  [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA        C:\WINDOWS\system32\DRIVERS\avgidsha.sys
23:14:13.0216 0x3540  AVGIDSHA - ok
23:14:13.0216 0x3540  [ 48A1BF0F360743C821C04C68FCC3CAC7, E2C760AEB88F3921885761652C5092F630F86C56AADB9A96254E6032A3FEDC8A ] Avgldx64        C:\WINDOWS\system32\DRIVERS\avgldx64.sys
23:14:13.0232 0x3540  Avgldx64 - ok
23:14:13.0232 0x3540  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\WINDOWS\system32\DRIVERS\avgloga.sys
23:14:13.0247 0x3540  Avgloga - ok
23:14:13.0247 0x3540  [ E498AFD92C3DA81209463866BDA7C932, C40767F6BC6F9D10396B969CF38CFC3FC9C9E411CFA9EBA8E8AB3E95AD5E9D27 ] Avgmfx64        C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
23:14:13.0247 0x3540  Avgmfx64 - ok
23:14:13.0263 0x3540  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
23:14:13.0263 0x3540  Avgrkx64 - ok
23:14:13.0294 0x3540  [ 61BC52EA5971DE05C2B533BA2184F13D, 54E8AB23A5F6118236476A7BD01ACC8884278424EB7E6FAFB44258AC48DB54AA ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
23:14:13.0310 0x3540  avgsvc - ok
23:14:13.0310 0x3540  [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
23:14:13.0326 0x3540  avgwd - ok
23:14:13.0326 0x3540  [ ECB7724C8318C54BEFBC9175483B51E4, 6367E1406DD822F7D55815B4DA5B36D3C7A6983F76B92B2ACE163BB109FDFCEF ] Avgwfpa         C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
23:14:13.0341 0x3540  Avgwfpa - ok
23:14:13.0341 0x3540  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:14:13.0357 0x3540  AxInstSV - ok
23:14:13.0372 0x3540  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:14:13.0372 0x3540  b06bdrv - ok
23:14:13.0388 0x3540  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:14:13.0388 0x3540  BasicDisplay - ok
23:14:13.0388 0x3540  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:14:13.0404 0x3540  BasicRender - ok
23:14:13.0404 0x3540  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:14:13.0404 0x3540  bcmfn2 - ok
23:14:13.0419 0x3540  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:14:13.0435 0x3540  BDESVC - ok
23:14:13.0435 0x3540  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:14:13.0435 0x3540  Beep - ok
23:14:13.0451 0x3540  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
23:14:13.0466 0x3540  BFE - ok
23:14:13.0498 0x3540  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
23:14:13.0529 0x3540  BITS - ok
23:14:13.0544 0x3540  [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
23:14:13.0574 0x3540  Bluetooth Device Monitor - ok
23:14:13.0605 0x3540  [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
23:14:13.0621 0x3540  Bluetooth OBEX Service - ok
23:14:13.0637 0x3540  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:14:13.0652 0x3540  Bonjour Service - ok
23:14:13.0652 0x3540  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:14:13.0668 0x3540  bowser - ok
23:14:13.0668 0x3540  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:14:13.0684 0x3540  BrokerInfrastructure - ok
23:14:13.0684 0x3540  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
23:14:13.0684 0x3540  Browser - ok
23:14:13.0699 0x3540  [ 8F7A6409A76914E203423A384A4E1C11, 567D1B456F6457C2D2612D048B7E59C41504565E67BB7F349530249274BF3C3B ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
23:14:13.0699 0x3540  BthA2DP - ok
23:14:13.0699 0x3540  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:14:13.0699 0x3540  BthAvrcpTg - ok
23:14:13.0715 0x3540  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
23:14:13.0715 0x3540  BthEnum - ok
23:14:13.0715 0x3540  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:14:13.0730 0x3540  BthHFEnum - ok
23:14:13.0730 0x3540  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:14:13.0730 0x3540  bthhfhid - ok
23:14:13.0746 0x3540  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
23:14:13.0746 0x3540  BthLEEnum - ok
23:14:13.0746 0x3540  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:14:13.0762 0x3540  BTHMODEM - ok
23:14:13.0762 0x3540  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:14:13.0762 0x3540  BthPan - ok
23:14:13.0793 0x3540  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
23:14:13.0809 0x3540  BTHPORT - ok
23:14:13.0824 0x3540  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:14:13.0824 0x3540  bthserv - ok
23:14:13.0840 0x3540  [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
23:14:13.0840 0x3540  BTHSSecurityMgr - ok
23:14:13.0840 0x3540  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:14:13.0840 0x3540  BTHUSB - ok
23:14:13.0871 0x3540  [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
23:14:13.0902 0x3540  btmhsf - ok
23:14:13.0918 0x3540  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:14:13.0918 0x3540  cdfs - ok
23:14:13.0918 0x3540  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:14:13.0934 0x3540  cdrom - ok
23:14:13.0934 0x3540  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:14:13.0934 0x3540  CertPropSvc - ok
23:14:13.0949 0x3540  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:14:13.0949 0x3540  circlass - ok
23:14:13.0965 0x3540  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:14:13.0965 0x3540  CLFS - ok
23:14:14.0043 0x3540  [ FE0CFEDA0CFC71F1FF0F77E85CA1FE1F, D067024F9110CEEF573152275DAB100943B59A36E58B342B5CC764FC3C917834 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
23:14:14.0090 0x3540  ClickToRunSvc - ok
23:14:14.0121 0x3540  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:14:14.0121 0x3540  CmBatt - ok
23:14:14.0137 0x3540  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:14:14.0152 0x3540  CNG - ok
23:14:14.0152 0x3540  [ 511D4BF6AFC100E79E94418665BE1348, AAB2A96E8C339B1D54E8925910BA43E0642586CB9B44D3AC032EFA98461F389E ] cnnctfy3        C:\WINDOWS\system32\DRIVERS\cnnctfy3.sys
23:14:14.0152 0x3540  cnnctfy3 - ok
23:14:14.0168 0x3540  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
23:14:14.0168 0x3540  CompositeBus - ok
23:14:14.0168 0x3540  COMSysApp - ok
23:14:14.0184 0x3540  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:14:14.0184 0x3540  condrv - ok
23:14:14.0199 0x3540  [ 3EAD02110C361491A1BA1B4FFDAD256C, 087B953D728974E1A63E8FACFDA071455752401E3B83E09B21A5222803BE50EE ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
23:14:14.0215 0x3540  Connectify - ok
23:14:14.0246 0x3540  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:14:14.0246 0x3540  cphs - ok
23:14:14.0293 0x3540  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:14:14.0293 0x3540  CryptSvc - ok
23:14:14.0293 0x3540  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:14:14.0309 0x3540  dam - ok
23:14:14.0324 0x3540  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:14:14.0340 0x3540  DcomLaunch - ok
23:14:14.0355 0x3540  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:14:14.0371 0x3540  defragsvc - ok
23:14:14.0387 0x3540  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:14:14.0387 0x3540  DeviceAssociationService - ok
23:14:14.0402 0x3540  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:14:14.0402 0x3540  DeviceInstall - ok
23:14:14.0418 0x3540  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:14:14.0418 0x3540  Dfsc - ok
23:14:14.0434 0x3540  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:14:14.0449 0x3540  Dhcp - ok
23:14:14.0449 0x3540  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:14:14.0449 0x3540  disk - ok
23:14:14.0465 0x3540  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:14:14.0465 0x3540  dmvsc - ok
23:14:14.0465 0x3540  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:14:14.0480 0x3540  Dnscache - ok
23:14:14.0496 0x3540  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:14:14.0496 0x3540  dot3svc - ok
23:14:14.0512 0x3540  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
23:14:14.0512 0x3540  DPS - ok
23:14:14.0512 0x3540  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:14:14.0512 0x3540  drmkaud - ok
23:14:14.0527 0x3540  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:14:14.0527 0x3540  DsmSvc - ok
23:14:14.0574 0x3540  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:14:14.0605 0x3540  DXGKrnl - ok
23:14:14.0605 0x3540  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:14:14.0605 0x3540  Eaphost - ok
23:14:14.0668 0x3540  [ 4CB40489AA9CDCA9A9DAB55EDA23CD4A, EFF7AF8BDB5313A4AB010425CCBCB184B3C168BA64045EB2B4335A75565DE9D1 ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
23:14:14.0699 0x3540  Easy Launcher - ok
23:14:14.0777 0x3540  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:14:14.0855 0x3540  ebdrv - ok
23:14:14.0855 0x3540  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
23:14:14.0871 0x3540  EFS - ok
23:14:14.0871 0x3540  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:14:14.0871 0x3540  EhStorClass - ok
23:14:14.0887 0x3540  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:14:14.0887 0x3540  EhStorTcgDrv - ok
23:14:14.0887 0x3540  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:14:14.0887 0x3540  ErrDev - ok
23:14:14.0902 0x3540  [ BC8C12D517160E98B06B8EA3E87822F8, CA681326A313029CD4A1E5DB3BFFFAACD292AEF6839430CB3769F7F832C32FDF ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
23:14:14.0918 0x3540  ETD - ok
23:14:14.0918 0x3540  [ 657972AF49751706AB5E19AEA3233B21, EAD2A2721A90D3D661A54DCCD789ACB596A2796E32C66E4E23B27D18419F8B06 ] ETDSMBus        C:\WINDOWS\System32\drivers\ETDSMBus.sys
23:14:14.0918 0x3540  ETDSMBus - ok
23:14:14.0934 0x3540  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
23:14:14.0949 0x3540  EventSystem - ok
23:14:14.0965 0x3540  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:14:14.0996 0x3540  EvtEng - ok
23:14:14.0996 0x3540  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:14:14.0996 0x3540  exfat - ok
23:14:15.0012 0x3540  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:14:15.0027 0x3540  fastfat - ok
23:14:15.0043 0x3540  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:14:15.0059 0x3540  Fax - ok
23:14:15.0074 0x3540  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:14:15.0074 0x3540  fdc - ok
23:14:15.0074 0x3540  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:14:15.0074 0x3540  fdPHost - ok
23:14:15.0090 0x3540  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:14:15.0090 0x3540  FDResPub - ok
23:14:15.0090 0x3540  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:14:15.0105 0x3540  fhsvc - ok
23:14:15.0105 0x3540  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:14:15.0105 0x3540  FileInfo - ok
23:14:15.0121 0x3540  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:14:15.0121 0x3540  Filetrace - ok
23:14:15.0121 0x3540  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:14:15.0121 0x3540  flpydisk - ok
23:14:15.0137 0x3540  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:14:15.0137 0x3540  FltMgr - ok
23:14:15.0152 0x3540  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
23:14:15.0152 0x3540  fltsrv - ok
23:14:15.0184 0x3540  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:14:15.0215 0x3540  FontCache - ok
23:14:15.0230 0x3540  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:14:15.0230 0x3540  FontCache3.0.0.0 - ok
23:14:15.0230 0x3540  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:14:15.0230 0x3540  FsDepends - ok
23:14:15.0246 0x3540  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:14:15.0246 0x3540  Fs_Rec - ok
23:14:15.0262 0x3540  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:14:15.0277 0x3540  fvevol - ok
23:14:15.0277 0x3540  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
23:14:15.0277 0x3540  FxPPM - ok
23:14:15.0293 0x3540  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:14:15.0293 0x3540  gagp30kx - ok
23:14:15.0309 0x3540  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:14:15.0309 0x3540  GEARAspiWDM - ok
23:14:15.0309 0x3540  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:14:15.0309 0x3540  gencounter - ok
23:14:15.0324 0x3540  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:14:15.0324 0x3540  GPIOClx0101 - ok
23:14:15.0355 0x3540  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:14:15.0387 0x3540  gpsvc - ok
23:14:15.0387 0x3540  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:15.0387 0x3540  gupdate - ok
23:14:15.0402 0x3540  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:14:15.0402 0x3540  gupdatem - ok
23:14:15.0418 0x3540  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:14:15.0418 0x3540  HDAudBus - ok
23:14:15.0418 0x3540  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:14:15.0418 0x3540  HidBatt - ok
23:14:15.0434 0x3540  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:14:15.0434 0x3540  HidBth - ok
23:14:15.0434 0x3540  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:14:15.0434 0x3540  hidi2c - ok
23:14:15.0449 0x3540  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:14:15.0449 0x3540  HidIr - ok
23:14:15.0449 0x3540  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:14:15.0449 0x3540  hidserv - ok
23:14:15.0465 0x3540  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:14:15.0465 0x3540  HidUsb - ok
23:14:15.0465 0x3540  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
23:14:15.0480 0x3540  hkmsvc - ok
23:14:15.0480 0x3540  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:14:15.0496 0x3540  HomeGroupListener - ok
23:14:15.0496 0x3540  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:14:15.0512 0x3540  HomeGroupProvider - ok
23:14:15.0512 0x3540  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:14:15.0527 0x3540  HpSAMD - ok
23:14:15.0543 0x3540  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:14:15.0559 0x3540  HTTP - ok
23:14:15.0574 0x3540  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:14:15.0574 0x3540  hwpolicy - ok
23:14:15.0574 0x3540  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:14:15.0574 0x3540  hyperkbd - ok
23:14:15.0590 0x3540  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:14:15.0590 0x3540  HyperVideo - ok
23:14:15.0590 0x3540  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:14:15.0590 0x3540  i8042prt - ok
23:14:15.0606 0x3540  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:14:15.0606 0x3540  iaLPSSi_GPIO - ok
23:14:15.0606 0x3540  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:14:15.0606 0x3540  iaLPSSi_I2C - ok
23:14:15.0627 0x3540  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
23:14:15.0642 0x3540  iaStorA - ok
23:14:15.0658 0x3540  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:14:15.0674 0x3540  iaStorAV - ok
23:14:15.0689 0x3540  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:14:15.0689 0x3540  iaStorV - ok
23:14:15.0705 0x3540  [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
23:14:15.0705 0x3540  iBtFltCoex - ok
23:14:15.0705 0x3540  IEEtwCollectorService - ok
23:14:15.0783 0x3540  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:14:15.0861 0x3540  igfx - ok
23:14:15.0877 0x3540  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
23:14:15.0877 0x3540  igfxCUIService1.0.0.0 - ok
23:14:15.0908 0x3540  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:14:15.0924 0x3540  IKEEXT - ok
23:14:15.0939 0x3540  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:14:15.0939 0x3540  intaud_WaveExtensible - ok
23:14:16.0017 0x3540  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:14:16.0096 0x3540  IntcAzAudAddService - ok
23:14:16.0111 0x3540  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:14:16.0127 0x3540  IntcDAud - ok
23:14:16.0142 0x3540  [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel® Wireless Bluetooth® 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
23:14:16.0142 0x3540  Intel® Wireless Bluetooth® 4.0 Radio Management - ok
23:14:16.0142 0x3540  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:14:16.0142 0x3540  intelide - ok
23:14:16.0158 0x3540  [ 0AFFDA81FB61B135F47027C531F8CB8B, 304353751C844CFFC12C231B6485FD5BE6A126B99F04D4C465FB551AFA940E16 ] IntelliMemory   C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
23:14:16.0158 0x3540  IntelliMemory - ok
23:14:16.0158 0x3540  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:14:16.0158 0x3540  intelpep - ok
23:14:16.0174 0x3540  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:14:16.0174 0x3540  intelppm - ok
23:14:16.0174 0x3540  [ 713852A365DFE74C80AD4D95FB716B72, 9753EB8C5DF78C2D8EE106F92AB33FD54711CBE76410100FED73382066C9373D ] intmfs          C:\WINDOWS\system32\DRIVERS\intmfs.sys
23:14:16.0189 0x3540  intmfs - ok
23:14:16.0189 0x3540  [ 8BA1A76C3B46B1EC41C063DC8F73AF75, 0951080FB6706F5763CF9FD9DE83E7DC577DB1C920E2371D16EC813A87D906AE ] intmsd          C:\WINDOWS\system32\DRIVERS\intmsd.sys
23:14:16.0189 0x3540  intmsd - ok
23:14:16.0205 0x3540  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:14:16.0205 0x3540  IpFilterDriver - ok
23:14:16.0236 0x3540  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:14:16.0252 0x3540  iphlpsvc - ok
23:14:16.0267 0x3540  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:14:16.0267 0x3540  IPMIDRV - ok
23:14:16.0267 0x3540  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:14:16.0267 0x3540  IPNAT - ok
23:14:16.0299 0x3540  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:14:16.0314 0x3540  iPod Service - ok
23:14:16.0314 0x3540  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:14:16.0314 0x3540  IRENUM - ok
23:14:16.0330 0x3540  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:14:16.0330 0x3540  isapnp - ok
23:14:16.0346 0x3540  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:14:16.0346 0x3540  iScsiPrt - ok
23:14:16.0346 0x3540  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:14:16.0361 0x3540  iwdbus - ok
23:14:16.0361 0x3540  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:14:16.0361 0x3540  kbdclass - ok
23:14:16.0377 0x3540  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:14:16.0377 0x3540  kbdhid - ok
23:14:16.0377 0x3540  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:14:16.0377 0x3540  kdnic - ok
23:14:16.0393 0x3540  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:14:16.0393 0x3540  KeyIso - ok
23:14:16.0393 0x3540  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:14:16.0393 0x3540  KSecDD - ok
23:14:16.0408 0x3540  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:14:16.0408 0x3540  KSecPkg - ok
23:14:16.0424 0x3540  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:14:16.0424 0x3540  ksthunk - ok
23:14:16.0439 0x3540  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:14:16.0439 0x3540  KtmRm - ok
23:14:16.0455 0x3540  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:14:16.0471 0x3540  LanmanServer - ok
23:14:16.0471 0x3540  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:14:16.0486 0x3540  LanmanWorkstation - ok
23:14:16.0502 0x3540  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
23:14:16.0518 0x3540  lfsvc - ok
23:14:16.0518 0x3540  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:14:16.0518 0x3540  lltdio - ok
23:14:16.0533 0x3540  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:14:16.0533 0x3540  lltdsvc - ok
23:14:16.0549 0x3540  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:14:16.0549 0x3540  lmhosts - ok
23:14:16.0549 0x3540  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:14:16.0564 0x3540  LSI_SAS - ok
23:14:16.0564 0x3540  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:14:16.0564 0x3540  LSI_SAS2 - ok
23:14:16.0580 0x3540  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:14:16.0580 0x3540  LSI_SAS3 - ok
23:14:16.0580 0x3540  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:14:16.0580 0x3540  LSI_SSS - ok
23:14:16.0596 0x3540  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
23:14:16.0611 0x3540  LSM - ok
23:14:16.0627 0x3540  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:14:16.0627 0x3540  luafv - ok
23:14:16.0643 0x3540  [ FA8C097DF2323BB9754AB78F356B3210, 97C0DBF2A80E4A02925A7D371B2D215E28EE06E34C0A70AFE5FA2F22A00BDE01 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:14:16.0643 0x3540  MBAMProtector - ok
23:14:16.0674 0x3540  [ 27AE89868F121E1410576208E701FF3F, 2B1DB57C132AAAE6E7B72D4A00D28F7F4DF2F6356090F5A33DFB43A43A344F50 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
23:14:16.0705 0x3540  MBAMScheduler - ok
23:14:16.0736 0x3540  [ ECFB4F401FF8EEFC4FD0142A71F2449D, AE975B07FE69C7F598D4EFE4C575DEC6277D47D17001EDCF7D2216F559C78454 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
23:14:16.0752 0x3540  MBAMService - ok
23:14:16.0752 0x3540  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
23:14:16.0752 0x3540  MBAMSwissArmy - ok
23:14:16.0768 0x3540  [ F9162DB8016E5E3A5A5434DE9071FC45, 1998E5F82BBE861269F7DD522A7A2BE4B5AA21674C6B40AD68BBFADEFFF32070 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:14:16.0768 0x3540  MBAMWebAccessControl - ok
23:14:16.0768 0x3540  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:14:16.0768 0x3540  megasas - ok
23:14:16.0799 0x3540  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:14:16.0799 0x3540  megasr - ok
23:14:16.0814 0x3540  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
23:14:16.0814 0x3540  MEIx64 - ok
23:14:16.0814 0x3540  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
23:14:16.0814 0x3540  MMCSS - ok
23:14:16.0830 0x3540  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:14:16.0830 0x3540  Modem - ok
23:14:16.0830 0x3540  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:14:16.0830 0x3540  monitor - ok
23:14:16.0846 0x3540  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:14:16.0846 0x3540  mouclass - ok
23:14:16.0846 0x3540  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:14:16.0846 0x3540  mouhid - ok
23:14:16.0861 0x3540  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:14:16.0861 0x3540  mountmgr - ok
23:14:16.0861 0x3540  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:14:16.0861 0x3540  mpsdrv - ok
23:14:16.0893 0x3540  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:14:16.0908 0x3540  MpsSvc - ok
23:14:16.0908 0x3540  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:14:16.0924 0x3540  MRxDAV - ok
23:14:16.0939 0x3540  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:14:16.0939 0x3540  mrxsmb - ok
23:14:16.0955 0x3540  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:14:16.0955 0x3540  mrxsmb10 - ok
23:14:16.0971 0x3540  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:14:16.0971 0x3540  mrxsmb20 - ok
23:14:16.0971 0x3540  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
23:14:16.0986 0x3540  MsBridge - ok
23:14:16.0986 0x3540  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:14:16.0986 0x3540  MSDTC - ok
23:14:17.0002 0x3540  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:14:17.0002 0x3540  Msfs - ok
23:14:17.0002 0x3540  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:14:17.0018 0x3540  msgpiowin32 - ok
23:14:17.0018 0x3540  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:14:17.0018 0x3540  mshidkmdf - ok
23:14:17.0018 0x3540  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:14:17.0018 0x3540  mshidumdf - ok
23:14:17.0033 0x3540  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:14:17.0033 0x3540  msisadrv - ok
23:14:17.0033 0x3540  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:14:17.0049 0x3540  MSiSCSI - ok
23:14:17.0049 0x3540  msiserver - ok
23:14:17.0064 0x3540  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:14:17.0064 0x3540  MSKSSRV - ok
23:14:17.0064 0x3540  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:14:17.0064 0x3540  MsLldp - ok
23:14:17.0080 0x3540  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:14:17.0080 0x3540  MSPCLOCK - ok
23:14:17.0080 0x3540  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:14:17.0080 0x3540  MSPQM - ok
23:14:17.0096 0x3540  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:14:17.0111 0x3540  MsRPC - ok
23:14:17.0127 0x3540  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:14:17.0127 0x3540  mssmbios - ok
23:14:17.0127 0x3540  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:14:17.0127 0x3540  MSTEE - ok
23:14:17.0143 0x3540  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:14:17.0143 0x3540  MTConfig - ok
23:14:17.0143 0x3540  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:14:17.0143 0x3540  Mup - ok
23:14:17.0158 0x3540  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:14:17.0158 0x3540  mvumis - ok
23:14:17.0174 0x3540  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:14:17.0174 0x3540  MyWiFiDHCPDNS - ok
23:14:17.0189 0x3540  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
23:14:17.0205 0x3540  napagent - ok
23:14:17.0221 0x3540  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:14:17.0236 0x3540  NativeWifiP - ok
23:14:17.0236 0x3540  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:14:17.0252 0x3540  NcaSvc - ok
23:14:17.0252 0x3540  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:14:17.0268 0x3540  NcbService - ok
23:14:17.0268 0x3540  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:14:17.0268 0x3540  NcdAutoSetup - ok
23:14:17.0299 0x3540  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:14:17.0330 0x3540  NDIS - ok
23:14:17.0330 0x3540  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:14:17.0330 0x3540  NdisCap - ok
23:14:17.0346 0x3540  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:14:17.0346 0x3540  NdisImPlatform - ok
23:14:17.0346 0x3540  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:14:17.0346 0x3540  NdisTapi - ok
23:14:17.0361 0x3540  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:14:17.0361 0x3540  Ndisuio - ok
23:14:17.0361 0x3540  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:14:17.0361 0x3540  NdisVirtualBus - ok
23:14:17.0377 0x3540  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:14:17.0377 0x3540  NdisWan - ok
23:14:17.0393 0x3540  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:14:17.0393 0x3540  NdisWanLegacy - ok
23:14:17.0393 0x3540  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:14:17.0393 0x3540  NDProxy - ok
23:14:17.0408 0x3540  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:14:17.0408 0x3540  Ndu - ok
23:14:17.0424 0x3540  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
23:14:17.0424 0x3540  Net Driver HPZ12 - ok
23:14:17.0424 0x3540  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:14:17.0424 0x3540  NetBIOS - ok
23:14:17.0440 0x3540  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:14:17.0440 0x3540  NetBT - ok
23:14:17.0455 0x3540  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:14:17.0455 0x3540  Netlogon - ok
23:14:17.0455 0x3540  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
23:14:17.0471 0x3540  Netman - ok
23:14:17.0486 0x3540  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:14:17.0502 0x3540  netprofm - ok
23:14:17.0502 0x3540  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:14:17.0518 0x3540  NetTcpPortSharing - ok
23:14:17.0518 0x3540  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
23:14:17.0518 0x3540  netvsc - ok
23:14:17.0596 0x3540  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
23:14:17.0658 0x3540  NETwNe64 - ok
23:14:17.0679 0x3540  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:14:17.0694 0x3540  NlaSvc - ok
23:14:17.0694 0x3540  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:14:17.0694 0x3540  Npfs - ok
23:14:17.0694 0x3540  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:14:17.0694 0x3540  npsvctrig - ok
23:14:17.0710 0x3540  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:14:17.0710 0x3540  nsi - ok
23:14:17.0710 0x3540  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:14:17.0726 0x3540  nsiproxy - ok
23:14:17.0773 0x3540  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:14:17.0804 0x3540  Ntfs - ok
23:14:17.0804 0x3540  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:14:17.0804 0x3540  Null - ok
23:14:17.0819 0x3540  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:14:17.0819 0x3540  nvraid - ok
23:14:17.0835 0x3540  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:14:17.0835 0x3540  nvstor - ok
23:14:17.0835 0x3540  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:14:17.0851 0x3540  nv_agp - ok
23:14:17.0851 0x3540  [ EC322186D8FCE3D632F3F597D67747DD, 3011E02C695B006EF9A82ACC030953B9BEA6CE9AD28D63E4AA7FB4CC14F05CF2 ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
23:14:17.0851 0x3540  OpenVPNService - ok
23:14:17.0866 0x3540  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:14:17.0866 0x3540  ose64 - ok
23:14:17.0976 0x3540  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:14:18.0085 0x3540  osppsvc - ok
23:14:18.0101 0x3540  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:14:18.0116 0x3540  p2pimsvc - ok
23:14:18.0132 0x3540  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:14:18.0132 0x3540  p2psvc - ok
23:14:18.0148 0x3540  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:14:18.0148 0x3540  Parport - ok
23:14:18.0148 0x3540  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:14:18.0163 0x3540  partmgr - ok
23:14:18.0179 0x3540  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:14:18.0179 0x3540  PcaSvc - ok
23:14:18.0194 0x3540  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:14:18.0194 0x3540  pci - ok
23:14:18.0210 0x3540  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:14:18.0210 0x3540  pciide - ok
23:14:18.0210 0x3540  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:14:18.0210 0x3540  pcmcia - ok
23:14:18.0226 0x3540  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:14:18.0226 0x3540  pcw - ok
23:14:18.0226 0x3540  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:14:18.0226 0x3540  pdc - ok
23:14:18.0257 0x3540  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:14:18.0273 0x3540  PEAUTH - ok
23:14:18.0288 0x3540  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:14:18.0288 0x3540  PerfHost - ok
23:14:18.0335 0x3540  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
23:14:18.0366 0x3540  pla - ok
23:14:18.0366 0x3540  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:14:18.0366 0x3540  PlugPlay - ok
23:14:18.0382 0x3540  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
23:14:18.0382 0x3540  Pml Driver HPZ12 - ok
23:14:18.0382 0x3540  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:14:18.0398 0x3540  PNRPAutoReg - ok
23:14:18.0413 0x3540  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:14:18.0413 0x3540  PNRPsvc - ok
23:14:18.0429 0x3540  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:14:18.0444 0x3540  PolicyAgent - ok
23:14:18.0444 0x3540  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
23:14:18.0444 0x3540  Power - ok
23:14:18.0460 0x3540  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:14:18.0460 0x3540  PptpMiniport - ok
23:14:18.0538 0x3540  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:14:18.0585 0x3540  PrintNotify - ok
23:14:18.0601 0x3540  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:14:18.0601 0x3540  Processor - ok
23:14:18.0616 0x3540  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:14:18.0616 0x3540  ProfSvc - ok
23:14:18.0632 0x3540  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
23:14:18.0632 0x3540  Psched - ok
23:14:18.0632 0x3540  [ 19370F973CBEBE1680ECA9AE4A5AB7E1, AECFF5B7C9C8D297B27878E8D7BDA76ED5CB068F427BC3B29E87AB043D92E86C ] qrkis           C:\WINDOWS\system32\DRIVERS\qrkis.sys
23:14:18.0632 0x3540  qrkis - ok
23:14:18.0648 0x3540  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:14:18.0648 0x3540  QWAVE - ok
23:14:18.0663 0x3540  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:14:18.0679 0x3540  QWAVEdrv - ok
23:14:18.0679 0x3540  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\WINDOWS\System32\drivers\RadioHIDMini.sys
23:14:18.0695 0x3540  RadioHIDMini - ok
23:14:18.0695 0x3540  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:14:18.0695 0x3540  RasAcd - ok
23:14:18.0710 0x3540  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
23:14:18.0710 0x3540  RasAgileVpn - ok
23:14:18.0726 0x3540  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:14:18.0726 0x3540  RasAuto - ok
23:14:18.0726 0x3540  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:14:18.0741 0x3540  Rasl2tp - ok
23:14:18.0757 0x3540  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:14:18.0773 0x3540  RasMan - ok
23:14:18.0773 0x3540  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:14:18.0773 0x3540  RasPppoe - ok
23:14:18.0788 0x3540  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
23:14:18.0788 0x3540  RasSstp - ok
23:14:18.0804 0x3540  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:14:18.0820 0x3540  rdbss - ok
23:14:18.0820 0x3540  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:14:18.0820 0x3540  rdpbus - ok
23:14:18.0836 0x3540  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:14:18.0836 0x3540  RDPDR - ok
23:14:18.0851 0x3540  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:14:18.0851 0x3540  RdpVideoMiniport - ok
23:14:18.0867 0x3540  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:14:18.0867 0x3540  rdyboost - ok
23:14:18.0898 0x3540  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:14:18.0914 0x3540  ReFS - ok
23:14:18.0929 0x3540  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:14:18.0929 0x3540  RegSrvc - ok
23:14:18.0929 0x3540  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:14:18.0945 0x3540  RemoteAccess - ok
23:14:18.0945 0x3540  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:14:18.0961 0x3540  RemoteRegistry - ok
23:14:18.0961 0x3540  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
23:14:18.0976 0x3540  RFCOMM - ok
23:14:18.0976 0x3540  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:14:18.0976 0x3540  RpcEptMapper - ok
23:14:18.0992 0x3540  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:14:18.0992 0x3540  RpcLocator - ok
23:14:19.0007 0x3540  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:14:19.0023 0x3540  RpcSs - ok
23:14:19.0039 0x3540  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:14:19.0039 0x3540  rspndr - ok
23:14:19.0054 0x3540  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:14:19.0070 0x3540  RTL8168 - ok
23:14:19.0070 0x3540  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:14:19.0070 0x3540  s3cap - ok
23:14:19.0070 0x3540  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:14:19.0086 0x3540  SamSs - ok
23:14:19.0086 0x3540  [ 2C31378A5695526E99ADAB928157B992, 4F267E8EE8FED8BE088E95A775A59030A525C3CBF6F88542A50FE43EB0340BA0 ] Samsung UPD Service2 C:\windows\System32\SUPDSvc2.exe
23:14:19.0101 0x3540  Samsung UPD Service2 - ok
23:14:19.0101 0x3540  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:14:19.0101 0x3540  sbp2port - ok
23:14:19.0117 0x3540  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:14:19.0117 0x3540  SCardSvr - ok
23:14:19.0133 0x3540  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:14:19.0133 0x3540  ScDeviceEnum - ok
23:14:19.0133 0x3540  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:14:19.0148 0x3540  scfilter - ok
23:14:19.0164 0x3540  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:14:19.0195 0x3540  Schedule - ok
23:14:19.0211 0x3540  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:14:19.0211 0x3540  SCPolicySvc - ok
23:14:19.0211 0x3540  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:14:19.0226 0x3540  sdbus - ok
23:14:19.0226 0x3540  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:14:19.0226 0x3540  sdstor - ok
23:14:19.0242 0x3540  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
23:14:19.0242 0x3540  secdrv - ok
23:14:19.0242 0x3540  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:14:19.0242 0x3540  seclogon - ok
23:14:19.0258 0x3540  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
23:14:19.0258 0x3540  SENS - ok
23:14:19.0273 0x3540  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsAlsDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:14:19.0273 0x3540  SensorsAlsDriver - ok
23:14:19.0289 0x3540  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:14:19.0289 0x3540  SensrSvc - ok
23:14:19.0304 0x3540  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:14:19.0304 0x3540  SerCx - ok
23:14:19.0304 0x3540  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:14:19.0320 0x3540  SerCx2 - ok
23:14:19.0320 0x3540  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:14:19.0320 0x3540  Serenum - ok
23:14:19.0320 0x3540  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:14:19.0336 0x3540  Serial - ok
23:14:19.0336 0x3540  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:14:19.0336 0x3540  sermouse - ok
23:14:19.0351 0x3540  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:14:19.0367 0x3540  SessionEnv - ok
23:14:19.0367 0x3540  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:14:19.0367 0x3540  sfloppy - ok
23:14:19.0383 0x3540  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:14:19.0398 0x3540  SharedAccess - ok
23:14:19.0414 0x3540  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:14:19.0429 0x3540  ShellHWDetection - ok
23:14:19.0429 0x3540  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:14:19.0429 0x3540  SiSRaid2 - ok
23:14:19.0445 0x3540  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:14:19.0445 0x3540  SiSRaid4 - ok
23:14:19.0445 0x3540  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:14:19.0445 0x3540  SkypeUpdate - ok
23:14:19.0461 0x3540  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
23:14:19.0461 0x3540  smphost - ok
23:14:19.0476 0x3540  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
23:14:19.0492 0x3540  snapman - ok
23:14:19.0492 0x3540  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:14:19.0492 0x3540  SNMPTRAP - ok
23:14:19.0508 0x3540  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:14:19.0523 0x3540  spaceport - ok
23:14:19.0523 0x3540  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:14:19.0523 0x3540  SpbCx - ok
23:14:19.0539 0x3540  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:14:19.0570 0x3540  Spooler - ok
23:14:19.0682 0x3540  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:14:19.0791 0x3540  sppsvc - ok
23:14:19.0807 0x3540  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:14:19.0823 0x3540  srv - ok
23:14:19.0838 0x3540  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:14:19.0854 0x3540  srv2 - ok
23:14:19.0854 0x3540  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:14:19.0869 0x3540  srvnet - ok
23:14:19.0869 0x3540  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:14:19.0885 0x3540  SSDPSRV - ok
23:14:19.0885 0x3540  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:14:19.0901 0x3540  SstpSvc - ok
23:14:19.0901 0x3540  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:14:19.0901 0x3540  stexstor - ok
23:14:19.0916 0x3540  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:14:19.0932 0x3540  stisvc - ok
23:14:19.0948 0x3540  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:14:19.0948 0x3540  storahci - ok
23:14:19.0948 0x3540  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
23:14:19.0948 0x3540  storflt - ok
23:14:19.0963 0x3540  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:14:19.0963 0x3540  stornvme - ok
23:14:19.0963 0x3540  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:14:19.0963 0x3540  StorSvc - ok
23:14:19.0979 0x3540  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:14:19.0979 0x3540  storvsc - ok
23:14:19.0979 0x3540  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:14:19.0979 0x3540  svsvc - ok
23:14:19.0994 0x3540  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:14:19.0994 0x3540  swenum - ok
23:14:20.0010 0x3540  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
23:14:20.0026 0x3540  swprv - ok
23:14:20.0198 0x3540  [ 0882D89CD2FF3F4DA04FB76289204235, C9FACE631AC1EED5BF878A31A7D3D4C672408B2182A07ACE88388C8540926E3C ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
23:14:20.0338 0x3540  syncagentsrv - ok
23:14:20.0370 0x3540  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:14:20.0401 0x3540  SysMain - ok
23:14:20.0416 0x3540  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:14:20.0416 0x3540  SystemEventsBroker - ok
23:14:20.0432 0x3540  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:14:20.0432 0x3540  TabletInputService - ok
23:14:20.0448 0x3540  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
23:14:20.0448 0x3540  tap0901 - ok
23:14:20.0463 0x3540  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:14:20.0463 0x3540  TapiSrv - ok
23:14:20.0526 0x3540  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:14:20.0573 0x3540  Tcpip - ok
23:14:20.0651 0x3540  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:14:20.0698 0x3540  TCPIP6 - ok
23:14:20.0713 0x3540  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:14:20.0713 0x3540  tcpipreg - ok
23:14:20.0745 0x3540  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\WINDOWS\system32\DRIVERS\tdrpman.sys
23:14:20.0776 0x3540  tdrpman - ok
23:14:20.0791 0x3540  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:14:20.0791 0x3540  tdx - ok
23:14:20.0791 0x3540  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:14:20.0791 0x3540  terminpt - ok
23:14:20.0823 0x3540  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:14:20.0838 0x3540  TermService - ok
23:14:20.0854 0x3540  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:14:20.0854 0x3540  Themes - ok
23:14:20.0854 0x3540  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
23:14:20.0870 0x3540  THREADORDER - ok
23:14:20.0901 0x3540  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\WINDOWS\system32\DRIVERS\tib.sys
23:14:20.0916 0x3540  tib - ok
23:14:20.0932 0x3540  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
23:14:20.0948 0x3540  tib_mounter - ok
23:14:20.0948 0x3540  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:14:20.0963 0x3540  TimeBroker - ok
23:14:20.0963 0x3540  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
23:14:20.0979 0x3540  TPM - ok
23:14:20.0979 0x3540  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:14:20.0979 0x3540  TrkWks - ok
23:14:20.0995 0x3540  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:14:20.0995 0x3540  TrustedInstaller - ok
23:14:20.0995 0x3540  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:14:20.0995 0x3540  TsUsbFlt - ok
23:14:21.0010 0x3540  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:14:21.0010 0x3540  TsUsbGD - ok
23:14:21.0057 0x3540  [ 7877F0B809E078C05BBCE27A526FF06D, A883D59D711F3027D155BFF93D3BEFC15D5F01D12D2621507B2699AB5B1117A2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
23:14:21.0104 0x3540  TuneUp.UtilitiesSvc - ok
23:14:21.0120 0x3540  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
23:14:21.0120 0x3540  TuneUpUtilitiesDrv - ok
23:14:21.0120 0x3540  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:14:21.0135 0x3540  tunnel - ok
23:14:21.0135 0x3540  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:14:21.0135 0x3540  uagp35 - ok
23:14:21.0135 0x3540  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:14:21.0151 0x3540  UASPStor - ok
23:14:21.0151 0x3540  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
23:14:21.0151 0x3540  UCX01000 - ok
23:14:21.0166 0x3540  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:14:21.0182 0x3540  udfs - ok
23:14:21.0182 0x3540  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:14:21.0182 0x3540  UEFI - ok
23:14:21.0198 0x3540  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:14:21.0198 0x3540  UI0Detect - ok
23:14:21.0198 0x3540  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:14:21.0198 0x3540  uliagpkx - ok
23:14:21.0213 0x3540  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:14:21.0219 0x3540  umbus - ok
23:14:21.0219 0x3540  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:14:21.0219 0x3540  UmPass - ok
23:14:21.0235 0x3540  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:14:21.0235 0x3540  UmRdpService - ok
23:14:21.0250 0x3540  [ CC27F3B8997B9E3B53A53C472CA2894D, CBB0AE0D8670D8E8849AD7DCED1C8362A343090C357DC312A201EF94C3BE6F62 ] Update service  C:\Program Files (x86)\Popcorn Time\Updater.exe
23:14:21.0250 0x3540  Update service - ok
23:14:21.0266 0x3540  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:14:21.0282 0x3540  upnphost - ok
23:14:21.0282 0x3540  [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
23:14:21.0282 0x3540  usb3Hub - ok
23:14:21.0297 0x3540  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
23:14:21.0297 0x3540  USBAAPL64 - ok
23:14:21.0297 0x3540  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:14:21.0297 0x3540  usbccgp - ok
23:14:21.0313 0x3540  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:14:21.0313 0x3540  usbcir - ok
23:14:21.0328 0x3540  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:14:21.0328 0x3540  usbehci - ok
23:14:21.0344 0x3540  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:14:21.0344 0x3540  usbhub - ok
23:14:21.0360 0x3540  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:14:21.0375 0x3540  USBHUB3 - ok
23:14:21.0375 0x3540  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:14:21.0375 0x3540  usbohci - ok
23:14:21.0391 0x3540  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:14:21.0391 0x3540  usbprint - ok
23:14:21.0391 0x3540  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:14:21.0407 0x3540  USBSTOR - ok
23:14:21.0407 0x3540  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:14:21.0407 0x3540  usbuhci - ok
23:14:21.0422 0x3540  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:14:21.0422 0x3540  usbvideo - ok
23:14:21.0438 0x3540  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:14:21.0438 0x3540  USBXHCI - ok
23:14:21.0453 0x3540  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:14:21.0453 0x3540  VaultSvc - ok
23:14:21.0453 0x3540  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:14:21.0453 0x3540  vdrvroot - ok
23:14:21.0485 0x3540  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
23:14:21.0516 0x3540  vds - ok
23:14:21.0516 0x3540  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:14:21.0532 0x3540  VerifierExt - ok
23:14:21.0547 0x3540  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:14:21.0551 0x3540  vhdmp - ok
23:14:21.0566 0x3540  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
23:14:21.0566 0x3540  viaide - ok
23:14:21.0566 0x3540  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:14:21.0566 0x3540  vmbus - ok
23:14:21.0582 0x3540  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:14:21.0582 0x3540  VMBusHID - ok
23:14:21.0597 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:14:21.0597 0x3540  vmicguestinterface - ok
23:14:21.0613 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:14:21.0628 0x3540  vmicheartbeat - ok
23:14:21.0644 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:14:21.0644 0x3540  vmickvpexchange - ok
23:14:21.0660 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:14:21.0675 0x3540  vmicrdv - ok
23:14:21.0691 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:14:21.0691 0x3540  vmicshutdown - ok
23:14:21.0707 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:14:21.0722 0x3540  vmictimesync - ok
23:14:21.0722 0x3540  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:14:21.0738 0x3540  vmicvss - ok
23:14:21.0738 0x3540  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:14:21.0753 0x3540  volmgr - ok
23:14:21.0753 0x3540  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:14:21.0769 0x3540  volmgrx - ok
23:14:21.0785 0x3540  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:14:21.0785 0x3540  volsnap - ok
23:14:21.0785 0x3540  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:14:21.0800 0x3540  vpci - ok
23:14:21.0800 0x3540  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:14:21.0800 0x3540  vsmraid - ok
23:14:21.0832 0x3540  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
23:14:21.0863 0x3540  VSS - ok
23:14:21.0878 0x3540  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:14:21.0894 0x3540  VSTXRAID - ok
23:14:21.0894 0x3540  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:14:21.0894 0x3540  vwifibus - ok
23:14:21.0894 0x3540  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:14:21.0910 0x3540  vwififlt - ok
23:14:21.0910 0x3540  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:14:21.0910 0x3540  vwifimp - ok
23:14:21.0925 0x3540  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
23:14:21.0941 0x3540  W32Time - ok
23:14:21.0941 0x3540  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:14:21.0941 0x3540  WacomPen - ok
23:14:21.0941 0x3540  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:14:21.0957 0x3540  Wanarp - ok
23:14:21.0957 0x3540  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:14:21.0957 0x3540  Wanarpv6 - ok
23:14:21.0988 0x3540  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:14:22.0019 0x3540  wbengine - ok
23:14:22.0035 0x3540  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:14:22.0050 0x3540  WbioSrvc - ok
23:14:22.0066 0x3540  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:14:22.0066 0x3540  Wcmsvc - ok
23:14:22.0082 0x3540  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:14:22.0097 0x3540  wcncsvc - ok
23:14:22.0097 0x3540  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:14:22.0113 0x3540  WcsPlugInService - ok
23:14:22.0144 0x3540  [ 2F0339FCE51257F5930357F1DEE2D39E, 78CE40BD4FD58A3E44BAC8C41594694F0A3B8AA55619558A5B751D6623831A22 ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
23:14:22.0160 0x3540  WDBackup - ok
23:14:22.0175 0x3540  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:14:22.0175 0x3540  WdBoot - ok
23:14:22.0175 0x3540  [ 8496CE0C07ECD81BC7B1E455CB7A6385, 7CF8BCAB58DE32087DFC7F00972895B4AE71B46D05EFF0FF82E3482EFFBE10EF ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
23:14:22.0191 0x3540  WDDriveService - ok
23:14:22.0207 0x3540  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:14:22.0222 0x3540  Wdf01000 - ok
23:14:22.0238 0x3540  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:14:22.0238 0x3540  WdFilter - ok
23:14:22.0254 0x3540  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:14:22.0254 0x3540  WdiServiceHost - ok
23:14:22.0254 0x3540  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:14:22.0269 0x3540  WdiSystemHost - ok
23:14:22.0269 0x3540  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:14:22.0269 0x3540  WdNisDrv - ok
23:14:22.0269 0x3540  WdNisSvc - ok
23:14:22.0285 0x3540  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:14:22.0300 0x3540  WebClient - ok
23:14:22.0300 0x3540  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:14:22.0316 0x3540  Wecsvc - ok
23:14:22.0316 0x3540  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:14:22.0316 0x3540  WEPHOSTSVC - ok
23:14:22.0332 0x3540  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:14:22.0332 0x3540  wercplsupport - ok
23:14:22.0332 0x3540  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:14:22.0347 0x3540  WerSvc - ok
23:14:22.0347 0x3540  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:14:22.0347 0x3540  WFPLWFS - ok
23:14:22.0363 0x3540  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:14:22.0363 0x3540  WiaRpc - ok
23:14:22.0363 0x3540  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:14:22.0379 0x3540  WIMMount - ok
23:14:22.0379 0x3540  WinDefend - ok
23:14:22.0394 0x3540  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:14:22.0410 0x3540  WinHttpAutoProxySvc - ok
23:14:22.0425 0x3540  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:14:22.0441 0x3540  Winmgmt - ok
23:14:22.0488 0x3540  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:14:22.0535 0x3540  WinRM - ok
23:14:22.0550 0x3540  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
23:14:22.0550 0x3540  WinUsb - ok
23:14:22.0582 0x3540  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:14:22.0613 0x3540  WlanSvc - ok
23:14:22.0644 0x3540  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:14:22.0691 0x3540  wlidsvc - ok
23:14:22.0691 0x3540  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:14:22.0691 0x3540  WmiAcpi - ok
23:14:22.0707 0x3540  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:14:22.0707 0x3540  wmiApSrv - ok
23:14:22.0707 0x3540  WMPNetworkSvc - ok
23:14:22.0722 0x3540  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:14:22.0722 0x3540  Wof - ok
23:14:22.0769 0x3540  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:14:22.0800 0x3540  workfolderssvc - ok
23:14:22.0800 0x3540  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:14:22.0800 0x3540  wpcfltr - ok
23:14:22.0816 0x3540  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
23:14:22.0816 0x3540  WPCSvc - ok
23:14:22.0832 0x3540  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:14:22.0832 0x3540  WPDBusEnum - ok
23:14:22.0847 0x3540  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:14:22.0847 0x3540  WpdUpFltr - ok
23:14:22.0847 0x3540  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:14:22.0847 0x3540  ws2ifsl - ok
23:14:22.0863 0x3540  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:14:22.0863 0x3540  wscsvc - ok
23:14:22.0863 0x3540  WSearch - ok
23:14:22.0941 0x3540  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
23:14:23.0004 0x3540  WSService - ok
23:14:23.0082 0x3540  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:14:23.0144 0x3540  wuauserv - ok
23:14:23.0160 0x3540  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:14:23.0160 0x3540  WudfPf - ok
23:14:23.0160 0x3540  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:14:23.0175 0x3540  WUDFRd - ok
23:14:23.0175 0x3540  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:14:23.0175 0x3540  wudfsvc - ok
23:14:23.0191 0x3540  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:14:23.0191 0x3540  WUDFWpdMtp - ok
23:14:23.0207 0x3540  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:14:23.0222 0x3540  WwanSvc - ok
23:14:23.0238 0x3540  [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort        C:\WINDOWS\System32\drivers\XHCIPort.sys
23:14:23.0238 0x3540  XHCIPort - ok
23:14:23.0316 0x3540  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:14:23.0379 0x3540  ZeroConfigService - ok
23:14:23.0394 0x3540  ================ Scan global ===============================
23:14:23.0394 0x3540  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
23:14:23.0410 0x3540  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
23:14:23.0425 0x3540  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
23:14:23.0441 0x3540  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
23:14:23.0441 0x3540  [ Global ] - ok
23:14:23.0457 0x3540  ================ Scan MBR ==================================
23:14:23.0457 0x3540  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:14:23.0457 0x3540  \Device\Harddisk0\DR0 - ok
23:14:23.0457 0x3540  ================ Scan VBR ==================================
23:14:23.0457 0x3540  [ 5F7E4CC4A9EF8DC2C90882A407CEA30E ] \Device\Harddisk0\DR0\Partition1
23:14:23.0457 0x3540  \Device\Harddisk0\DR0\Partition1 - ok
23:14:23.0472 0x3540  [ B9E5580BB985FE1F4F972E7ABC444A24 ] \Device\Harddisk0\DR0\Partition2
23:14:23.0472 0x3540  \Device\Harddisk0\DR0\Partition2 - ok
23:14:23.0472 0x3540  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:14:23.0472 0x3540  \Device\Harddisk0\DR0\Partition3 - ok
23:14:23.0472 0x3540  [ 6151D04907631F3E9ADBB9F0B10EC59F ] \Device\Harddisk0\DR0\Partition4
23:14:23.0472 0x3540  \Device\Harddisk0\DR0\Partition4 - ok
23:14:23.0472 0x3540  [ 28D25F966FCDE3347B6B0456459B9A78 ] \Device\Harddisk0\DR0\Partition5
23:14:23.0488 0x3540  \Device\Harddisk0\DR0\Partition5 - ok
23:14:23.0488 0x3540  [ 31A6476CDA64DF58E2147B2951BEFC7E ] \Device\Harddisk0\DR0\Partition6
23:14:23.0488 0x3540  \Device\Harddisk0\DR0\Partition6 - ok
23:14:23.0488 0x3540  [ 37CDAA70B1991B220FAB422730A95D82 ] \Device\Harddisk0\DR0\Partition7
23:14:23.0488 0x3540  \Device\Harddisk0\DR0\Partition7 - ok
23:14:23.0488 0x3540  ================ Scan generic autorun ======================
23:14:23.0738 0x3540  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:14:23.0972 0x3540  RtHDVCpl - ok
23:14:24.0019 0x3540  [ 938B4FEF3CD3311B241FDB5B50C2568B, 52F93F10A5144CD320E6257E438F7FAA52522A55EA3CBE3D142756B71CC6F531 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:14:24.0035 0x3540  RtHDVBg_SRSSA - ok
23:14:24.0035 0x3540  ETDCtrl - ok
23:14:24.0051 0x3540  [ E85BD90950497619C39D1F5068228CF4, BA5CD7035EC1ACDB214EB8D534B00EA409739DD2DDD01D92D98A1B3925FB428E ] C:\windows\system32\igfxtray.exe
23:14:24.0066 0x3540  IgfxTray - ok
23:14:24.0066 0x3540  [ B8C9484D9B45062106F323B348BC9E53, 693E8B9B83C8EDC14F416B2B25DCB04744DDEA5D79CFA510B5983AEB7806B843 ] C:\Program Files\ActivIdentity\ActivClient\ac.activclient.gui.scagent.exe
23:14:24.0082 0x3540  ac.activclient.gui.scagent.exe - ok
23:14:24.0097 0x3540  [ E50BFB3C9CFB67E8364A07EA5556AD28, 4C783EEE4DCA4D71EF899CF5692C509D98C6B668DB3DF04A6310ABE6C03CB7ED ] C:\Program Files\ActivIdentity\ActivClient\ac.activclient.scardactions.exe
23:14:24.0113 0x3540  ac.activclient.scardactions.exe - ok
23:14:24.0176 0x3540  [ 94DDC97749B55A55BADD5819C5351F28, 12858CD2E4194C7EA459A5830B446C3F7D690C8F5C65F2C1D2AAD05FF897578A ] C:\Program Files (x86)\Connectify\DispatchUI.exe
23:14:24.0222 0x3540  Connectify Dispatch - ok
23:14:24.0347 0x3540  [ F852D81BCF8F02F7806FB35BCB69C5E8, 760C59B2714A6B514757F1F6752E864EFA5465B2F68B3264A3B8D402DE0E2684 ] C:\Program Files (x86)\Connectify\Connectify.exe
23:14:24.0441 0x3540  Connectify Hotspot - ok
23:14:24.0472 0x3540  [ 62C16443C5997CD83DC382720F07C255, 89EFBCFADA01B431F4CC19AB2EFC5E56288A17BC9FB15A1209A0CBFE44B8D022 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
23:14:24.0488 0x3540  Acronis Scheduler2 Service - ok
23:14:24.0488 0x3540  BTMTrayAgent - ok
23:14:24.0488 0x3540  [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
23:14:24.0504 0x3540  RemoteControl10 - ok
23:14:24.0504 0x3540  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
23:14:24.0519 0x3540  Intel AppUp(SM) center - ok
23:14:24.0519 0x3540  [ 0C18568BE622D14A796AC683B88425DE, B2BFE014A0D8D09DAF3E05A42951838683C95DAD3943C21DDC0C3DB231F9C02F ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
23:14:24.0519 0x3540  Adobe Reader Speed Launcher - ok
23:14:24.0551 0x3540  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:14:24.0566 0x3540  Adobe ARM - ok
23:14:24.0676 0x3540  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\toddlewis\AppData\Local\Akamai\netsession_win.exe
23:14:24.0754 0x3540  Akamai NetSession Interface - ok
23:14:24.0785 0x3540  [ 585462051E79B30D0282D246F583977D, 7A2958530C4DC02DA1ACD0A8C5E0D04C63AE26AFA49A5444D4872852778D5F50 ] C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE
23:14:24.0785 0x3540  EPLTarget\P0000000000000000 - ok
23:14:24.0816 0x3540  [ 5C90122399B09BAAF57F7F52C0A23C91, EE95660DA0286F4EE42C64C2DA34234CBA68EC4B96FC8D1EC94DCA947C104294 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
23:14:24.0832 0x3540  Adobe Acrobat Synchronizer - ok
23:14:24.0847 0x3540  [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
23:14:24.0847 0x3540  iCloudServices - ok
23:14:24.0879 0x3540  [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\toddlewis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:14:24.0910 0x3540  Spotify Web Helper - ok
23:14:24.0957 0x3540  [ EF2C41FCD8BC6FAE41FB68EAE661B21E, 0EDBFCACCEA67E9D8D8EFAE6DFDCD6B9D54E192018165E15472FC3D30503325A ] C:\Program Files (x86)\Clownfish\Clownfish.exe
23:14:24.0973 0x3540  Clownfish - ok
23:14:25.0019 0x3540  [ 3E2B1D968DA30597038814655E495486, 462F40BC462385640AE4F622DEB0FD1ECF52D0891143C0929EC5EF11AD1D5350 ] C:\Program Files (x86)\SuperTintin for Skype\supertintin_skype.exe
23:14:25.0066 0x3540  supertintin_skype - ok
23:14:25.0082 0x3540  [ 1EAEAFAF61F7DB321A005F8FF64FA8CC, A5A9A02CC618D4963F700F3BA460BFCAD3916252FD8E1D7B8D61E80A5F34C67C ] C:\Users\toddlewis\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
23:14:25.0082 0x3540  SkyDrive - ok
23:14:25.0098 0x3540  [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
23:14:25.0098 0x3540  ApplePhotoStreams - ok
23:14:25.0151 0x3540  [ 544A9045E48A7A1F1F5DC6689AD6C8D0, EF42BC7D3F6B6FC3653F426A2276481E4C1B5AB43D9D54446565C190A969BC1C ] C:\Users\toddlewis\AppData\Roaming\uTorrent\uTorrent.exe
23:14:25.0198 0x3540  uTorrent - ok
23:14:25.0214 0x3540  [ F6B3D572E06E880375F4AE782DE97D90, 2BE682E83E9AA17DE84E642D5DEED4F254E524E6AFCA8887705B3D3F68C5AED5 ] C:\Windows\System32\StikyNot.exe
23:14:25.0214 0x3540  RESTART_STICKY_NOTES - ok
23:14:25.0214 0x3540  Waiting for KSN requests completion. In queue: 80
23:14:26.0233 0x3540  Waiting for KSN requests completion. In queue: 80
23:14:27.0233 0x3540  Waiting for KSN requests completion. In queue: 80
23:14:28.0264 0x3540  AV detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41000 ( enabled : updated )
23:14:28.0264 0x3540  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
23:14:28.0264 0x3540  FW detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41010 ( enabled )
23:14:30.0771 0x3540  ============================================================
23:14:30.0771 0x3540  Scan finished
23:14:30.0771 0x3540  ============================================================
23:14:30.0771 0x3108  Detected object count: 0
23:14:30.0771 0x3108  Actual detected object count: 0



 


  • ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).
  • # AdwCleaner v3.310 - Report created 20/09/2014 at 23:26:54
    # Updated 12/09/2014 by Xplode
    # Operating System : Windows 8.1  (64 bits)
    # Username : toddlewis - PC2015
    # Running from : C:\Users\toddlewis\Documents\Desktop\AdwCleaner.exe
    # Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Ride Games
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Users\toddlewis\AppData\Local\Conduit
Folder Deleted : C:\Users\toddlewis\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\toddlewis\AppData\LocalLow\mixidj
Folder Deleted : C:\Users\toddlewis\AppData\Roaming\Babylon
Folder Deleted : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\SweetPacksToolbarData
Folder Deleted : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\CT3306060
Folder Deleted : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\Extensions\{17464f93-137e-4646-a0c6-0dc13faf0113}
File Deleted : C:\END
File Deleted : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Dealply

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\TelevisionFanaticEI
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TransMac_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\prefs.js ]

Line Deleted : user_pref("CT3306060.FF19Solved", "true");
Line Deleted : user_pref("CT3306060.UserID", "UN73082843110841307");
Line Deleted : user_pref("CT3306060.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3306060.fullUserID", "UN73082843110841307.IN.20131112174303");
Line Deleted : user_pref("CT3306060.installDate", "12/11/2013 17:43:04");
Line Deleted : user_pref("CT3306060.installSessionId", "{39DF1C9F-CA20-4216-AC7A-E660F0E03F3C}");
Line Deleted : user_pref("CT3306060.installSp", "TRUE");
Line Deleted : user_pref("CT3306060.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT3306060.keyword", "true");
Line Deleted : user_pref("CT3306060.originalHomepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={D1D0DAA6-B160-11E2-BEA1-C48508E35B9C}");
Line Deleted : user_pref("CT3306060.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3306060.originalSearchEngine", "Bing");
Line Deleted : user_pref("CT3306060.originalSearchEngineName", "");
Line Deleted : user_pref("CT3306060.searchRevert", "true");
Line Deleted : user_pref("CT3306060.searchUserMode", "2");
Line Deleted : user_pref("CT3306060.smartbar.homepage", "true");
Line Deleted : user_pref("CT3306060.toolbarInstallDate", "12-11-2013 17:43:03");
Line Deleted : user_pref("CT3306060.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT3306060.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultenginename", "Connect DLC 4 Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLC 4 Customized Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306060");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3306060&CUI=UN73082843110841307&UM=2&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306060&SearchSource=2&CUI=UN73082843110841307&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306060");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306060");
Line Deleted : user_pref("smartbar.machineId", "ECT4RFDWU1PHXSVTSQQD3FXRJTSPVYK/CSFKTALJHETDCF17NAQJVQCTUR/LJYHNFLC37I3AS1QWI4CSUD15SG");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.5000006.10043");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.defaultProvider", "bng");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "true");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid=$toolbar_id;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;&flavour=$flavr;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com
.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com
.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{D1D0DAA6-B160-11E2-BEA1-C48508E35B9C}");
Line Deleted : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://toolbar.sweetpacks.com/uninstallbar.asp?barid=$toolbar_id;&flavour=$flavr;");
Line Deleted : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.perion.com/contact-us");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://toolbar.sweetpacks.com");
Line Deleted : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.perion.com/privacy-policy");
Line Deleted : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://start.sweetpacks.com/?barid=$toolbar_id;");
Line Deleted : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://toolbar.sweetpacks.com/uninstall");
Line Deleted : user_pref("sweetim.toolbar.version", "1.13.0.1");

-\\ Google Chrome v37.0.2062.120

*************************

AdwCleaner[R0].txt - [13044 octets] - [20/09/2014 23:19:30]
AdwCleaner[S0].txt - [13218 octets] - [20/09/2014 23:26:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13279 octets] ##########

 


  • .

    Please download Junkware Removal Tool
    to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 8.1 x64
Ran by toddlewis on Sat 09/20/2014 at 23:49:21.60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/20/2014 at 23:58:38.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.
.

  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

C:\Users\All Users\Windows Genuine Advantage\{F7689BD6-612A-41EE-9D41-95BB9AF993A4}\msiexec.exe a variant of Win32/Kryptik.CLHH trojan 
C:\Windows.old\Users\All Users\Windows Genuine Advantage\{F7689BD6-612A-41EE-9D41-95BB9AF993A4}\msiexec.exe a variant of Win32/Kryptik.CLHH trojan 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\toddlewis\AppData\Roaming\Mozilla\Firefox\Profiles\b66frjey.default\Extensions\{17464f93-137e-4646-a0c6-0dc13faf0113}\Plugins\npConduitFirefoxPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\Program Files (x86)\InternetHelper3\prxtbInt0.dll Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\ProgramData\Windows Genuine Advantage\{F7689BD6-612A-41EE-9D41-95BB9AF993A4}\msiexec.exe a variant of Win32/Kryptik.CLHH trojan cleaned by deleting - quarantined
C:\Users\toddlewis\AppData\LocalLow\InternetHelper3\hk64tbInt0.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\toddlewis\AppData\LocalLow\InternetHelper3\hktbInt0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\Users\toddlewis\AppData\LocalLow\InternetHelper3\ldrtbInt0.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\Users\toddlewis\AppData\LocalLow\InternetHelper3\tbInt0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\Users\toddlewis\Downloads\cbsidlm-cbsi134-Free_WMV_to_MP4_Converter-SEO-75903117.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 21 September 2014 - 12:25 PM

Now run a Malwarebtes scan and let me know how the machine is..
 
Many of these infections appear to be the type from torrent downloads. Id suggest you avoid them.
 
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 sailing2016

sailing2016
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 21 September 2014 - 01:03 PM

I performed a complete scan with Malwarebytes Premium.  No malicious files/threats were found.  I am still getting an occasional warning from Malwarebytes blocking the outbound traffic to the same malicious website.  Below are the results from the Security Check.  Thank you for your continued assistance.

 

 Results of screen317's Security Check version 0.99.87 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled! 
AVG Internet Security 2015  
Windows Defender            
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 AVG PC TuneUp 2015 
 AVG PC TuneUp 2015 (en-US)
 AVG PC TuneUp 2015 
 Java 7 Update 67 
 Adobe Flash Player  15.0.0.152 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Mozilla Firefox 22.0 Firefox out of Date! 
 Google Chrome 37.0.2062.103 
 Google Chrome 37.0.2062.120 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 AVG avgwdsvc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 21 September 2014 - 04:51 PM

Ok We need to get a deeper look

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sailing2016

sailing2016
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 23 September 2014 - 08:45 PM

When I try to run DDS, I get an error that displays: "DDS is not meant to run in 'Compatibility Mode'. The program shall now exit."  Any recommendations on what to do to get DDS to run?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 24 September 2014 - 09:59 AM

Sorry, I forhot you run WIN8 .. Start the new topic stating you have WIN8 and they will know why there is no DDS log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,336 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:07:28 PM

Posted 24 September 2014 - 10:46 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/549576/malwarebytes-blocking-traffic-to-malicious-site-ip-664556109/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users