Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with "Trovi" and "Start.Imminent" browser hijackers


  • Please log in to reply
4 replies to this topic

#1 romantichero

romantichero

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 12 October 2014 - 07:57 PM

When I bootup my laptop, ONLY THE FIRST TIME I open Google Chrome, I am redirected to two tabs, trovi and start.imminent. I have tried running Malwarebytes, removing all related programs in Control Panel, and configuring my Extensions settings in every browser. Help!



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 12 October 2014 - 08:05 PM

Welcome, let's also run these....

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 romantichero

romantichero
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 17 October 2014 - 01:59 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by aasim (administrator) on 12-10-2014 at 18:07:28
Running from "C:\Users\aasim\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
TAP-Windows Adapter V9 = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Ethernet 2 (Media disconnected)
Anchorfree HSS VPN Adapter = Ethernet 4 (Media disconnected)
Anchorfree HSS VPN Adapter = Ethernet 5 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Local Area Connection" address=169.254.123.127 mask=255.255.0.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : AasimLaptop
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ucdavis.edu
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-29-06-77-65
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5c1c:df9e:d035:5d3%29(Preferred) 
   IPv4 Address. . . . . . . . . . . : 169.254.123.127(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 1023475497
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-3B-59-DF-74-D0-2B-0D-8D-21
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Ethernet adapter Ethernet 5:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter #2
   Physical Address. . . . . . . . . : 00-FF-86-B5-64-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-6C-AE-93-AA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 74-D0-2B-0D-8D-21
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 6C-71-D9-3F-E8-9C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1E-71-D9-3F-E8-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : ucdavis.edu
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 6C-71-D9-3F-E8-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5080:516a:38ca:525d%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 168.150.16.133(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.192.0
   Lease Obtained. . . . . . . . . . : Sunday, October 12, 2014 5:52:17 PM
   Lease Expires . . . . . . . . . . : Sunday, October 12, 2014 6:52:16 PM
   Default Gateway . . . . . . . . . : 168.150.63.254
   DHCP Server . . . . . . . . . . . : 169.237.160.1
   DHCPv6 IAID . . . . . . . . . . . : 359428569
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-3B-59-DF-74-D0-2B-0D-8D-21
   DNS Servers . . . . . . . . . . . : 169.237.250.250
                                       169.237.1.250
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.ucdavis.edu:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : ucdavis.edu
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Connection-specific DNS Suffix  . : ucdavis.edu
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:a896:1085::a896:1085(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 169.237.250.250
                                       169.237.1.250
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{29067765-FE3B-4998-A778-1B2E1FEF5A86}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {EE16B7EE-99CF-47E3-B893-17A58495F1E9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #12
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dinar.ucdavis.edu
Address:  169.237.250.250
 
Name:    google.com
Addresses:  2607:f8b0:4010:801::1006
 74.125.239.101
 74.125.239.110
 74.125.239.103
 74.125.239.102
 74.125.239.104
 74.125.239.97
 74.125.239.100
 74.125.239.98
 74.125.239.105
 74.125.239.99
 74.125.239.96
 
 
Pinging google.com [74.125.239.133] with 32 bytes of data:
Reply from 74.125.239.133: bytes=32 time=6ms TTL=56
Reply from 74.125.239.133: bytes=32 time=7ms TTL=56
 
Ping statistics for 74.125.239.133:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 7ms, Average = 6ms
Server:  dinar.ucdavis.edu
Address:  169.237.250.250
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=79ms TTL=47
Reply from 98.139.183.24: bytes=32 time=77ms TTL=47
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 77ms, Maximum = 79ms, Average = 78ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 29...00 ff 29 06 77 65 ......TAP-Windows Adapter V9
 28...00 ff 86 b5 64 c3 ......Anchorfree HSS VPN Adapter #2
 27...00 ff 6c ae 93 aa ......Anchorfree HSS VPN Adapter
 22...74 d0 2b 0d 8d 21 ......Realtek PCIe GBE Family Controller #2
 15...6c 71 d9 3f e8 9c ......Bluetooth Device (Personal Area Network)
 14...1e 71 d9 3f e8 9b ......Microsoft Wi-Fi Direct Virtual Adapter
 13...6c 71 d9 3f e8 9b ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #12
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   168.150.63.254   168.150.16.133     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      168.150.0.0    255.255.192.0         On-link    168.150.16.133    281
   168.150.16.133  255.255.255.255         On-link    168.150.16.133    281
   168.150.63.255  255.255.255.255         On-link    168.150.16.133    281
      169.254.0.0      255.255.0.0         On-link   169.254.123.127    286
  169.254.123.127  255.255.255.255         On-link   169.254.123.127    286
  169.254.255.255  255.255.255.255         On-link   169.254.123.127    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   169.254.123.127    286
        224.0.0.0        240.0.0.0         On-link    168.150.16.133    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   169.254.123.127    286
  255.255.255.255  255.255.255.255         On-link    168.150.16.133    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 18   1025 2002::/16                On-link
 18    281 2002:a896:1085::a896:1085/128
                                    On-link
 29    286 fe80::/64                On-link
 13    281 fe80::/64                On-link
 13    281 fe80::5080:516a:38ca:525d/128
                                    On-link
 29    286 fe80::5c1c:df9e:d035:5d3/128
                                    On-link
  1    306 ff00::/8                 On-link
 29    286 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/12/2014 05:48:19 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (10/12/2014 05:48:19 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
 
Error: (10/12/2014 03:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2438
 
Error: (10/12/2014 03:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2438
 
Error: (10/12/2014 03:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/12/2014 03:08:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1219
 
Error: (10/12/2014 03:08:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1219
 
Error: (10/12/2014 03:08:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/12/2014 03:02:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
 
Error: (10/12/2014 03:02:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
 
 
System errors:
=============
Error: (10/12/2014 05:53:15 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:52:18 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:52:08 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:58 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:38 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:23 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:13 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:51:03 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
Error: (10/12/2014 05:50:53 PM) (Source: Service Control Manager) (User: )
Description: The avast! HardwareID service failed to start due to the following error: 
%%127
 
 
Microsoft Office Sessions:
=========================
 
 
 ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.0 - ASUS)
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - )
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS)
ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - )
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Classic Shell (HKLM\...\{BF8CC8E1-3D54-4A54-B985-5190F18AFDBB}) (Version: 4.0.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Of Monkey Island (HKLM-x32\...\bgbennyboyCMIReplacementSetup_is1) (Version: 1.0 - Quick and Easy Software)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3718_45957 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.5817a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.1.0.0187 - Disc Soft Ltd)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Driftmoon (HKLM-x32\...\Steam App 263380) (Version:  - Ville Mönkkönen)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.16.327 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist Expert 2.1.0.715 (HKCU\...\GoToAssist Remote Support Expert) (Version: 2.1.0.715 - Citrix Online)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Higher Aurum 2013.11.07.204308 (HKLM\...\Higher Aurum) (Version: 2013.11.07.204308 - Higher Aurum)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MATLAB® Compiler Runtime 7.10 (HKLM-x32\...\{A4FEEED3-51B4-4BBA-ACB2-8820EED93C52}) (Version: 7.10 - The MathWorks)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Tale Worlds)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NBA 2K14 (HKLM-x32\...\Steam App 255480) (Version:  - Visual Concepts)
NVIDIA 3D Vision Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.93 - NVIDIA Corporation)
NVIDIA Control Panel 311.93 (Version: 311.93 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1193 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Project 64 version 2.0.0.14 (HKLM-x32\...\Project 64_is1) (Version: 2.0.0.14 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SlingPlayer for Web (HKLM-x32\...\{B2E6130A-3200-49CD-90D5-773A1A24012E}) (Version: 2.4.077 - Sling Media)
Song Surgeon 4.0.1.6 (HKLM-x32\...\{03853A8E-10F5-463D-8888-4D69C7C5VD1Z}_is1) (Version:  - Todd, Michael & James, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1040 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{77CDB632-F4DA-4E36-80D2-8158B2D3C575}) (Version: 2.0.0.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.145 - TuneUp Software) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
???? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 8011.25 MB
Available physical RAM: 5345.88 MB
Total Pagefile: 16203.25 MB
Available Pagefile: 13025.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.05 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:87.43 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:536.77 GB) NTFS
3 Drive e: (Morrowind) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\AASIMLAPTOP
 
aasim                    Administrator            Guest                    
 
 
**** End of log ****
 
 

18:08:25.0153 0x1830  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:08:25.0153 0x1830  UEFI system
18:08:32.0989 0x1830  ============================================================
18:08:32.0990 0x1830  Current date / time: 2014/10/12 18:08:32.0989
18:08:32.0990 0x1830  SystemInfo:
18:08:32.0990 0x1830  
18:08:32.0990 0x1830  OS Version: 6.2.9200 ServicePack: 0.0
18:08:32.0990 0x1830  Product type: Workstation
18:08:32.0990 0x1830  ComputerName: AASIMLAPTOP
18:08:32.0990 0x1830  UserName: aasim
18:08:32.0990 0x1830  Windows directory: C:\Windows
18:08:32.0990 0x1830  System windows directory: C:\Windows
18:08:32.0990 0x1830  Running under WOW64
18:08:32.0990 0x1830  Processor architecture: Intel x64
18:08:32.0990 0x1830  Number of processors: 8
18:08:32.0990 0x1830  Page size: 0x1000
18:08:32.0990 0x1830  Boot type: Normal boot
18:08:32.0990 0x1830  ============================================================
18:08:33.0862 0x1830  KLMD registered as C:\Windows\system32\drivers\50234715.sys
18:08:34.0413 0x1830  System UUID: {6D9FC66F-2A75-67FD-2AEE-B1A0BE1C0733}
18:08:35.0984 0x1830  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:08:35.0992 0x1830  ============================================================
18:08:35.0992 0x1830  \Device\Harddisk0\DR0:
18:08:35.0993 0x1830  GPT partitions:
18:08:35.0993 0x1830  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B62BC6B8-3DBB-479A-AB21-FB4A56ECDE3B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
18:08:35.0994 0x1830  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {67507A76-CF75-4355-A48B-B51E9E72B142}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
18:08:35.0994 0x1830  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F13E56EA-1065-4933-93B1-F9553E75B6AA}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
18:08:35.0994 0x1830  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6271FB00-B661-4146-9B61-09FAB44B02F9}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x2E935800
18:08:35.0994 0x1830  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E6C673B2-BB64-427C-A491-451262A7491B}, Name: Basic data partition, StartLBA 0x2EBCE000, BlocksNum 0x43333800
18:08:35.0994 0x1830  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E6B194ED-304E-4879-A1C9-94814153F5A3}, Name: Basic data partition, StartLBA 0x71F01800, BlocksNum 0x2805000
18:08:35.0994 0x1830  MBR partitions:
18:08:35.0994 0x1830  ============================================================
18:08:36.0022 0x1830  C: <-> \Device\Harddisk0\DR0\Partition4
18:08:36.0062 0x1830  D: <-> \Device\Harddisk0\DR0\Partition5
18:08:36.0062 0x1830  ============================================================
18:08:36.0062 0x1830  Initialize success
18:08:36.0062 0x1830  ============================================================
18:08:37.0985 0x1884  ============================================================
18:08:37.0985 0x1884  Scan started
18:08:37.0985 0x1884  Mode: Manual; 
18:08:37.0985 0x1884  ============================================================
18:08:37.0985 0x1884  KSN ping started
18:08:40.0373 0x1884  KSN ping finished: true
18:08:41.0504 0x1884  ================ Scan system memory ========================
18:08:41.0505 0x1884  System memory - ok
18:08:41.0506 0x1884  ================ Scan services =============================
18:08:41.0676 0x1884  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:08:41.0690 0x1884  1394ohci - ok
18:08:41.0733 0x1884  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:08:41.0741 0x1884  3ware - ok
18:08:41.0792 0x1884  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:08:41.0815 0x1884  ACPI - ok
18:08:41.0860 0x1884  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:08:41.0865 0x1884  acpiex - ok
18:08:41.0889 0x1884  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:08:41.0892 0x1884  acpipagr - ok
18:08:41.0901 0x1884  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:08:41.0903 0x1884  AcpiPmi - ok
18:08:41.0911 0x1884  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:08:41.0914 0x1884  acpitime - ok
18:08:41.0976 0x1884  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:08:41.0980 0x1884  AdobeARMservice - ok
18:08:42.0317 0x1884  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:08:42.0334 0x1884  AdobeFlashPlayerUpdateSvc - ok
18:08:42.0401 0x1884  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:08:42.0429 0x1884  adp94xx - ok
18:08:42.0458 0x1884  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:08:42.0478 0x1884  adpahci - ok
18:08:42.0495 0x1884  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:08:42.0507 0x1884  adpu320 - ok
18:08:42.0548 0x1884  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:08:42.0559 0x1884  AeLookupSvc - ok
18:08:42.0627 0x1884  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\Windows\system32\drivers\afd.sys
18:08:42.0659 0x1884  AFD - ok
18:08:42.0764 0x1884  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
18:08:42.0826 0x1884  AgereSoftModem - ok
18:08:42.0848 0x1884  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:08:42.0854 0x1884  agp440 - ok
18:08:42.0882 0x1884  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
18:08:42.0885 0x1884  AiCharger - ok
18:08:42.0923 0x1884  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
18:08:42.0930 0x1884  ALG - ok
18:08:42.0952 0x1884  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
18:08:42.0963 0x1884  AllUserInstallAgent - ok
18:08:43.0016 0x1884  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:08:43.0022 0x1884  AmdK8 - ok
18:08:43.0035 0x1884  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:08:43.0041 0x1884  AmdPPM - ok
18:08:43.0075 0x1884  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:08:43.0081 0x1884  amdsata - ok
18:08:43.0103 0x1884  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:08:43.0119 0x1884  amdsbs - ok
18:08:43.0128 0x1884  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:08:43.0132 0x1884  amdxata - ok
18:08:43.0143 0x1884  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
18:08:43.0149 0x1884  AppID - ok
18:08:43.0186 0x1884  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:08:43.0191 0x1884  AppIDSvc - ok
18:08:43.0234 0x1884  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
18:08:43.0241 0x1884  Appinfo - ok
18:08:43.0305 0x1884  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:08:43.0309 0x1884  Apple Mobile Device - ok
18:08:43.0340 0x1884  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
18:08:43.0347 0x1884  arc - ok
18:08:43.0368 0x1884  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:08:43.0376 0x1884  arcsas - ok
18:08:43.0457 0x1884  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
18:08:43.0464 0x1884  ASLDRService - ok
18:08:43.0528 0x1884  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
18:08:43.0531 0x1884  ASMMAP64 - ok
18:08:43.0610 0x1884  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files\ASUS\P4G\InsOnSrv.exe
18:08:43.0627 0x1884  ASUS InstantOn - ok
18:08:43.0655 0x1884  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:08:43.0658 0x1884  aswHwid - ok
18:08:43.0690 0x1884  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:08:43.0696 0x1884  aswMonFlt - ok
18:08:43.0732 0x1884  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:08:43.0739 0x1884  aswRdr - ok
18:08:43.0770 0x1884  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:08:43.0775 0x1884  aswRvrt - ok
18:08:43.0872 0x1884  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:08:43.0928 0x1884  aswSnx - ok
18:08:43.0979 0x1884  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:08:44.0003 0x1884  aswSP - ok
18:08:44.0039 0x1884  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:08:44.0046 0x1884  aswStm - ok
18:08:44.0084 0x1884  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:08:44.0097 0x1884  aswVmm - ok
18:08:44.0118 0x1884  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:08:44.0122 0x1884  AsyncMac - ok
18:08:44.0130 0x1884  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:08:44.0134 0x1884  atapi - ok
18:08:44.0171 0x1884  [ 427A6D1397E826B370D025EE73A50E6E, FC8BAB3AA95B55D59B8DF9F97C87D1F3CEAB609A3E6C8BD576F3BF9047C6A120 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
18:08:44.0177 0x1884  AthBTPort - ok
18:08:44.0251 0x1884  [ 54D0CDDB72425D42F7B504EE392E9653, 925FC00DC1222ECC8D750E240E8C159CF46F0BDBAADCDB2108892CF2CD91ED79 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:08:44.0267 0x1884  AtherosSvc - ok
18:08:44.0509 0x1884  [ DFF2CAB5FDE5C32715C56A0DC7FD2427, 589CD57D0993F39ABEFA9C9802034A14C63C3FFF5232F56E3C4D4BA2FD7C3A8B ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
18:08:44.0738 0x1884  athr - ok
18:08:44.0764 0x1884  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
18:08:44.0770 0x1884  ATKGFNEXSrv - ok
18:08:44.0800 0x1884  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
18:08:44.0803 0x1884  ATKWMIACPIIO - ok
18:08:44.0841 0x1884  [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP             C:\Windows\System32\drivers\AsusTP.sys
18:08:44.0846 0x1884  ATP - ok
18:08:44.0891 0x1884  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:08:44.0902 0x1884  AudioEndpointBuilder - ok
18:08:44.0983 0x1884  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:08:45.0024 0x1884  Audiosrv - ok
18:08:45.0093 0x1884  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:08:45.0098 0x1884  avast! Antivirus - ok
18:08:45.0138 0x1884  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:08:45.0147 0x1884  AxInstSV - ok
18:08:45.0207 0x1884  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:08:45.0237 0x1884  b06bdrv - ok
18:08:45.0256 0x1884  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:08:45.0261 0x1884  BasicDisplay - ok
18:08:45.0281 0x1884  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:08:45.0284 0x1884  BasicRender - ok
18:08:45.0352 0x1884  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
18:08:45.0365 0x1884  BDESVC - ok
18:08:45.0390 0x1884  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
18:08:45.0393 0x1884  Beep - ok
18:08:45.0461 0x1884  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
18:08:45.0500 0x1884  BFE - ok
18:08:45.0587 0x1884  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
18:08:45.0640 0x1884  BITS - ok
18:08:45.0700 0x1884  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:08:45.0723 0x1884  Bonjour Service - ok
18:08:45.0754 0x1884  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:08:45.0761 0x1884  bowser - ok
18:08:45.0807 0x1884  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:08:45.0819 0x1884  BrokerInfrastructure - ok
18:08:45.0863 0x1884  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
18:08:45.0873 0x1884  Browser - ok
18:08:45.0906 0x1884  [ 14922EA7CB40E6DC993BA8433D91F468, 88756A3AEF2BA4356D6CE35058C26FA93DED8EAFE8C881DC13511B2EE5F01AF3 ] bsitf           C:\Program Files (x86)\ASUS\WinFlash\bsitf64.sys
18:08:45.0908 0x1884  bsitf - ok
18:08:45.0954 0x1884  [ E9B6AC24CB3737D2F93C05590B4A9048, 7CFDF93947925EDF6D6C0AD9E3A31AF098E8F8574AFCD8C7B3242E29A1F38CDD ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
18:08:45.0975 0x1884  BTATH_A2DP - ok
18:08:46.0004 0x1884  [ 2BD94FC9AB890A7A7CEF81E5F1A2D421, 0B572D0F6558CA37164A15A8D9DF13160BBF6DA119B8E92436B3DCFA19361E31 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
18:08:46.0012 0x1884  btath_avdt - ok
18:08:46.0040 0x1884  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys
18:08:46.0043 0x1884  BTATH_BUS - ok
18:08:46.0092 0x1884  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
18:08:46.0141 0x1884  BTATH_HCRP - ok
18:08:46.0188 0x1884  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:08:46.0194 0x1884  BTATH_LWFLT - ok
18:08:46.0227 0x1884  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
18:08:46.0236 0x1884  BTATH_RCP - ok
18:08:46.0323 0x1884  [ 03B8FF35631D99D29947935DE8201C66, 04B2ACE0E0311101D1C735D33E3ECB5E35B927BE896DAACA03A4A9D6D1044A1E ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
18:08:46.0354 0x1884  BtFilter - ok
18:08:46.0398 0x1884  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:08:46.0402 0x1884  BthAvrcpTg - ok
18:08:46.0442 0x1884  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
18:08:46.0446 0x1884  BthEnum - ok
18:08:46.0477 0x1884  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:08:46.0482 0x1884  BthHFEnum - ok
18:08:46.0525 0x1884  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:08:46.0529 0x1884  bthhfhid - ok
18:08:46.0573 0x1884  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:08:46.0586 0x1884  BthLEEnum - ok
18:08:46.0624 0x1884  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:08:46.0629 0x1884  BTHMODEM - ok
18:08:46.0656 0x1884  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:08:46.0664 0x1884  BthPan - ok
18:08:46.0775 0x1884  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:08:46.0838 0x1884  BTHPORT - ok
18:08:46.0876 0x1884  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
18:08:46.0884 0x1884  bthserv - ok
18:08:46.0915 0x1884  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:08:46.0920 0x1884  BTHUSB - ok
18:08:46.0941 0x1884  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:08:46.0949 0x1884  cdfs - ok
18:08:47.0006 0x1884  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:08:47.0049 0x1884  cdrom - ok
18:08:47.0103 0x1884  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:08:47.0161 0x1884  CertPropSvc - ok
18:08:47.0209 0x1884  [ 855EBDDCFC5DE12F730C6C1DC994410B, 5F6E1BF571146802075C2C790D65979157F83CF4F7FA5B30D4811E9BDE4134BD ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
18:08:47.0214 0x1884  CGVPNCliService - ok
18:08:47.0234 0x1884  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
18:08:47.0238 0x1884  circlass - ok
18:08:47.0289 0x1884  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:08:47.0310 0x1884  CLFS - ok
18:08:47.0512 0x1884  [ FE0CFEDA0CFC71F1FF0F77E85CA1FE1F, D067024F9110CEEF573152275DAB100943B59A36E58B342B5CC764FC3C917834 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:08:47.0629 0x1884  ClickToRunSvc - ok
18:08:47.0686 0x1884  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:08:47.0689 0x1884  CmBatt - ok
18:08:47.0771 0x1884  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:08:47.0802 0x1884  CNG - ok
18:08:47.0843 0x1884  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:08:47.0847 0x1884  CompositeBus - ok
18:08:47.0855 0x1884  COMSysApp - ok
18:08:47.0878 0x1884  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:08:47.0882 0x1884  condrv - ok
18:08:47.0983 0x1884  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:08:48.0004 0x1884  cphs - ok
18:08:48.0047 0x1884  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:08:48.0054 0x1884  CryptSvc - ok
18:08:48.0091 0x1884  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
18:08:48.0096 0x1884  dam - ok
18:08:48.0179 0x1884  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:08:48.0229 0x1884  DcomLaunch - ok
18:08:48.0291 0x1884  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
18:08:48.0313 0x1884  defragsvc - ok
18:08:48.0353 0x1884  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
18:08:48.0375 0x1884  DeviceAssociationService - ok
18:08:48.0417 0x1884  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:08:48.0433 0x1884  DeviceInstall - ok
18:08:48.0473 0x1884  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:08:48.0482 0x1884  Dfsc - ok
18:08:48.0537 0x1884  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:08:48.0558 0x1884  Dhcp - ok
18:08:48.0675 0x1884  [ AFDF32206A8CBBE20A40DEF13462C95E, BA4896D0B6D133105F5B0BC2E648943890F816D7466C0C93A0966321AF9F831C ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
18:08:48.0712 0x1884  Disc Soft Bus Service - ok
18:08:48.0758 0x1884  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
18:08:48.0763 0x1884  discache - ok
18:08:48.0794 0x1884  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
18:08:48.0801 0x1884  disk - ok
18:08:48.0819 0x1884  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:08:48.0822 0x1884  dmvsc - ok
18:08:48.0879 0x1884  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:08:48.0893 0x1884  Dnscache - ok
18:08:48.0962 0x1884  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
18:08:48.0980 0x1884  dot3svc - ok
18:08:49.0019 0x1884  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
18:08:49.0033 0x1884  DPS - ok
18:08:49.0087 0x1884  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:08:49.0090 0x1884  drmkaud - ok
18:08:49.0142 0x1884  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:08:49.0157 0x1884  DsmSvc - ok
18:08:49.0192 0x1884  [ C9914A74045A6D23DB7252FA3985DE25, 0CB2655DDE564810B4F1449B0CB1C2AD18544197F7D061447399BBA98A40D3DF ] dtscsibus       C:\Windows\system32\DRIVERS\dtscsibus.sys
18:08:49.0196 0x1884  dtscsibus - ok
18:08:49.0320 0x1884  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:08:49.0397 0x1884  DXGKrnl - ok
18:08:49.0446 0x1884  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
18:08:49.0465 0x1884  e1iexpress - ok
18:08:49.0500 0x1884  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:08:49.0510 0x1884  Eaphost - ok
18:08:49.0719 0x1884  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:08:49.0924 0x1884  ebdrv - ok
18:08:49.0972 0x1884  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\Windows\System32\lsass.exe
18:08:49.0980 0x1884  EFS - ok
18:08:50.0005 0x1884  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:08:50.0011 0x1884  EhStorClass - ok
18:08:50.0051 0x1884  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:08:50.0059 0x1884  EhStorTcgDrv - ok
18:08:50.0067 0x1884  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:08:50.0070 0x1884  ErrDev - ok
18:08:50.0152 0x1884  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
18:08:50.0182 0x1884  EventSystem - ok
18:08:50.0220 0x1884  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
18:08:50.0231 0x1884  exfat - ok
18:08:50.0272 0x1884  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:08:50.0285 0x1884  fastfat - ok
18:08:50.0351 0x1884  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
18:08:50.0391 0x1884  Fax - ok
18:08:50.0425 0x1884  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:08:50.0429 0x1884  fdc - ok
18:08:50.0463 0x1884  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:08:50.0470 0x1884  fdPHost - ok
18:08:50.0486 0x1884  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:08:50.0492 0x1884  FDResPub - ok
18:08:50.0517 0x1884  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
18:08:50.0528 0x1884  fhsvc - ok
18:08:50.0551 0x1884  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:08:50.0556 0x1884  FileInfo - ok
18:08:50.0574 0x1884  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:08:50.0577 0x1884  Filetrace - ok
18:08:50.0604 0x1884  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:08:50.0608 0x1884  flpydisk - ok
18:08:50.0658 0x1884  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:08:50.0679 0x1884  FltMgr - ok
18:08:50.0791 0x1884  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
18:08:50.0859 0x1884  FontCache - ok
18:08:50.0952 0x1884  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:08:50.0956 0x1884  FontCache3.0.0.0 - ok
18:08:50.0991 0x1884  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:08:50.0997 0x1884  FsDepends - ok
18:08:51.0017 0x1884  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:08:51.0020 0x1884  Fs_Rec - ok
18:08:51.0083 0x1884  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:08:51.0108 0x1884  fvevol - ok
18:08:51.0155 0x1884  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:08:51.0158 0x1884  FxPPM - ok
18:08:51.0186 0x1884  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:08:51.0192 0x1884  gagp30kx - ok
18:08:51.0242 0x1884  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:08:51.0246 0x1884  GEARAspiWDM - ok
18:08:51.0282 0x1884  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:08:51.0286 0x1884  gencounter - ok
18:08:51.0339 0x1884  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:08:51.0347 0x1884  GPIOClx0101 - ok
18:08:51.0465 0x1884  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:08:51.0537 0x1884  gpsvc - ok
18:08:51.0594 0x1884  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:08:51.0601 0x1884  gupdate - ok
18:08:51.0611 0x1884  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:08:51.0619 0x1884  gupdatem - ok
18:08:51.0674 0x1884  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:08:51.0694 0x1884  HdAudAddService - ok
18:08:51.0742 0x1884  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:08:51.0748 0x1884  HDAudBus - ok
18:08:51.0770 0x1884  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:08:51.0774 0x1884  HidBatt - ok
18:08:51.0818 0x1884  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:08:51.0825 0x1884  HidBth - ok
18:08:51.0869 0x1884  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:08:51.0873 0x1884  hidi2c - ok
18:08:51.0898 0x1884  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:08:51.0902 0x1884  HidIr - ok
18:08:51.0927 0x1884  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
18:08:51.0934 0x1884  hidserv - ok
18:08:51.0958 0x1884  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
18:08:51.0962 0x1884  HIDSwitch - ok
18:08:52.0020 0x1884  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:08:52.0073 0x1884  HidUsb - ok
18:08:52.0138 0x1884  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:08:52.0198 0x1884  hkmsvc - ok
18:08:52.0252 0x1884  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:08:52.0273 0x1884  HomeGroupListener - ok
18:08:52.0339 0x1884  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:08:52.0366 0x1884  HomeGroupProvider - ok
18:08:52.0404 0x1884  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:08:52.0409 0x1884  HpSAMD - ok
18:08:52.0534 0x1884  [ 77ED10C64F9DE2BF3F4F0B92541422F6, ADC7DDA8CBA47E7EE17BAB9EAA5DD51EB86A4DDB402EF1F24F81ECCA990583A6 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
18:08:52.0582 0x1884  hshld - ok
18:08:52.0628 0x1884  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
18:08:52.0632 0x1884  HssDRV6 - ok
18:08:52.0675 0x1884  [ 7A97848FE7C47F9390427EBDDD92F9F1, 2C053D1433585B3FA0ED839CDFC80CAB3A2D670F5B1F6E3D80BC31EB5CE0E948 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
18:08:52.0680 0x1884  HssTrayService - ok
18:08:52.0742 0x1884  [ 5CB01FD5AA4885BC4811433B54393AF2, 018AC4FDE8099731C3D9F77EE66B6EB902DC246D4E68DD20962CD2D7C48C2123 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
18:08:52.0766 0x1884  HssWd - ok
18:08:52.0840 0x1884  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:08:52.0884 0x1884  HTTP - ok
18:08:52.0924 0x1884  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:08:52.0927 0x1884  hwpolicy - ok
18:08:52.0945 0x1884  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:08:52.0948 0x1884  hyperkbd - ok
18:08:52.0956 0x1884  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:08:52.0960 0x1884  HyperVideo - ok
18:08:52.0987 0x1884  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:08:52.0994 0x1884  i8042prt - ok
18:08:53.0082 0x1884  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
18:08:53.0117 0x1884  iaStorA - ok
18:08:53.0162 0x1884  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:08:53.0185 0x1884  iaStorV - ok
18:08:53.0430 0x1884  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:08:53.0657 0x1884  igfx - ok
18:08:53.0712 0x1884  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:08:53.0734 0x1884  igfxCUIService1.0.0.0 - ok
18:08:53.0761 0x1884  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:08:53.0766 0x1884  iirsp - ok
18:08:53.0868 0x1884  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:08:53.0954 0x1884  IKEEXT - ok
18:08:54.0196 0x1884  [ C274B45F4F728EF471D82A437AC65937, EEF56EE12B4BDE3EF90965C33D9880749E6C22E2C945E4F24308C840BCF08BB4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:08:54.0410 0x1884  IntcAzAudAddService - ok
18:08:54.0472 0x1884  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:08:54.0496 0x1884  IntcDAud - ok
18:08:54.0603 0x1884  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:08:54.0641 0x1884  Intel® Capability Licensing Service Interface - ok
18:08:54.0705 0x1884  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:08:54.0748 0x1884  Intel® Capability Licensing Service TCP IP Interface - ok
18:08:54.0822 0x1884  [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
18:08:54.0830 0x1884  Intel® ME Service - ok
18:08:54.0852 0x1884  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:08:54.0855 0x1884  intelide - ok
18:08:54.0895 0x1884  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:08:54.0901 0x1884  intelppm - ok
18:08:54.0913 0x1884  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:08:54.0920 0x1884  IpFilterDriver - ok
18:08:55.0009 0x1884  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:08:55.0060 0x1884  iphlpsvc - ok
18:08:55.0099 0x1884  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:08:55.0106 0x1884  IPMIDRV - ok
18:08:55.0140 0x1884  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:08:55.0150 0x1884  IPNAT - ok
18:08:55.0215 0x1884  [ 7E4F8065367AE5BA387262D57B868DF5, 3D09A778748D30AFD37B23603CCC151B028D505FF3CB7763CE393F6CFAED3A9E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:08:55.0249 0x1884  iPod Service - ok
18:08:55.0289 0x1884  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:08:55.0293 0x1884  IRENUM - ok
18:08:55.0314 0x1884  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:08:55.0318 0x1884  isapnp - ok
18:08:55.0373 0x1884  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:08:55.0390 0x1884  iScsiPrt - ok
18:08:55.0443 0x1884  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:08:55.0453 0x1884  jhi_service - ok
18:08:55.0480 0x1884  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:08:55.0485 0x1884  kbdclass - ok
18:08:55.0505 0x1884  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:08:55.0509 0x1884  kbdhid - ok
18:08:55.0539 0x1884  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
18:08:55.0543 0x1884  kbfiltr - ok
18:08:55.0571 0x1884  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:08:55.0575 0x1884  kdnic - ok
18:08:55.0594 0x1884  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
18:08:55.0603 0x1884  KeyIso - ok
18:08:55.0653 0x1884  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:08:55.0661 0x1884  KSecDD - ok
18:08:55.0709 0x1884  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:08:55.0720 0x1884  KSecPkg - ok
18:08:55.0756 0x1884  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:08:55.0759 0x1884  ksthunk - ok
18:08:55.0809 0x1884  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:08:55.0835 0x1884  KtmRm - ok
18:08:55.0886 0x1884  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:08:55.0911 0x1884  LanmanServer - ok
18:08:55.0966 0x1884  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:08:55.0988 0x1884  LanmanWorkstation - ok
18:08:56.0017 0x1884  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:08:56.0022 0x1884  lltdio - ok
18:08:56.0070 0x1884  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:08:56.0091 0x1884  lltdsvc - ok
18:08:56.0109 0x1884  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:08:56.0117 0x1884  lmhosts - ok
18:08:56.0194 0x1884  [ 733736AF4929D0DFF65652B218C53888, 92CA45E11D829E8B52AB5D399D9B56D03B25C424F696C23F2B37E17D22E99E1E ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:08:56.0214 0x1884  LMS - ok
18:08:56.0245 0x1884  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:08:56.0252 0x1884  LSI_SAS - ok
18:08:56.0270 0x1884  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:08:56.0276 0x1884  LSI_SAS2 - ok
18:08:56.0289 0x1884  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:08:56.0297 0x1884  LSI_SCSI - ok
18:08:56.0309 0x1884  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:08:56.0315 0x1884  LSI_SSS - ok
18:08:56.0382 0x1884  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\Windows\System32\lsm.dll
18:08:56.0410 0x1884  LSM - ok
18:08:56.0438 0x1884  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:08:56.0447 0x1884  luafv - ok
18:08:56.0487 0x1884  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:08:56.0491 0x1884  MBAMProtector - ok
18:08:56.0625 0x1884  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:08:56.0716 0x1884  MBAMScheduler - ok
18:08:56.0784 0x1884  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:08:56.0828 0x1884  MBAMService - ok
18:08:56.0931 0x1884  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:08:56.0940 0x1884  MBAMSwissArmy - ok
18:08:56.0955 0x1884  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:08:56.0961 0x1884  MBAMWebAccessControl - ok
18:08:56.0997 0x1884  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:08:57.0012 0x1884  megasas - ok
18:08:57.0108 0x1884  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:08:57.0140 0x1884  MegaSR - ok
18:08:57.0165 0x1884  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
18:08:57.0172 0x1884  MEIx64 - ok
18:08:57.0264 0x1884  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:08:57.0270 0x1884  Microsoft Office Groove Audit Service - ok
18:08:57.0302 0x1884  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
18:08:57.0313 0x1884  MMCSS - ok
18:08:57.0338 0x1884  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
18:08:57.0342 0x1884  Modem - ok
18:08:57.0382 0x1884  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:08:57.0386 0x1884  monitor - ok
18:08:57.0421 0x1884  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:08:57.0426 0x1884  mouclass - ok
18:08:57.0440 0x1884  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:08:57.0444 0x1884  mouhid - ok
18:08:57.0493 0x1884  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:08:57.0500 0x1884  mountmgr - ok
18:08:57.0567 0x1884  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:08:57.0575 0x1884  MozillaMaintenance - ok
18:08:57.0610 0x1884  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:08:57.0617 0x1884  mpsdrv - ok
18:08:57.0697 0x1884  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:08:57.0750 0x1884  MpsSvc - ok
18:08:57.0792 0x1884  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:08:57.0802 0x1884  MRxDAV - ok
18:08:57.0858 0x1884  [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:08:57.0878 0x1884  mrxsmb - ok
18:08:57.0912 0x1884  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:08:57.0930 0x1884  mrxsmb10 - ok
18:08:57.0967 0x1884  [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:08:57.0980 0x1884  mrxsmb20 - ok
18:08:58.0023 0x1884  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:08:58.0031 0x1884  MsBridge - ok
18:08:58.0061 0x1884  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
18:08:58.0076 0x1884  MSDTC - ok
18:08:58.0098 0x1884  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:08:58.0101 0x1884  Msfs - ok
18:08:58.0130 0x1884  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:08:58.0134 0x1884  msgpiowin32 - ok
18:08:58.0149 0x1884  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:08:58.0152 0x1884  mshidkmdf - ok
18:08:58.0171 0x1884  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:08:58.0175 0x1884  mshidumdf - ok
18:08:58.0189 0x1884  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:08:58.0192 0x1884  msisadrv - ok
18:08:58.0219 0x1884  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:08:58.0234 0x1884  MSiSCSI - ok
18:08:58.0241 0x1884  msiserver - ok
18:08:58.0264 0x1884  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:08:58.0267 0x1884  MSKSSRV - ok
18:08:58.0292 0x1884  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:08:58.0297 0x1884  MsLldp - ok
18:08:58.0306 0x1884  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:08:58.0308 0x1884  MSPCLOCK - ok
18:08:58.0316 0x1884  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:08:58.0319 0x1884  MSPQM - ok
18:08:58.0371 0x1884  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:08:58.0393 0x1884  MsRPC - ok
18:08:58.0433 0x1884  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:08:58.0437 0x1884  mssmbios - ok
18:08:58.0451 0x1884  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:08:58.0455 0x1884  MSTEE - ok
18:08:58.0463 0x1884  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:08:58.0466 0x1884  MTConfig - ok
18:08:58.0490 0x1884  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:08:58.0496 0x1884  Mup - ok
18:08:58.0523 0x1884  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:08:58.0529 0x1884  mvumis - ok
18:08:58.0594 0x1884  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
18:08:58.0624 0x1884  napagent - ok
18:08:58.0664 0x1884  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:08:58.0688 0x1884  NativeWifiP - ok
18:08:58.0731 0x1884  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:08:58.0747 0x1884  NcaSvc - ok
18:08:58.0771 0x1884  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:08:58.0782 0x1884  NcdAutoSetup - ok
18:08:58.0881 0x1884  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:08:58.0932 0x1884  NDIS - ok
18:08:58.0959 0x1884  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:08:58.0964 0x1884  NdisCap - ok
18:08:59.0006 0x1884  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:08:59.0015 0x1884  NdisImPlatform - ok
18:08:59.0037 0x1884  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:08:59.0041 0x1884  NdisTapi - ok
18:08:59.0065 0x1884  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:08:59.0070 0x1884  Ndisuio - ok
18:08:59.0114 0x1884  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:08:59.0125 0x1884  NdisWan - ok
18:08:59.0139 0x1884  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
18:08:59.0150 0x1884  NDISWANLEGACY - ok
18:08:59.0186 0x1884  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:08:59.0191 0x1884  NDProxy - ok
18:08:59.0235 0x1884  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:08:59.0242 0x1884  Ndu - ok
18:08:59.0284 0x1884  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
18:08:59.0293 0x1884  Net Driver HPZ12 - ok
18:08:59.0314 0x1884  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:08:59.0319 0x1884  NetBIOS - ok
18:08:59.0378 0x1884  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:08:59.0397 0x1884  NetBT - ok
18:08:59.0427 0x1884  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
18:08:59.0436 0x1884  Netlogon - ok
18:08:59.0487 0x1884  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
18:08:59.0508 0x1884  Netman - ok
18:08:59.0556 0x1884  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:08:59.0587 0x1884  netprofm - ok
18:08:59.0647 0x1884  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:08:59.0698 0x1884  NetTcpPortSharing - ok
18:09:00.0249 0x1884  [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
18:09:00.0767 0x1884  NETwNs64 - ok
18:09:00.0808 0x1884  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:09:00.0813 0x1884  nfrd960 - ok
18:09:00.0872 0x1884  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:09:00.0898 0x1884  NlaSvc - ok
18:09:00.0934 0x1884  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\Windows\system32\drivers\npf.sys
18:09:00.0937 0x1884  NPF - ok
18:09:00.0967 0x1884  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:09:00.0972 0x1884  Npfs - ok
18:09:00.0993 0x1884  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:09:00.0996 0x1884  npsvctrig - ok
18:09:01.0023 0x1884  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
18:09:01.0033 0x1884  nsi - ok
18:09:01.0057 0x1884  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:09:01.0062 0x1884  nsiproxy - ok
18:09:01.0218 0x1884  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:09:01.0321 0x1884  Ntfs - ok
18:09:01.0349 0x1884  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
18:09:01.0352 0x1884  Null - ok
18:09:02.0078 0x1884  [ 529E8DDBF5912DDD3003A13914E78952, C11B233D38D7033EDC998CFEAA4DF4AB910262CB6E1FED02CFE27950A96BE8E8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:09:02.0765 0x1884  nvlddmkm - ok
18:09:02.0963 0x1884  [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:09:03.0043 0x1884  NvNetworkService - ok
18:09:03.0090 0x1884  [ B87F396F4F9ABF59744F28298C5490AC, E0DA96F8A573AED6FD3C707D5533B48504E283F68C2981E25286D0267358EB55 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:09:03.0093 0x1884  nvpciflt - ok
18:09:03.0119 0x1884  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:09:03.0130 0x1884  nvraid - ok
18:09:03.0146 0x1884  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:09:03.0157 0x1884  nvstor - ok
18:09:03.0232 0x1884  [ A88135181D776F8C18550A589A9CAF2D, 47CA5246A55198BA5DEDD34C93A3C5E2DF0EED29ADA3F27AB963857116B6048E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:09:03.0235 0x1884  NvStreamKms - ok
18:09:03.0251 0x1884  NvStreamSvc - ok
18:09:03.0348 0x1884  [ 9661A7615FAFFC253458B17FA849DA5A, 386BE2E45D27B36E79491C8E7CB1DA977BC253751ADDC6A18DCF75459A33D05F ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:09:03.0400 0x1884  nvsvc - ok
18:09:03.0439 0x1884  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:09:03.0443 0x1884  nvvad_WaveExtensible - ok
18:09:03.0468 0x1884  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:09:03.0477 0x1884  nv_agp - ok
18:09:03.0593 0x1884  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:09:03.0618 0x1884  odserv - ok
18:09:03.0657 0x1884  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:09:03.0667 0x1884  ose - ok
18:09:03.0723 0x1884  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:09:03.0749 0x1884  p2pimsvc - ok
18:09:03.0793 0x1884  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:09:03.0825 0x1884  p2psvc - ok
18:09:03.0876 0x1884  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
18:09:03.0884 0x1884  Parport - ok
18:09:03.0954 0x1884  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:09:03.0961 0x1884  partmgr - ok
18:09:04.0034 0x1884  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:09:04.0063 0x1884  PcaSvc - ok
18:09:04.0112 0x1884  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
18:09:04.0126 0x1884  pci - ok
18:09:04.0145 0x1884  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
18:09:04.0148 0x1884  pciide - ok
18:09:04.0168 0x1884  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:09:04.0183 0x1884  pcmcia - ok
18:09:04.0209 0x1884  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
18:09:04.0214 0x1884  pcw - ok
18:09:04.0256 0x1884  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
18:09:04.0261 0x1884  pdc - ok
18:09:04.0346 0x1884  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:09:04.0391 0x1884  PEAUTH - ok
18:09:04.0483 0x1884  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:09:04.0492 0x1884  PerfHost - ok
18:09:04.0607 0x1884  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
18:09:04.0690 0x1884  pla - ok
18:09:04.0727 0x1884  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:09:04.0744 0x1884  PlugPlay - ok
18:09:04.0783 0x1884  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
18:09:04.0795 0x1884  Pml Driver HPZ12 - ok
18:09:04.0825 0x1884  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:09:04.0836 0x1884  PNRPAutoReg - ok
18:09:04.0878 0x1884  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:09:04.0904 0x1884  PNRPsvc - ok
18:09:04.0965 0x1884  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:09:04.0995 0x1884  PolicyAgent - ok
18:09:05.0018 0x1884  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
18:09:05.0034 0x1884  Power - ok
18:09:05.0080 0x1884  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:09:05.0088 0x1884  PptpMiniport - ok
18:09:05.0297 0x1884  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE, 878E46E308BC3AC689CFC401BAA12D217BFB9911C29A10DB5DFFAC250A58CE55 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
18:09:05.0437 0x1884  PrintNotify - ok
18:09:05.0475 0x1884  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
18:09:05.0482 0x1884  Processor - ok
18:09:05.0534 0x1884  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
18:09:05.0553 0x1884  ProfSvc - ok
18:09:05.0574 0x1884  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:09:05.0583 0x1884  Psched - ok
18:09:05.0626 0x1884  [ D8EB393983B644879DE0546122CC16DF, 4A11DDFB016B560E770660183AF1ADA4831D97DAEAF560E60259F81F2727CBFC ] ptun0901        C:\Windows\system32\DRIVERS\ptun0901.sys
18:09:05.0630 0x1884  ptun0901 - ok
18:09:05.0684 0x1884  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
18:09:05.0707 0x1884  QWAVE - ok
18:09:05.0744 0x1884  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:09:05.0749 0x1884  QWAVEdrv - ok
18:09:05.0768 0x1884  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:09:05.0771 0x1884  RasAcd - ok
18:09:05.0799 0x1884  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:05.0805 0x1884  RasAgileVpn - ok
18:09:05.0843 0x1884  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
18:09:05.0857 0x1884  RasAuto - ok
18:09:05.0885 0x1884  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:05.0894 0x1884  Rasl2tp - ok
18:09:05.0936 0x1884  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
18:09:05.0964 0x1884  RasMan - ok
18:09:05.0996 0x1884  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:06.0002 0x1884  RasPppoe - ok
18:09:06.0044 0x1884  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:09:06.0051 0x1884  RasSstp - ok
18:09:06.0113 0x1884  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:09:06.0138 0x1884  rdbss - ok
18:09:06.0181 0x1884  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:09:06.0185 0x1884  rdpbus - ok
18:09:06.0223 0x1884  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:09:06.0234 0x1884  RDPDR - ok
18:09:06.0286 0x1884  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:09:06.0291 0x1884  RdpVideoMiniport - ok
18:09:06.0316 0x1884  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:09:06.0331 0x1884  RDPWD - ok
18:09:06.0366 0x1884  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:09:06.0380 0x1884  rdyboost - ok
18:09:06.0431 0x1884  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:09:06.0444 0x1884  RemoteAccess - ok
18:09:06.0484 0x1884  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:09:06.0502 0x1884  RemoteRegistry - ok
18:09:06.0548 0x1884  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:09:06.0559 0x1884  RFCOMM - ok
18:09:06.0665 0x1884  [ 616F6E52CAE254727A886BA8EDA1BEEA, 537EE7A8959E4CBCD243C66A54AF64E5D48F9780893D8450A07645FC3DA61C0B ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:09:06.0679 0x1884  RichVideo - ok
18:09:06.0724 0x1884  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
18:09:06.0732 0x1884  rpcapd - ok
18:09:06.0767 0x1884  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:09:06.0781 0x1884  RpcEptMapper - ok
18:09:06.0806 0x1884  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
18:09:06.0814 0x1884  RpcLocator - ok
18:09:06.0882 0x1884  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
18:09:06.0932 0x1884  RpcSs - ok
18:09:06.0971 0x1884  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:09:06.0978 0x1884  rspndr - ok
18:09:07.0082 0x1884  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
18:09:07.0127 0x1884  RSUSBVSTOR - ok
18:09:07.0218 0x1884  [ C4BE01C55656888152F57CC7E35A2BE6, 4404B6AC0DDBA06FA57EE6B900E0CD854CFACE555F56331E9EC74A5D7F683E1B ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
18:09:07.0261 0x1884  RTL8168 - ok
18:09:07.0330 0x1884  [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
18:09:07.0338 0x1884  RzKLService - ok
18:09:07.0371 0x1884  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:09:07.0374 0x1884  s3cap - ok
18:09:07.0417 0x1884  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\Windows\system32\lsass.exe
18:09:07.0426 0x1884  SamSs - ok
18:09:07.0455 0x1884  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:09:07.0463 0x1884  sbp2port - ok
18:09:07.0511 0x1884  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:09:07.0531 0x1884  SCardSvr - ok
18:09:07.0573 0x1884  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:09:07.0578 0x1884  scfilter - ok
18:09:07.0685 0x1884  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll
18:09:07.0757 0x1884  Schedule - ok
18:09:07.0803 0x1884  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:09:07.0813 0x1884  SCPolicySvc - ok
18:09:07.0857 0x1884  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:09:07.0869 0x1884  sdbus - ok
18:09:07.0902 0x1884  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:09:07.0920 0x1884  SDRSVC - ok
18:09:07.0967 0x1884  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:09:07.0973 0x1884  sdstor - ok
18:09:07.0998 0x1884  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:09:08.0002 0x1884  secdrv - ok
18:09:08.0030 0x1884  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
18:09:08.0041 0x1884  seclogon - ok
18:09:08.0069 0x1884  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
18:09:08.0082 0x1884  SENS - ok
18:09:08.0115 0x1884  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:09:08.0134 0x1884  SensrSvc - ok
18:09:08.0171 0x1884  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:09:08.0176 0x1884  SerCx - ok
18:09:08.0185 0x1884  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:09:08.0189 0x1884  Serenum - ok
18:09:08.0201 0x1884  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
18:09:08.0207 0x1884  Serial - ok
18:09:08.0215 0x1884  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:09:08.0219 0x1884  sermouse - ok
18:09:08.0273 0x1884  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:09:08.0297 0x1884  SessionEnv - ok
18:09:08.0339 0x1884  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:09:08.0343 0x1884  sfloppy - ok
18:09:08.0423 0x1884  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:09:08.0453 0x1884  SharedAccess - ok
18:09:08.0549 0x1884  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:08.0586 0x1884  ShellHWDetection - ok
18:09:08.0608 0x1884  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:09:08.0612 0x1884  SiSRaid2 - ok
18:09:08.0638 0x1884  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:09:08.0645 0x1884  SiSRaid4 - ok
18:09:08.0669 0x1884  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:09:08.0680 0x1884  SNMPTRAP - ok
18:09:08.0732 0x1884  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:09:08.0749 0x1884  spaceport - ok
18:09:08.0781 0x1884  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:09:08.0787 0x1884  SpbCx - ok
18:09:08.0872 0x1884  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
18:09:08.0920 0x1884  Spooler - ok
18:09:09.0250 0x1884  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:09:09.0522 0x1884  sppsvc - ok
18:09:09.0577 0x1884  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:09:09.0603 0x1884  srv - ok
18:09:09.0676 0x1884  [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:09:09.0708 0x1884  srv2 - ok
18:09:09.0765 0x1884  [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:09:09.0782 0x1884  srvnet - ok
18:09:09.0846 0x1884  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:09:09.0869 0x1884  SSDPSRV - ok
18:09:09.0891 0x1884  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:09:09.0905 0x1884  SstpSvc - ok
18:09:10.0012 0x1884  [ AFE32AFD30464FC59CB8E88DC72F66FA, 24644F8AA47E61B98EF867BE18A9BE383822D64F3AADF2ED35E42FBFBA7B340F ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:09:10.0058 0x1884  Steam Client Service - ok
18:09:10.0165 0x1884  [ E9503FBF2A7853A66AB90A14339EE827, 808B84488C925669CA918CC703043325641EF12BE89680108D1EAC9F18E4B2B5 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:09:10.0186 0x1884  Stereo Service - ok
18:09:10.0226 0x1884  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:09:10.0230 0x1884  stexstor - ok
18:09:10.0296 0x1884  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
18:09:10.0338 0x1884  stisvc - ok
18:09:10.0382 0x1884  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:09:10.0389 0x1884  storahci - ok
18:09:10.0429 0x1884  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
18:09:10.0434 0x1884  storflt - ok
18:09:10.0469 0x1884  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
18:09:10.0481 0x1884  StorSvc - ok
18:09:10.0497 0x1884  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:09:10.0503 0x1884  storvsc - ok
18:09:10.0521 0x1884  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
18:09:10.0532 0x1884  svsvc - ok
18:09:10.0559 0x1884  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
18:09:10.0562 0x1884  swenum - ok
18:09:10.0617 0x1884  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
18:09:10.0654 0x1884  swprv - ok
18:09:10.0779 0x1884  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
18:09:10.0855 0x1884  SysMain - ok
18:09:10.0903 0x1884  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:09:10.0923 0x1884  SystemEventsBroker - ok
18:09:10.0960 0x1884  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:10.0975 0x1884  TabletInputService - ok
18:09:11.0019 0x1884  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:09:11.0023 0x1884  tap0901 - ok
18:09:11.0067 0x1884  [ DA0780D55E8CF724CF3EF7CCF0F0DB67, 47CD0FC1CAD0603674EC06C469F7C92518C8668DF6DA56DF5E3DD7640E287203 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
18:09:11.0072 0x1884  taphss6 - ok
18:09:11.0119 0x1884  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:09:11.0146 0x1884  TapiSrv - ok
18:09:11.0336 0x1884  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:09:11.0454 0x1884  Tcpip - ok
18:09:11.0582 0x1884  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:09:11.0703 0x1884  TCPIP6 - ok
18:09:11.0753 0x1884  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:09:11.0759 0x1884  tcpipreg - ok
18:09:11.0794 0x1884  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:09:11.0802 0x1884  tdx - ok
18:09:11.0821 0x1884  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:09:11.0826 0x1884  terminpt - ok
18:09:11.0907 0x1884  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
18:09:11.0956 0x1884  TermService - ok
18:09:11.0988 0x1884  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
18:09:12.0001 0x1884  Themes - ok
18:09:12.0136 0x1884  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:09:12.0147 0x1884  THREADORDER - ok
18:09:12.0249 0x1884  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:09:12.0267 0x1884  TimeBroker - ok
18:09:12.0308 0x1884  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:09:12.0321 0x1884  TPM - ok
18:09:12.0362 0x1884  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
18:09:12.0379 0x1884  TrkWks - ok
18:09:12.0469 0x1884  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:12.0478 0x1884  TrustedInstaller - ok
18:09:12.0529 0x1884  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:09:12.0535 0x1884  TsUsbFlt - ok
18:09:12.0546 0x1884  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:09:12.0550 0x1884  TsUsbGD - ok
18:09:12.0577 0x1884  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:09:12.0587 0x1884  tunnel - ok
18:09:12.0600 0x1884  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:09:12.0607 0x1884  uagp35 - ok
18:09:12.0619 0x1884  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:09:12.0627 0x1884  UASPStor - ok
18:09:12.0683 0x1884  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:09:12.0700 0x1884  UCX01000 - ok
18:09:12.0782 0x1884  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:09:12.0800 0x1884  udfs - ok
18:09:12.0836 0x1884  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:09:12.0851 0x1884  UI0Detect - ok
18:09:12.0877 0x1884  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:09:12.0883 0x1884  uliagpkx - ok
18:09:12.0902 0x1884  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:09:12.0907 0x1884  umbus - ok
18:09:12.0931 0x1884  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:09:12.0935 0x1884  UmPass - ok
18:09:12.0989 0x1884  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:09:13.0018 0x1884  UmRdpService - ok
18:09:13.0109 0x1884  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
18:09:13.0156 0x1884  upnphost - ok
18:09:13.0202 0x1884  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
18:09:13.0208 0x1884  USBAAPL64 - ok
18:09:13.0284 0x1884  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:09:13.0295 0x1884  usbaudio - ok
18:09:13.0360 0x1884  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:09:13.0369 0x1884  usbccgp - ok
18:09:13.0401 0x1884  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:09:13.0408 0x1884  usbcir - ok
18:09:13.0472 0x1884  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:09:13.0480 0x1884  usbehci - ok
18:09:13.0546 0x1884  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:09:13.0589 0x1884  usbhub - ok
18:09:13.0663 0x1884  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:09:13.0691 0x1884  USBHUB3 - ok
18:09:13.0735 0x1884  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:09:13.0739 0x1884  usbohci - ok
18:09:13.0792 0x1884  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:09:13.0796 0x1884  usbprint - ok
18:09:13.0843 0x1884  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:09:13.0852 0x1884  USBSTOR - ok
18:09:13.0878 0x1884  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:09:13.0882 0x1884  usbuhci - ok
18:09:13.0937 0x1884  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:09:13.0951 0x1884  usbvideo - ok
18:09:13.0999 0x1884  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:09:14.0023 0x1884  USBXHCI - ok
18:09:14.0073 0x1884  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
18:09:14.0086 0x1884  VaultSvc - ok
18:09:14.0135 0x1884  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:09:14.0140 0x1884  vdrvroot - ok
18:09:14.0225 0x1884  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
18:09:14.0274 0x1884  vds - ok
18:09:14.0301 0x1884  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:09:14.0309 0x1884  VerifierExt - ok
18:09:14.0418 0x1884  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:09:14.0447 0x1884  vhdmp - ok
18:09:14.0532 0x1884  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:09:14.0536 0x1884  viaide - ok
18:09:14.0564 0x1884  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:09:14.0574 0x1884  vmbus - ok
18:09:14.0584 0x1884  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:09:14.0588 0x1884  VMBusHID - ok
18:09:14.0660 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:09:14.0683 0x1884  vmicheartbeat - ok
18:09:14.0707 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:09:14.0729 0x1884  vmickvpexchange - ok
18:09:14.0752 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:09:14.0774 0x1884  vmicrdv - ok
18:09:14.0797 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:09:14.0819 0x1884  vmicshutdown - ok
18:09:14.0847 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:09:14.0868 0x1884  vmictimesync - ok
18:09:14.0891 0x1884  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
18:09:14.0913 0x1884  vmicvss - ok
18:09:14.0939 0x1884  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:09:14.0946 0x1884  volmgr - ok
18:09:15.0003 0x1884  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:09:15.0024 0x1884  volmgrx - ok
18:09:15.0079 0x1884  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:09:15.0098 0x1884  volsnap - ok
18:09:15.0135 0x1884  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:09:15.0141 0x1884  vpci - ok
18:09:15.0157 0x1884  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:09:15.0168 0x1884  vsmraid - ok
18:09:15.0294 0x1884  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
18:09:15.0382 0x1884  VSS - ok
18:09:15.0445 0x1884  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:09:15.0464 0x1884  VSTXRAID - ok
18:09:15.0482 0x1884  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:09:15.0487 0x1884  vwifibus - ok
18:09:15.0514 0x1884  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:15.0520 0x1884  vwififlt - ok
18:09:15.0542 0x1884  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:09:15.0546 0x1884  vwifimp - ok
18:09:15.0606 0x1884  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
18:09:15.0636 0x1884  W32Time - ok
18:09:15.0666 0x1884  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:09:15.0670 0x1884  WacomPen - ok
18:09:15.0719 0x1884  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:09:15.0726 0x1884  Wanarp - ok
18:09:15.0736 0x1884  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:09:15.0742 0x1884  Wanarpv6 - ok
18:09:15.0866 0x1884  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
18:09:15.0960 0x1884  wbengine - ok
18:09:16.0002 0x1884  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:09:16.0032 0x1884  WbioSrvc - ok
18:09:16.0078 0x1884  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:09:16.0103 0x1884  Wcmsvc - ok
18:09:16.0172 0x1884  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:09:16.0206 0x1884  wcncsvc - ok
18:09:16.0246 0x1884  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:16.0260 0x1884  WcsPlugInService - ok
18:09:16.0290 0x1884  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
18:09:16.0294 0x1884  Wd - ok
18:09:16.0341 0x1884  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:09:16.0346 0x1884  WdBoot - ok
18:09:16.0467 0x1884  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:09:16.0524 0x1884  Wdf01000 - ok
18:09:16.0573 0x1884  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:09:16.0589 0x1884  WdFilter - ok
18:09:16.0636 0x1884  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:09:16.0652 0x1884  WdiServiceHost - ok
18:09:16.0664 0x1884  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:09:16.0681 0x1884  WdiSystemHost - ok
18:09:16.0726 0x1884  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll
18:09:16.0749 0x1884  WebClient - ok
18:09:16.0778 0x1884  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:09:16.0800 0x1884  Wecsvc - ok
18:09:16.0840 0x1884  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:09:16.0855 0x1884  wercplsupport - ok
18:09:16.0898 0x1884  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:09:16.0914 0x1884  WerSvc - ok
18:09:16.0955 0x1884  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:09:16.0962 0x1884  WFPLWFS - ok
18:09:16.0999 0x1884  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:09:17.0036 0x1884  WiaRpc - ok
18:09:17.0083 0x1884  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:09:17.0088 0x1884  WIMMount - ok
18:09:17.0114 0x1884  WinDefend - ok
18:09:17.0201 0x1884  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:09:17.0247 0x1884  WinHttpAutoProxySvc - ok
18:09:17.0333 0x1884  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:09:17.0348 0x1884  Winmgmt - ok
18:09:17.0551 0x1884  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:09:17.0749 0x1884  WinRM - ok
18:09:17.0803 0x1884  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:09:17.0809 0x1884  WinUsb - ok
18:09:17.0927 0x1884  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:09:18.0010 0x1884  WlanSvc - ok
18:09:18.0156 0x1884  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:09:18.0264 0x1884  wlidsvc - ok
18:09:18.0293 0x1884  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:09:18.0296 0x1884  WmiAcpi - ok
18:09:18.0352 0x1884  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:09:18.0364 0x1884  wmiApSrv - ok
18:09:18.0391 0x1884  WMPNetworkSvc - ok
18:09:18.0420 0x1884  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:09:18.0425 0x1884  wpcfltr - ok
18:09:18.0454 0x1884  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:09:18.0466 0x1884  WPCSvc - ok
18:09:18.0509 0x1884  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:09:18.0526 0x1884  WPDBusEnum - ok
18:09:18.0544 0x1884  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:09:18.0548 0x1884  WpdUpFltr - ok
18:09:18.0580 0x1884  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:09:18.0584 0x1884  ws2ifsl - ok
18:09:18.0629 0x1884  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:09:18.0645 0x1884  wscsvc - ok
18:09:18.0675 0x1884  [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
18:09:18.0679 0x1884  WSDPrintDevice - ok
18:09:18.0686 0x1884  WSearch - ok
18:09:18.0865 0x1884  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
18:09:18.0992 0x1884  WSService - ok
18:09:19.0229 0x1884  [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:09:19.0401 0x1884  wuauserv - ok
18:09:19.0438 0x1884  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:09:19.0445 0x1884  WudfPf - ok
18:09:19.0477 0x1884  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:09:19.0489 0x1884  WUDFRd - ok
18:09:19.0522 0x1884  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:09:19.0538 0x1884  wudfsvc - ok
18:09:19.0556 0x1884  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:19.0568 0x1884  WUDFWpdFs - ok
18:09:19.0584 0x1884  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:19.0597 0x1884  WUDFWpdMtp - ok
18:09:19.0652 0x1884  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:09:19.0687 0x1884  WwanSvc - ok
18:09:19.0757 0x1884  [ D107AA09E4E233E1AAE126255D8A4057, 767E78508DF2FABF1E8DBEA7214B4214FA7B2FAA9AC6DD7D97F3F517A8C83BFB ] xusb22          C:\Windows\System32\drivers\xusb22.sys
18:09:19.0765 0x1884  xusb22 - ok
18:09:19.0849 0x1884  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:09:19.0866 0x1884  ZAtheros Bt and Wlan Coex Agent - ok
18:09:19.0907 0x1884  ================ Scan global ===============================
18:09:19.0951 0x1884  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
18:09:19.0993 0x1884  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
18:09:20.0041 0x1884  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
18:09:20.0098 0x1884  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
18:09:20.0127 0x1884  [ Global ] - ok
18:09:20.0128 0x1884  ================ Scan MBR ==================================
18:09:20.0142 0x1884  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:09:20.0153 0x1884  \Device\Harddisk0\DR0 - ok
18:09:20.0154 0x1884  ================ Scan VBR ==================================
18:09:20.0158 0x1884  [ EBFB00E5414D00B0531A8D8C0F34C8B0 ] \Device\Harddisk0\DR0\Partition1
18:09:20.0231 0x1884  \Device\Harddisk0\DR0\Partition1 - ok
18:09:20.0244 0x1884  [ 19D1EB31F111E8C4F41F34507167467E ] \Device\Harddisk0\DR0\Partition2
18:09:20.0306 0x1884  \Device\Harddisk0\DR0\Partition2 - ok
18:09:20.0338 0x1884  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:09:20.0339 0x1884  \Device\Harddisk0\DR0\Partition3 - ok
18:09:20.0351 0x1884  [ 1B1E1EE7193864459CFC55E3674237A2 ] \Device\Harddisk0\DR0\Partition4
18:09:20.0429 0x1884  \Device\Harddisk0\DR0\Partition4 - ok
18:09:20.0459 0x1884  [ 7B4C4B16F08CCCECF05285C1B9529EAB ] \Device\Harddisk0\DR0\Partition5
18:09:20.0474 0x1884  \Device\Harddisk0\DR0\Partition5 - ok
18:09:20.0505 0x1884  [ BF00FD70BF84398ACF5035D76987988C ] \Device\Harddisk0\DR0\Partition6
18:09:20.0520 0x1884  \Device\Harddisk0\DR0\Partition6 - ok
18:09:20.0521 0x1884  ================ Scan generic autorun ======================
18:09:20.0718 0x1884  [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:09:20.0824 0x1884  NvBackend - ok
18:09:20.0865 0x1884  [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] C:\Windows\system32\rundll32.exe
18:09:20.0877 0x1884  ShadowPlay - ok
18:09:21.0727 0x1884  [ A2BD2D7FF852417FD121C63F6C5B5D15, 14F33BA906AD76864F734BF75BD6C02461FF7227B84F83BE96F611299168799C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:09:22.0372 0x1884  RTHDVCPL - ok
18:09:22.0502 0x1884  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:09:22.0564 0x1884  RtHDVBg - ok
18:09:22.0624 0x1884  [ 6BA03B5AF0B49BFEFC5DF84C8DBE5209, C1C77823C4E97F70CCA10777C213A70E74FD372B74C96AA6D00D147A8B9656F4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
18:09:22.0627 0x1884  Adobe Reader Speed Launcher - ok
18:09:22.0715 0x1884  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:09:22.0764 0x1884  Adobe ARM - ok
18:09:22.0992 0x1884  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
18:09:23.0143 0x1884  ASUSPRP - ok
18:09:23.0380 0x1884  [ C81AFE7FD0AC8BBF02485733EEE19840, A0320BC6AE9B90EC6A6BC0EE8779C3E71158B0104B8C1FBF3BDCCD54BEE5699F ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe
18:09:23.0543 0x1884  ASUSWebStorage - ok
18:09:23.0551 0x1884  mcui_exe - ok
18:09:23.0620 0x1884  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
18:09:23.0625 0x1884  RemoteControl10 - ok
18:09:23.0683 0x1884  [ 607FCAE0B447C1B917DADBF0BE9A83FE, 1400420835C4E523595A4700ABC2E0F66B7BBC6AC48DB334F4E41DA3B1581F20 ] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
18:09:23.0695 0x1884  UpdatePSTShortCut - ok
18:09:23.0737 0x1884  [ 1C923DBE5D95AD7608CD7DB50816C923, 0AD5012936ED3BE9C9437B29C9D203523855546F3E49CF30E75BB35818BF0F44 ] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
18:09:23.0739 0x1884  ASUS InstantKey - ok
18:09:23.0740 0x1884  avgnt - ok
18:09:24.0007 0x1884  [ 21B8FAAFA5CCD89663AAD5833ABF4B35, DE46AD49AE1ED34697EE387BB77E73BCD7DA60E6063E02660021A9C2EA3C0801 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:09:24.0206 0x1884  AvastUI.exe - ok
18:09:24.0251 0x1884  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
18:09:24.0256 0x1884  amd_dc_opt - ok
18:09:24.0368 0x1884  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
18:09:24.0372 0x1884  GrooveMonitor - ok
18:09:24.0494 0x1884  [ B4E6C1B28AF8806008CB654C716ABAFA, A42929D47D6D77D0A4B2BDAB61F11B2D5CAB0DE1AECEF29AE37BBF47E076BDB5 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:09:24.0504 0x1884  iTunesHelper - ok
18:09:24.0609 0x1884  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:09:24.0622 0x1884  SunJavaUpdateSched - ok
18:09:24.0797 0x1884  [ FE157C8114B6D6FEBEEB5884D4933CF8, BA94B3E09524E062618DBDC2889AD2721B6D1D074380410275480476CAB38770 ] C:\Program Files (x86)\Steam\Steam.exe
18:09:24.0891 0x1884  Steam - ok
18:09:25.0123 0x1884  [ 9AD4C97657FDC7AD3D5B842C308169FB, 97462FD63C25E9B81ABADDA0A9DAF29DF267835A3BB632B52512295F55900DBA ] C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe
18:09:25.0312 0x1884  DAEMON Tools Ultra Agent - ok
18:09:25.0693 0x1884  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\aasim\AppData\Local\Akamai\netsession_win.exe
18:09:25.0917 0x1884  Akamai NetSession Interface - ok
18:09:26.0044 0x1884  [ D6026801884CC52B651D1139FB3CB88B, 24E50FE178A024A2D283ADC4FCFBEECA0839F1DDF3BE4B9F6C21BFCF425F736E ] C:\Users\aasim\AppData\Local\Citrix\GoToAssist Remote Support Expert\715\g2ax_start.exe
18:09:26.0076 0x1884  GoToAssist Remote Support Expert - ok
18:09:26.0146 0x1884  [ 246BDF406366B91BA7E1709B8021AAC4, 29081AAE709FAB5BC22CD52849B30AAB7903BA96E733DAB52D253E94194D6CF9 ] C:\Program Files\CyberGhost 5\CyberGhost.EXE
18:09:26.0166 0x1884  CyberGhost - ok
18:09:26.0388 0x1884  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\aasim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:09:26.0462 0x1884  Spotify Web Helper - ok
18:09:26.0466 0x1884  Waiting for KSN requests completion. In queue: 162
18:09:27.0467 0x1884  Waiting for KSN requests completion. In queue: 162
18:09:28.0468 0x1884  Waiting for KSN requests completion. In queue: 162
18:09:29.0571 0x1884  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
18:09:29.0585 0x1884  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
18:09:29.0600 0x1884  Win FW state via NFP2: enabled
18:09:32.0120 0x1884  ============================================================
18:09:32.0120 0x1884  Scan finished
18:09:32.0120 0x1884  ============================================================
18:09:32.0134 0x0b1c  Detected object count: 0
18:09:32.0134 0x0b1c  Actual detected object count: 0
18:19:57.0289 0x04e4  Deinitialize success


#4 romantichero

romantichero
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 17 October 2014 - 02:00 PM

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=83a636288c59c94a8bcc9e6c0b4bd534
# engine=15727
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-11-02 04:36:14
# local_time=2013-11-01 09:36:14 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=774 16777213 71 77 0 0 0 0
# compatibility_mode=5122 16777214 66 79 0 45564000 0 0
# compatibility_mode=5893 16776574 100 94 387578 42786685 0 0
# scanned=206784
# found=28
# cleaned=28
# scan_time=8848
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="a variant of MSIL/DomaIQ.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\Uninstaller\Uninstall.exe"
sh=40364CD66B83A2B2D060BAF8948B89BBEF4E024B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\50onred_ads_only_no_fb_m[1].js"
sh=F8BD38D50F0348CEF64D0B397BF6BAC1EC8A3CD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\ads_only_5_m[1].js"
sh=83CDCE21D2E22142F1D24D0C225529B9D8485EAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\dealply_m[1].js"
sh=60D25EF0BC5392D5A28A39F59C89C2D51915213B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\intext_5_m[1].js"
sh=24AA0A999D9AA9ED69DBD3AD37D4C0C1A4D8DC89 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\intext_adv_m[1].js"
sh=5DB1EA4D428D69A859A6A2D90A649C17BB42E02C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IY169UP\revizer_p_m[1].js"
sh=C7C186E54D042C9DCAACD170347F10C188AEC85D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MJ6HXDZ\arcadi2_m[1].js"
sh=D67303051C4C06CDA7B352169D649F4AEFF862B6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MJ6HXDZ\arcadi3_m[1].js"
sh=DED4D5AC65600899CE571E960D7B9D20DBEFD9BB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MJ6HXDZ\coupish_m[1].js"
sh=1F2641FFCA5C1DACAAA217BE7C9989F7AC05C1A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MJ6HXDZ\similar_web_m[1].js"
sh=5BD7B82662A263F1138F5E2A90138A8BFA5C4853 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MJ6HXDZ\widdit_m[1].js"
sh=140BE41E58E7CB6E9B38B4ED892886CED78C2E58 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\corticas_m[1].js"
sh=288FB4BEC59EEF7E0827216B4286A69802EDC05F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\cortica_rollover_m[1].js"
sh=A7400B116369A3142513FD9A3E93134369137036 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\coupons_intext_ads_5_m[1].js"
sh=E008307C95AD4C1D040B009D307E13C03146B1BF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\jollywallet_m[1].js"
sh=CF138C16214F3451EE8CF965CB30532461AA0614 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\superfish_no_search_no_coupons_m[1].js"
sh=176D4038122B1FF7370825F721F36F73103C5873 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VX75BCG\superfish_pricora_m[1].js"
sh=EDAF8A2B6318DD482F0BBDC2A96C109697D86E5A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\arcadi2_sourceID_m[1].js"
sh=EE0C01CA81EBB2B46504012816E1B3EC0FE5F29C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\cortica_m[1].js"
sh=5F4085D36D3743A164582B9628469218ECD72EBA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\getdeal_m[1].js"
sh=DB51332A37F65FD4863EE1B8A5BA62A02DA885F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\ibario_pops_m[1].js"
sh=C5DD383664008DA61501CCBAF1279A498CC468F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\icm1_5_m[1].js"
sh=1D0D0004624903CF66D059CC3EFB513926B2B8BC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\icm_m[1].js"
sh=63362C65C083ABF77E174E7351F333927EB9A5C9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\luck_m[1].js"
sh=A1AAE6746EE56E39AB7C51C70B8215BE3D0F4ACD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRNBS31V\revizer_ws_m[1].js"
sh=321D55C88A529D02A44F97BF6498451F7D4C70CE ft=1 fh=97ec66a52017a80c vn="a variant of Win32/Bundled.Toolbar.Ask application (deleted - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Temp\avira-premium-security-suite.exe\9055d99fff1a487bb2b057d2230d5538\5\software\avira-premium-security-suite.exe"
sh=321D55C88A529D02A44F97BF6498451F7D4C70CE ft=1 fh=97ec66a52017a80c vn="a variant of Win32/Bundled.Toolbar.Ask application (deleted - quarantined)" ac=C fn="C:\Users\aasim\AppData\Local\Temp\avira-premium-security-suite.exe\9055d99fff1a487bb2b057d2230d5538\software\avira-premium-security-suite.exe"
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=0
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=83a636288c59c94a8bcc9e6c0b4bd534
# engine=15727
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-14 07:01:16
# local_time=2014-10-14 12:01:16 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 115529 29853579 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 12902661 72689787 0 0
# scanned=71729
# found=0
# cleaned=0
# scan_time=5580
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=83a636288c59c94a8bcc9e6c0b4bd534
# engine=20637
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-17 05:13:08
# local_time=2014-10-16 10:13:08 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 368241 30106291 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 13155373 72942499 0 0
# scanned=148496
# found=11
# cleaned=0
# scan_time=2415
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir"
sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="a variant of Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\hk64tbInte.dll.vir"
sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\hktbInte.dll.vir"
sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\ldrtbInte.dll.vir"
sh=1CAAAB0EDE5FDF753F0DFBA5B395A2840CD0A76C ft=1 fh=ed0fde6c6c7e3f9e vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\prxtbInte.dll.vir"
sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\tbInte.dll.vir"
sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="a variant of Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aasim\AppData\LocalLow\internethelper3.1\hk64tbInte.dll.vir"
sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aasim\AppData\LocalLow\internethelper3.1\hktbInte.dll.vir"
sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aasim\AppData\LocalLow\internethelper3.1\ldrtbInte.dll.vir"
sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\aasim\AppData\LocalLow\internethelper3.1\tbInte.dll.vir"


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:36 AM

Posted 17 October 2014 - 02:29 PM

Hi, we are going to need stronger tools to get this one.. We need to make a new topic.
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users