Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Gen.2 detected


  • Please log in to reply
26 replies to this topic

#1 ricee

ricee

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 10:58 AM

Back with another problem.

 

I just on my laptop not long ago then sudden Symantec Endpoint Protection had this popout whereby it says that one of my file which happens to be a program i use in school, has been infected with Trojan.Gen.2

 

It has been quarantined by Symantec and I am wondering what actions should I do next.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 AM

Posted 14 October 2014 - 02:56 PM

Hello ricee

hat is good that it's quarantined. It can no longer affect you there.

We can run these to see if it's clean.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 08:56 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by 127320 (administrator) on 15-10-2014 at 10:44:27
Running from "C:\Users\127320\Desktop"
Microsoft Windows 7 Enterprise  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: ISA-Firewall.rp.sg:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection 2 (Connected)
Hamachi Network Interface = Hamachi (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows = Local Area Connection 2 (Hardware not present)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Hardware not present)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
VPN Client Adapter - VPN = VPN - VPN Client (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="VPN - VPN Client" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : RP127320
   Primary Dns Suffix  . . . . . . . : rp.edu.sg
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : rp.edu.sg

Ethernet adapter VPN - VPN Client:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VPN Client Adapter - VPN
   Physical Address. . . . . . . . . : 00-AC-E2-43-A5-6A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 24-77-03-5A-05-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
   Physical Address. . . . . . . . . : 24-77-03-5A-05-EC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::116b:9a2f:b95e:82c8%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, 15 October, 2014 10:34:29 AM
   Lease Expires . . . . . . . . . . : Wednesday, 15 October, 2014 2:34:28 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 589592323
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D4-C0-6F-DC-0E-A1-7B-E1-1B
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : DC-0E-A1-89-3C-93
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-31-A8-03
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::1931:a803(Preferred)
   Link-local IPv6 Address . . . . . : fe80::9075:f3cf:2e41:9128%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.49.168.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Wednesday, 15 October, 2014 10:34:24 AM
   Lease Expires . . . . . . . . . . : Wednesday, 15 October, 2014 10:49:13 AM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 746224076
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D4-C0-6F-DC-0E-A1-7B-E1-1B
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F8A39480-BF16-4D2B-8FC0-749D5AED65AC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2035:214c:3559:c589(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2035:214c:3559:c589%60(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{455492E3-2268-4ED7-919F-15389A9A12A8}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FEEEA6D6-1558-4969-B62B-9DC7CD395B8F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.254

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.130.102
      74.125.130.113
      74.125.130.100
      74.125.130.138
      74.125.130.101
      74.125.130.139


Pinging google.com [74.125.68.138] with 32 bytes of data:
Reply from 74.125.68.138: bytes=32 time=9ms TTL=44
Reply from 74.125.68.138: bytes=32 time=10ms TTL=44

Ping statistics for 74.125.68.138:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 10ms, Average = 9ms
Server:  UnKnown
Address:  192.168.1.254

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=311ms TTL=47
Reply from 206.190.36.45: bytes=32 time=325ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 311ms, Maximum = 325ms, Average = 318ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 62...00 ac e2 43 a5 6a ......VPN Client Adapter - VPN
 24...24 77 03 5a 05 ed ......Microsoft Virtual WiFi Miniport Adapter
 15...24 77 03 5a 05 ec ......Intel® Centrino® Ultimate-N 6300 AGN
 13...dc 0e a1 89 3c 93 ......Broadcom NetLink ™ Gigabit Ethernet
 16...7a 79 19 31 a8 03 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 66...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 60...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 46...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 64...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1      25.49.168.3   9256
          0.0.0.0          0.0.0.0    192.168.1.254      192.168.1.9     20
         25.0.0.0        255.0.0.0         On-link       25.49.168.3   9256
      25.49.168.3  255.255.255.255         On-link       25.49.168.3   9256
   25.255.255.255  255.255.255.255         On-link       25.49.168.3   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.9    276
      192.168.1.9  255.255.255.255         On-link       192.168.1.9    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.9    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       25.49.168.3   9256
        224.0.0.0        240.0.0.0         On-link       192.168.1.9    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       25.49.168.3   9256
  255.255.255.255  255.255.255.255         On-link       192.168.1.9    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 60     58 2001::/32                On-link
 60    306 2001:0:5ef5:79fb:2035:214c:3559:c589/128
                                    On-link
 16    276 2620:9b::/64             On-link
 16    276 2620:9b::/96             On-link
 16    276 2620:9b::1931:a803/128   On-link
 16    276 fe80::/64                On-link
 15    276 fe80::/64                On-link
 60    306 fe80::/64                On-link
 15    276 fe80::116b:9a2f:b95e:82c8/128
                                    On-link
 60    306 fe80::2035:214c:3559:c589/128
                                    On-link
 16    276 fe80::9075:f3cf:2e41:9128/128
                                    On-link
  1    306 ff00::/8                 On-link
 60    306 ff00::/8                 On-link
 16    276 ff00::/8                 On-link
 15    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog5 02 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 11 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 55 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 56 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 57 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 58 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 59 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 60 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 61 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 62 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 63 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 64 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 65 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 66 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 67 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 68 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 69 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 70 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 71 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 72 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 73 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 74 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 75 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/15/2014 10:35:35 AM) (Source: Communicator) (User: )
Description: Communicator could not connect securely to server sip.rp.edu.sg because the certificate presented by the server did not match the expected hostname (sip.rp.edu.sg).



Resolution:

If you are using manual configuration with an IP address or a NetBIOS shortened server name, a fully-qualified server name will be required.  If you are using automatic configuration, the network administrator will need to make sure that the published server name in DNS is supported by the server certificate.

Error: (10/15/2014 10:35:35 AM) (Source: Communicator) (User: )
Description: Communicator was unable to resolve the DNS hostname of the login server sipinternal.rp.edu.sg.



Resolution:

If you are using manual configuration for Communicator, please check that the server name is typed correctly and in full.  If you are using automatic configuration, the network administrator will need to double-check the DNS A record configuration for sipinternal.rp.edu.sg because it could not be resolved.

Error: (10/15/2014 10:35:26 AM) (Source: Communicator) (User: )
Description: Communicator was unable to resolve the DNS hostname of the login server sipinternal.rp.edu.sg.



Resolution:

If you are using manual configuration for Communicator, please check that the server name is typed correctly and in full.  If you are using automatic configuration, the network administrator will need to double-check the DNS A record configuration for sipinternal.rp.edu.sg because it could not be resolved.

Error: (10/15/2014 10:35:26 AM) (Source: Communicator) (User: )
Description: Communicator was unable to locate the login server.  The DNS SRV record that exist for domain rp.edu.sg point to an invalid server sipdir.online.lync.com which is not trusted to provide support for the domain because the server's domain is not an exact match.



Resolution:

The network administrator will need to double-check the DNS SRV record configuration to make sure that the SRV record for the domain points to a server name that conforms to the DNS naming convention in the server deployment guide.

Error: (10/15/2014 00:21:54 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\PROGRAM FILES\ReliaSoft\Synthesis 9\DOE9.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (10/14/2014 10:51:10 PM) (Source: Communicator) (User: )
Description: Communicator could not connect securely to server sip.rp.edu.sg because the certificate presented by the server did not match the expected hostname (sip.rp.edu.sg).



Resolution:

If you are using manual configuration with an IP address or a NetBIOS shortened server name, a fully-qualified server name will be required.  If you are using automatic configuration, the network administrator will need to make sure that the published server name in DNS is supported by the server certificate.

Error: (10/14/2014 10:51:10 PM) (Source: Communicator) (User: )
Description: Communicator was unable to resolve the DNS hostname of the login server sipinternal.rp.edu.sg.



Resolution:

If you are using manual configuration for Communicator, please check that the server name is typed correctly and in full.  If you are using automatic configuration, the network administrator will need to double-check the DNS A record configuration for sipinternal.rp.edu.sg because it could not be resolved.

Error: (10/14/2014 10:51:10 PM) (Source: Communicator) (User: )
Description: Communicator was unable to resolve the DNS hostname of the login server sipinternal.rp.edu.sg.



Resolution:

If you are using manual configuration for Communicator, please check that the server name is typed correctly and in full.  If you are using automatic configuration, the network administrator will need to double-check the DNS A record configuration for sipinternal.rp.edu.sg because it could not be resolved.

Error: (10/14/2014 10:51:09 PM) (Source: Communicator) (User: )
Description: Communicator was unable to locate the login server.  The DNS SRV record that exist for domain rp.edu.sg point to an invalid server sipdir.online.lync.com which is not trusted to provide support for the domain because the server's domain is not an exact match.



Resolution:

The network administrator will need to double-check the DNS SRV record configuration to make sure that the SRV record for the domain points to a server name that conforms to the DNS naming convention in the server deployment guide.

Error: (10/14/2014 03:11:39 PM) (Source: Communicator) (User: )
Description: Communicator could not connect securely to server sip.rp.edu.sg because the certificate presented by the server did not match the expected hostname (sip.rp.edu.sg).



Resolution:

If you are using manual configuration with an IP address or a NetBIOS shortened server name, a fully-qualified server name will be required.  If you are using automatic configuration, the network administrator will need to make sure that the published server name in DNS is supported by the server certificate.


System errors:
=============
Error: (10/15/2014 10:39:22 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/15/2014 10:39:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/15/2014 10:35:35 AM) (Source: Schannel) (User: RP)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is sip.rp.edu.sg. The SSL connection request has failed. The attached data contains the server certificate.

Error: (10/15/2014 10:35:35 AM) (Source: Schannel) (User: RP)
Description: The following fatal alert was generated: 43. The internal error state is 552.

Error: (10/15/2014 10:35:11 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:
%%1053

Error: (10/15/2014 10:35:11 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

Error: (10/15/2014 10:34:57 AM) (Source: Microsoft-Windows-GroupPolicy) (User: RP)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/15/2014 10:34:52 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/15/2014 10:34:40 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain RP due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/15/2014 10:34:34 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater18.1.9 service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-30 20:43:22.393
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 20:43:21.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 19:17:59.419
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 19:17:59.257
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:36.542
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:36.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:34.466
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:34.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:33.609
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-30 18:51:33.396
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.



 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
|?o?¤§¥ú (HKLM\...\|?o?¤§¥ú_is1) (Version:  - )
=========================== Installed Programs ============================
μTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
3DSSPP 6.0.6 (HKLM\...\{CCB9F10C-FC23-4BB9-9F2D-B705D2E6834B}) (Version: 1.0.8 - University of Michigan)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AhnLab Online Security (HKLM\...\AhnLab Online Security) (Version:  - AhnLab, Inc)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Archeblade (HKLM\...\Steam App 207230) (Version:  - )
AutoCAD Mechanical 2010 (HKLM\...\AutoCAD Mechanical 2010) (Version: 14.0.48.300 - Autodesk)
AutoCAD Mechanical 2010 (Version: 14.0.48.300 - Autodesk) Hidden
AutoCAD Mechanical 2010 Language Pack - English (Version: 14.0.48.300 - Autodesk) Hidden
Baby-G (HKLM\...\Baby-G) (Version:  - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - )
Bass Fishing (HKLM\...\{CE0AE5D0-3FA0-46AC-A6C1-BD944A180A09}) (Version: 1.02.0000 - Sega)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
Bing Bar (HKLM\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2291.0 - Microsoft Corporation)
Bing Bar Platform (Version: 6.3.2291.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.8.8.8006 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{689FD579-0642-4D3E-AB61-F63B79C5075A}) (Version: 0.8.8.8006 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bootstrapper (Version: 1.2.1.0 - Minitab, Inc.) Hidden
Borderlands (HKLM\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM\...\Borderlands 2_is1) (Version:  - )
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.3.3 - Broadcom Corporation)
BYOND (HKLM\...\BYOND) (Version: 496.1145 - BYOND)
Camtasia Studio 8 (HKLM\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation)
cape pack v2.05 (HKLM\...\cape pack v2.05) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.2052 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.2052 - Cisco Systems, Inc.) Hidden
Client for Microsoft Office SharePoint Portal Server 2003 (HKLM\...\{21B9D2F9-1CE7-4CDA-9D0D-28EB96565D25}) (Version: 11.0.5704.0 - Microsoft)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Configuration Manager Client (Version: 4.00.6487.2000 - Microsoft Corporation) Hidden
CoolPack (HKLM\...\CoolPack_is1) (Version: 1.50 - IPU)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DARK BLOOD ONLINE (HKLM\...\Steam App 267790) (Version:  - JCR Soft Co., Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dota 2 (HKLM\...\Steam App 570) (Version:  - )
Double-E (HKLM\...\{B3A69653-8AAF-443B-81FC-E4E34C48D630}) (Version: 2.1.0 - Double-E)
DPL 8 (HKLM\...\{C9A0DB8C-7C42-471E-9549-8314199AF5B8}) (Version: 8.0.1 - Syncopation Software)
eFile Search Engine (HKLM\...\{61F1AB37-F5BA-459D-9C51-03D04D743F27}) (Version: 2.200.00001 - Republic Polytechnic)
EGCabal Online version 2.1.0 (HKLM\...\{606E1B88-065A-41C6-B996-287A0E756FB0}_is1) (Version: 2.1.0 - EliteGamers.Co)
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (Version: 6.0.2.0 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
eSupport UndeletePlus 3.0.2.1214 (HKLM\...\eSupport UndeletePlus_is1) (Version:  - Copyright ? 2011 eSupport.com ? All Rights Reserved)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow v1.2.4496 [2012-12-13] (HKLM\...\ffdshow_is1) (Version: 1.2.4496.0 - )
FIFA 13 version 5.1 (HKLM\...\{B810D852-DFD6-FIFA13-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
FlexSim 7.0 (HKLM\...\{F4CADF89-8B35-4B2F-9EB3-BCC704CA3E8F}) (Version: 7.0.0 - FlexSim Software Products Inc.)
Garena - FIFA ONLINE 3(English) (HKLM\...\FO3) (Version:  - Garena Online Pte Ltd.)
Garena - League of Legends (HKLM\...\LoL) (Version:  - Garena Online Pte Ltd.)
Garena - Mstar (HKLM\...\Mstar) (Version:  - Garena Online Pte Ltd.)
Garena - MStar (HKLM\...\MStarTW) (Version:  - ¥x?W?v?R?T??|3--¤?¥q)
Garena - Path of Exile (HKLM\...\PoE) (Version:  - Garena Online Pte Ltd.)
Garena - PointBlank (HKLM\...\PB) (Version:  - Garena Online Pte Ltd.)
Girls' Generation Browser Theme (HKLM\...\{6DC85976-8E59-48F0-BE80-6AFF73C9BE63}) (Version: 0.9.0.1 - Brand Thunder)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GrandDog Run Time System V1.0.35 (HKLM\...\{F5025D45-CAE1-4329-8FA9-F12B1BB7E540}) (Version:  - )
GunZ 2: The Second Duel (HKLM\...\Steam App 242720) (Version:  - MAIET Entertainment)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Deskjet 3070 B611 series Basic Device Software (HKLM\...\{DF3BD40C-0D13-45CE-BE22-A9432F264540}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3070 B611 series Help (HKLM\...\{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3070 B611 series Product Improvement Study (HKLM\...\{A8895AC3-EF5B-47B0-9A75-98584F6CA69E}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
IAHGames Player 2.03.2331 (HKLM\...\{B904D0AE-C4D8-4808-AEB9-FAFCC9F6EB1B}_is1) (Version:  - PlayFast)
iCloud (HKLM\...\{5DDB3393-E08B-447E-925F-6C00B95D0FE7}) (Version: 2.1.1.3 - Apple Inc.)
inSSIDer (HKLM\...\{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}) (Version: 2.1.1 - MetaGeek)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)
Internet Download Manager (HKLM\...\{9E60329C-A602-4C4C-9D47-C80D5807DAAD}) (Version: 6.7.1.1 - Tonec Inc.)
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
K-Lite Mega Codec Pack 7.6.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.6.0 - )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0098 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3212 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3212 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Little Fighter 2 version 2.0a (HKLM\...\Little Fighter 2 version 2.0a) (Version:  - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapInfo Professional 11.5 (HKLM\...\{8C9128C2-2077-4B6E-BFCF-2BD32A801A80}) (Version: 11.5.0 - Pitney Bowes Software)
MapleStory (HKLM\...\Maple) (Version:  - )
MapleStorySEA 1.39 (HKLM\...\{1C1ED4D6-D46E-4352-9AFE-D75B464FBA79}_is1) (Version: 1.39 - Asiasoft Online Pte. Ltd.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MediaRing Talk (HKLM\...\{34DAFDEC-A4B4-488A-A5CD-C91975A6F083}) (Version: 2.9.3.11.41.190.20110914 en RP - MediaRing)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Firewall Client (HKLM\...\{199B7F78-69B7-47C5-8D4B-A3ED1391FB6B}) (Version: 4.0.3442 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Communicator 2007 R2 (HKLM\...\{0D1CBBB9-F4A8-45B6-95E7-202BA61D7AF4}) (Version: 3.5.6907.261 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 (HKLM\...\SharePointDesigner) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 3.0.131.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minitab 15 English (HKLM\...\{71D075F0-A6F5-40B9-A771-FC59E90B0183}) (Version: 15.1.30 - Minitab, Inc)
Minitab 17 (HKLM\...\Minitab17) (Version: 17.1.0 - Minitab, Inc.)
Minitab Software Update Manager (HKLM\...\MinitabSoftwareManager) (Version: 1.2.0.0 - Minitab, Inc.)
Minitab17 (Version: 17.1.0.0 - Minitab Inc) Hidden
Minitab17 (Version: 17.1.0.0 - Minitab, Inc.) Hidden
Mnet - IAM. (HKLM\...\Mnet - IAM.) (Version:  - )
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWin Driver 1.2 (HKLM\...\MyWin Driver_is1) (Version: 1.2 - )
NCSOFT Game Launcher (HKLM\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nexon Game Manager (HKLM\...\{415ADF7E-6DB8-4481-86C0-1CEC0163CC7B}) (Version:  - )
Nexon Game Manager (HKLM\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA PhysX (HKLM\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Pangya (Ntreev USA) (HKLM\...\Pangya) (Version:  - )
Phantasy Star Online 2 (HKLM\...\http://pso2.jp/appid/release/asiasoft_sg_is1) (Version:  - Asiasoft)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 5.1 - Power Software Ltd)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
Python 2.6 PIL-1.1.7 (HKCU\...\PIL-py2.6) (Version:  - )
Python 2.6.5 (HKLM\...\{4723F199-FA64-4233-8E6E-9FCCC95A18EE}) (Version: 2.6.5150 - Python Software Foundation)
Quality Companion 3 (HKLM\...\{E9BDD615-078E-488E-B321-8CE77A94D32E}) (Version: 3.2.1 - Minitab, Inc.)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Rainmeter (HKLM\...\Rainmeter) (Version: 2.4 r1678 - )
Raptr (HKLM\...\Raptr) (Version:  - )
Really Big Sky (HKLM\...\Steam App 201570) (Version:  - Boss Baddie)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
ReliaSoft Synthesis 9 (HKLM\...\{92F8BE1F-422F-4901-85E8-EA24FF3F6E39}) (Version: 9.0.2.1 - ReliaSoft)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Rights Management Add-on for Internet Explorer (HKLM\...\{3505E1E2-8127-4681-A3EC-F9B5CAAA07C9}) (Version: 1.0.1.0000 - Microsoft)
Scarlet Blade (HKLM\...\Scarlet Blade) (Version:  - )
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.10.9473 - SoftEther VPN Project)
SoftwareManager (Version: 1.2.0.0 - Minitab, Inc.) Hidden
SolForge (HKLM\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SolidWorks 2013 SP02 (HKLM\...\SolidWorks Installation Manager 20130-40200-1100-200) (Version: 21.2.0.50 - SolidWorks Corporation)
SolidWorks 2013 SP02 (Version: 21.120.50 - SolidWorks) Hidden
SolidWorks eDrawings 2013 SP02 (Version: 13.2.110 - Dassault Systèmes SolidWorks Corp.) Hidden
SolidWorks Flow Simulation 2013 SP02 (Version: 21.20.51 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2013 SP02 (Version: 21.20.50 - SolidWorks Corporation) Hidden
SpaceChem (HKLM\...\Steam App 92800) (Version:  - Zachtronics)
StarCraft II (HKLM\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{8693E64C-16F3-4388-ACC0-9E8D586BEC17}) (Version: 12.1.3001.165 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
The Expendabros (HKLM\...\Steam App 312990) (Version:  - Free Lives)
Tunngle beta (HKLM\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3D1F379C-AA64-4823-90A4-A8DDD4B48C21}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2202188) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2202188) (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2523113) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2523113) (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIO_{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{15058154-469F-4794-ACD5-94F8420F9B80}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIO_{15058154-469F-4794-ACD5-94F8420F9B80}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{995A7832-B512-46D5-87C9-2D71FB541435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIO_{995A7832-B512-46D5-87C9-2D71FB541435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C8694FF0-8203-483B-A07A-2BC40433167D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{C8694FF0-8203-483B-A07A-2BC40433167D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.VISIO_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28FAC187-7C0E-413A-B90A-76F19D0FBF30}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{28FAC187-7C0E-413A-B90A-76F19D0FBF30}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675) (HKLM\...\{90120000-0017-0409-0000-0000000FF1CE}_SharePointDesigner_{9A9DF47B-DB4B-485D-8211-7430ABEC5259}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BEBC2484-290C-46AD-9834-6DAD1FA80273}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38990592-F6A1-4A26-96C7-0600E36AE794}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{5EBDE1DE-3B28-4134-AB00-85CFF2B4F94D}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Office 2007 (KB932080) (HKLM\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{EDC9CA29-6BC1-471C-828C-7A36109005D7}) (Version:  - Microsoft)
Update for Office 2007 (KB934391) (HKLM\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}) (Version:  - Microsoft)
UTClient (Version: 4.700.1027 - Republic Poly) Hidden
UTClient6.0.2 (HKLM\...\{4618370B-662D-4FB4-BF01-B6A844CDB1CE}) (Version: 6.0.2 - Republic Polytechnic)
UTKey (HKLM\...\{E0DC327E-8445-42B9-89DB-01D8CD2DB084}) (Version: 14.80.505 - Republic Polytechnic)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
web beanfun! (HKCU\...\beanfun!) (Version: 2.1.3.11 - Gamania Inc.)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Projector 4.1.6 (HKLM\...\{6AB21FCD-D00E-496F-9F54-840484EDB03A}_is1) (Version:  - WOW Vision Pte Ltd)
WordWeb (HKLM\...\WordWeb) (Version: 6 - WordWeb Software)
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoo Tycoon 2 Trial Version (HKLM\...\Zoo Tycoon 2 Trial Version) (Version: 1.0 - Microsoft)
剑灵_腾讯 (HKLM\...\剑灵_腾讯) (Version:  - Tencent)

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 3017.86 MB
Available physical RAM: 1077.53 MB
Total Pagefile: 6034.01 MB
Available Pagefile: 4082.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:120.11 GB) (Free:28.94 GB) NTFS
2 Drive d: () (Fixed) (Total:548.43 GB) (Free:208.09 GB) NTFS

========================= Users: ========================================

User accounts for \\RP127320

Admin                    Administrator            Guest                    


**** End of log ****
 



#4 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 09:15 PM

11:10:49.0643 0x128c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
11:10:54.0555 0x128c  ============================================================
11:10:54.0555 0x128c  Current date / time: 2014/10/15 11:10:54.0555
11:10:54.0555 0x128c  SystemInfo:
11:10:54.0555 0x128c  
11:10:54.0555 0x128c  OS Version: 6.1.7601 ServicePack: 1.0
11:10:54.0555 0x128c  Product type: Workstation
11:10:54.0556 0x128c  ComputerName: RP127320
11:10:54.0556 0x128c  UserName: 127320
11:10:54.0556 0x128c  Windows directory: C:\Windows
11:10:54.0556 0x128c  System windows directory: C:\Windows
11:10:54.0556 0x128c  Processor architecture: Intel x86
11:10:54.0556 0x128c  Number of processors: 8
11:10:54.0556 0x128c  Page size: 0x1000
11:10:54.0556 0x128c  Boot type: Normal boot
11:10:54.0556 0x128c  ============================================================
11:10:56.0916 0x128c  KLMD registered as C:\Windows\system32\drivers\75335748.sys
11:10:57.0214 0x128c  System UUID: {72BF8EBD-C1A9-004F-6CCA-2FFF9326110D}
11:10:57.0657 0x128c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:10:57.0659 0x128c  ============================================================
11:10:57.0659 0x128c  \Device\Harddisk0\DR0:
11:10:57.0659 0x128c  MBR partitions:
11:10:57.0659 0x128c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x33000
11:10:57.0660 0x128c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33800, BlocksNum 0xF037000
11:10:57.0660 0x128c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF06A800, BlocksNum 0x448DB800
11:10:57.0660 0x128c  ============================================================
11:10:57.0692 0x128c  C: <-> \Device\Harddisk0\DR0\Partition2
11:10:57.0726 0x128c  D: <-> \Device\Harddisk0\DR0\Partition3
11:10:57.0727 0x128c  ============================================================
11:10:57.0727 0x128c  Initialize success
11:10:57.0727 0x128c  ============================================================
11:11:06.0270 0x1930  ============================================================
11:11:06.0270 0x1930  Scan started
11:11:06.0270 0x1930  Mode: Manual;
11:11:06.0270 0x1930  ============================================================
11:11:06.0270 0x1930  KSN ping started
11:11:14.0614 0x1930  KSN ping finished: true
11:11:15.0378 0x1930  ================ Scan system memory ========================
11:11:15.0378 0x1930  System memory - ok
11:11:15.0380 0x1930  ================ Scan services =============================
11:11:15.0534 0x1930  1394hub - ok
11:11:15.0591 0x1930  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:11:15.0602 0x1930  1394ohci - ok
11:11:15.0665 0x1930  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:11:15.0676 0x1930  ACPI - ok
11:11:15.0711 0x1930  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:11:15.0713 0x1930  AcpiPmi - ok
11:11:15.0756 0x1930  [ 7E9AEC303D9AEEAE9CF523FBE23F2C89, 9793A4889DC3A39071B3E59ECF8FAA62E6534A9F27FB8E310C6832571588CAD4 ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
11:11:15.0758 0x1930  ACPIVPC - ok
11:11:15.0796 0x1930  [ AE954C42547605408CDDF03BB13845B8, C03F891AE085CBA2ED1539E2C96231F3960DEC375EE90890C7E6CA3FDC9A5878 ] acsock          C:\Windows\system32\DRIVERS\acsock.sys
11:11:15.0802 0x1930  acsock - ok
11:11:15.0874 0x1930  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:11:15.0879 0x1930  AdobeARMservice - ok
11:11:15.0948 0x1930  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:11:15.0965 0x1930  AdobeFlashPlayerUpdateSvc - ok
11:11:16.0032 0x1930  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:11:16.0055 0x1930  adp94xx - ok
11:11:16.0107 0x1930  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:11:16.0124 0x1930  adpahci - ok
11:11:16.0152 0x1930  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:11:16.0158 0x1930  adpu320 - ok
11:11:16.0190 0x1930  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:11:16.0195 0x1930  AeLookupSvc - ok
11:11:16.0258 0x1930  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
11:11:16.0276 0x1930  AFD - ok
11:11:16.0324 0x1930  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:11:16.0326 0x1930  agp440 - ok
11:11:16.0355 0x1930  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:11:16.0360 0x1930  aic78xx - ok
11:11:16.0397 0x1930  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:11:16.0402 0x1930  ALG - ok
11:11:16.0436 0x1930  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:11:16.0438 0x1930  aliide - ok
11:11:16.0465 0x1930  [ CA5AC6D6297936536B344196BDF89674, B8F1DF072272255CD8435C30A0F4022CFBCECB3EB937C523579CAB554CB1D8E6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:11:16.0473 0x1930  AMD External Events Utility - ok
11:11:16.0495 0x1930  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:11:16.0498 0x1930  amdagp - ok
11:11:16.0515 0x1930  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:11:16.0516 0x1930  amdide - ok
11:11:16.0553 0x1930  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:11:16.0556 0x1930  AmdK8 - ok
11:11:16.0865 0x1930  [ 662524390937EF92963AEC5CF593B537, A962B5686B57BB8B185EAAC6B0CA902DE6BCDE25D5FA37D43B3E5D6709941D16 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:11:17.0008 0x1930  amdkmdag - ok
11:11:17.0080 0x1930  [ A6BE144D25977FA52ED94F48049D4130, C9146F6597265C5DEFC190B4455FF750CCACBAF66C3BB16E7B73FF668CB870AB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:11:17.0096 0x1930  amdkmdap - ok
11:11:17.0120 0x1930  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:11:17.0124 0x1930  AmdPPM - ok
11:11:17.0168 0x1930  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:11:17.0174 0x1930  amdsata - ok
11:11:17.0211 0x1930  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:11:17.0218 0x1930  amdsbs - ok
11:11:17.0232 0x1930  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:11:17.0233 0x1930  amdxata - ok
11:11:17.0272 0x1930  [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA, 834B397F365D930DA01D5189DDF06195CFE4C0F9249223C5A9004643F41BA6E4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
11:11:17.0275 0x1930  androidusb - ok
11:11:17.0342 0x1930  [ 459C0FFF8FF5EB4E8DF7E2EFDCB28DE1, F8FF1D5C345B04F3C74C6393198D44790FDC53044CAD1323F72CC34CF26297CD ] apf003          C:\Windows\system32\apf003.sys
11:11:17.0344 0x1930  apf003 - ok
11:11:17.0378 0x1930  [ 13E5C8E5A161AA7851D1497C690291C1, 34E839F160ED56D6764BA3E9BE0F55DA04ACFB9F18AB3FB4B762C8367332C21A ] apf004          C:\Windows\system32\apf004.sys
11:11:17.0380 0x1930  apf004 - ok
11:11:17.0420 0x1930  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
11:11:17.0424 0x1930  AppID - ok
11:11:17.0449 0x1930  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:11:17.0452 0x1930  AppIDSvc - ok
11:11:17.0484 0x1930  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
11:11:17.0488 0x1930  Appinfo - ok
11:11:17.0574 0x1930  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:11:17.0579 0x1930  Apple Mobile Device - ok
11:11:17.0612 0x1930  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:11:17.0618 0x1930  AppMgmt - ok
11:11:17.0644 0x1930  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:11:17.0646 0x1930  arc - ok
11:11:17.0662 0x1930  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:11:17.0664 0x1930  arcsas - ok
11:11:17.0746 0x1930  [ EDF453AA2383E3FA11A6B1C13DB0C8B3, 390872159E19EEA462710FB5870DF54AA9E09AB24062218BADDB87F384C64D67 ] ArcService      D:\Program Files\ArcService.exe
11:11:17.0747 0x1930  ArcService - ok
11:11:17.0842 0x1930  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:11:17.0844 0x1930  aspnet_state - ok
11:11:17.0866 0x1930  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:11:17.0866 0x1930  AsyncMac - ok
11:11:17.0897 0x1930  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:11:17.0899 0x1930  atapi - ok
11:11:17.0970 0x1930  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:11:17.0993 0x1930  AudioEndpointBuilder - ok
11:11:18.0015 0x1930  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:11:18.0031 0x1930  Audiosrv - ok
11:11:18.0080 0x1930  [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
11:11:18.0084 0x1930  avgtp - ok
11:11:18.0143 0x1930  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:11:18.0150 0x1930  AxInstSV - ok
11:11:18.0216 0x1930  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:11:18.0234 0x1930  b06bdrv - ok
11:11:18.0277 0x1930  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:11:18.0285 0x1930  b57nd60x - ok
11:11:18.0480 0x1930  [ 9E209171C51B1D750F53777253B80E81, 8DC30F96A4334EFDA5A4567D4AC2AF7ACD686D3C2967335B66AEC429398B1AB6 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
11:11:18.0551 0x1930  BCM43XX - ok
11:11:18.0594 0x1930  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:11:18.0600 0x1930  BDESVC - ok
11:11:18.0631 0x1930  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:11:18.0632 0x1930  Beep - ok
11:11:18.0688 0x1930  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:11:18.0706 0x1930  BFE - ok
11:11:18.0913 0x1930  [ 02EDA1847E2F702B5C9A413DA27C8A2A, B119A9547E69D960B1099D3B72723AB201B378A7B10311F315CD0186E4BC3C22 ] BHDrvx86        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20141003.013\BHDrvx86.sys
11:11:18.0948 0x1930  BHDrvx86 - ok
11:11:19.0013 0x1930  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
11:11:19.0049 0x1930  BITS - ok
11:11:19.0082 0x1930  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:11:19.0084 0x1930  blbdrive - ok
11:11:19.0185 0x1930  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:11:19.0200 0x1930  Bonjour Service - ok
11:11:19.0227 0x1930  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:11:19.0230 0x1930  bowser - ok
11:11:19.0251 0x1930  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:11:19.0253 0x1930  BrFiltLo - ok
11:11:19.0278 0x1930  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:11:19.0279 0x1930  BrFiltUp - ok
11:11:19.0316 0x1930  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:11:19.0321 0x1930  Browser - ok
11:11:19.0351 0x1930  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:11:19.0362 0x1930  Brserid - ok
11:11:19.0386 0x1930  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:11:19.0389 0x1930  BrSerWdm - ok
11:11:19.0406 0x1930  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:11:19.0407 0x1930  BrUsbMdm - ok
11:11:19.0423 0x1930  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:11:19.0424 0x1930  BrUsbSer - ok
11:11:19.0521 0x1930  [ 22F3E5E958863BD3FD404F522E211211, 95734E7224FE17AB61CEC6C622740230FD091AC6ECF8E4F610AE147211B5978A ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe
11:11:19.0539 0x1930  BstHdAndroidSvc - ok
11:11:19.0601 0x1930  [ A2A20C164C42B9B3D686183CEB570EE6, 3F3D9B4FA627D8A50C1BCDB494CEE853C36CCF916EA6AB52AEB3C2CA69093336 ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
11:11:19.0607 0x1930  BstHdDrv - ok
11:11:19.0655 0x1930  [ 522876181BFE35762A66988DDFBE58FD, BD7AF8D3A78EFCF8D38890B2AF5B81D4938ECA0B274B6462CC7B2726CC31CB22 ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe
11:11:19.0673 0x1930  BstHdLogRotatorSvc - ok
11:11:19.0755 0x1930  [ 3C56714DC4D9F2C34449D625D8A2C015, F122E0C777D4A6DCAEB657B0934022712C9A72F650AA2615006AF465E3CE0485 ] BstHdUpdaterSvc C:\Program Files\BlueStacks\HD-UpdaterService.exe
11:11:19.0781 0x1930  BstHdUpdaterSvc - ok
11:11:19.0823 0x1930  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:11:19.0826 0x1930  BthEnum - ok
11:11:19.0857 0x1930  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:11:19.0861 0x1930  BTHMODEM - ok
11:11:19.0885 0x1930  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:11:19.0892 0x1930  BthPan - ok
11:11:19.0934 0x1930  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:11:19.0953 0x1930  BTHPORT - ok
11:11:19.0988 0x1930  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:11:19.0993 0x1930  bthserv - ok
11:11:20.0016 0x1930  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:11:20.0020 0x1930  BTHUSB - ok
11:11:20.0205 0x1930  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:11:20.0234 0x1930  c2cautoupdatesvc - ok
11:11:20.0357 0x1930  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:11:20.0386 0x1930  c2cpnrsvc - ok
11:11:20.0497 0x1930  [ A454A9BAA25B8C8E76735DD86BD4B017, 5C822C61222E6BA46943802E265666D1F8EBDD73CD94D2B791E974C7A48830F7 ] CcmExec         C:\Windows\system32\CCM\CcmExec.exe
11:11:20.0521 0x1930  CcmExec - ok
11:11:20.0623 0x1930  [ 3BEE52611F22C9C0023A98A4425E084F, 974FD5D89C8E06DC0C7E7ADB73E060CFCCA4910E69691F2BC9585B0ED1DCEFC2 ] ccSettings_{0807952E-B22C-403B-A5F9-93CF778D514E} C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\ccSetx86.sys
11:11:20.0631 0x1930  ccSettings_{0807952E-B22C-403B-A5F9-93CF778D514E} - ok
11:11:20.0670 0x1930  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:11:20.0675 0x1930  cdfs - ok
11:11:20.0727 0x1930  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:11:20.0734 0x1930  cdrom - ok
11:11:20.0775 0x1930  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:11:20.0781 0x1930  CertPropSvc - ok
11:11:20.0810 0x1930  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:11:20.0813 0x1930  circlass - ok
11:11:20.0852 0x1930  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
11:11:20.0868 0x1930  CLFS - ok
11:11:20.0915 0x1930  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:11:20.0921 0x1930  clr_optimization_v2.0.50727_32 - ok
11:11:20.0984 0x1930  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:11:20.0992 0x1930  clr_optimization_v4.0.30319_32 - ok
11:11:21.0018 0x1930  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:11:21.0019 0x1930  CmBatt - ok
11:11:21.0041 0x1930  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:11:21.0044 0x1930  cmdide - ok
11:11:21.0108 0x1930  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:11:21.0130 0x1930  CNG - ok
11:11:21.0155 0x1930  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:11:21.0156 0x1930  Compbatt - ok
11:11:21.0198 0x1930  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:11:21.0201 0x1930  CompositeBus - ok
11:11:21.0219 0x1930  COMSysApp - ok
11:11:21.0374 0x1930  [ 964B3519301CC964B032CD255F8ED943, 7F7F748B86713DA42D835FE86C07CA048A99D6268F38044EF699D8528E7BB5F3 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
11:11:21.0381 0x1930  CoordinatorServiceHost - ok
11:11:21.0407 0x1930  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:11:21.0410 0x1930  crcdisk - ok
11:11:21.0476 0x1930  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:11:21.0487 0x1930  CryptSvc - ok
11:11:21.0541 0x1930  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
11:11:21.0560 0x1930  CSC - ok
11:11:21.0594 0x1930  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
11:11:21.0615 0x1930  CscService - ok
11:11:21.0667 0x1930  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:11:21.0688 0x1930  DcomLaunch - ok
11:11:21.0713 0x1930  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:11:21.0726 0x1930  defragsvc - ok
11:11:21.0758 0x1930  [ 699EF0FD9AE72B7F5AD756E382C73E0E, 18FDAD70917551B0051D4CD97A41174F2BE953FA9173E93410E680292B413870 ] dfmirage        C:\Windows\system32\DRIVERS\dfmirage.sys
11:11:21.0760 0x1930  dfmirage - ok
11:11:21.0801 0x1930  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:11:21.0807 0x1930  DfsC - ok
11:11:21.0859 0x1930  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:11:21.0877 0x1930  Dhcp - ok
11:11:21.0893 0x1930  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:11:21.0896 0x1930  discache - ok
11:11:21.0922 0x1930  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:11:21.0926 0x1930  Disk - ok
11:11:21.0963 0x1930  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:11:21.0974 0x1930  Dnscache - ok
11:11:22.0014 0x1930  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:11:22.0028 0x1930  dot3svc - ok
11:11:22.0080 0x1930  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:11:22.0093 0x1930  DPS - ok
11:11:22.0139 0x1930  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:11:22.0141 0x1930  drmkaud - ok
11:11:22.0215 0x1930  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:11:22.0239 0x1930  DXGKrnl - ok
11:11:22.0262 0x1930  EagleNT - ok
11:11:22.0285 0x1930  EagleXNt - ok
11:11:22.0329 0x1930  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:11:22.0337 0x1930  EapHost - ok
11:11:22.0480 0x1930  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:11:22.0532 0x1930  ebdrv - ok
11:11:22.0624 0x1930  [ 8CEAC32AD17E06113DB87150C214E237, 2ECEB4216E7874E3240161B26D983B3D1202D30DDD2E524B1FA8A11690B0E239 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:11:22.0641 0x1930  eeCtrl - ok
11:11:22.0673 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
11:11:22.0676 0x1930  EFS - ok
11:11:22.0762 0x1930  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:11:22.0793 0x1930  ehRecvr - ok
11:11:22.0818 0x1930  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:11:22.0822 0x1930  ehSched - ok
11:11:22.0872 0x1930  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:11:22.0887 0x1930  elxstor - ok
11:11:22.0912 0x1930  [ 54BDBCA093814E7002723C424C0FA3F6, 677237F6898D0B96ADBB3C2BEFB6B15DF560005E31DC09799C0948C92497D58B ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:11:22.0916 0x1930  EraserUtilRebootDrv - ok
11:11:22.0943 0x1930  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:11:22.0944 0x1930  ErrDev - ok
11:11:22.0979 0x1930  [ E5698D367EC5B12A131C6E0D2B4499AA, 077158A1CA5296B481B72218613D6618323498CF06ACF87260CB31801C380D9C ] EuMusDesignVirtualAudioCableWdm_gnr C:\Windows\system32\DRIVERS\vacgnrkd.sys
11:11:22.0981 0x1930  EuMusDesignVirtualAudioCableWdm_gnr - ok
11:11:23.0022 0x1930  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:11:23.0032 0x1930  EventSystem - ok
11:11:23.0066 0x1930  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:11:23.0072 0x1930  exfat - ok
11:11:23.0090 0x1930  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:11:23.0097 0x1930  fastfat - ok
11:11:23.0173 0x1930  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:11:23.0196 0x1930  Fax - ok
11:11:23.0219 0x1930  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:11:23.0221 0x1930  fdc - ok
11:11:23.0240 0x1930  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:11:23.0245 0x1930  fdPHost - ok
11:11:23.0262 0x1930  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:11:23.0267 0x1930  FDResPub - ok
11:11:23.0297 0x1930  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:11:23.0302 0x1930  FileInfo - ok
11:11:23.0312 0x1930  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:11:23.0315 0x1930  Filetrace - ok
11:11:23.0416 0x1930  [ 21485C51A6C0DC3D096A96428455AE0C, A14E242504B198F3A27F5C6D5CDA467CF0CE52AA723D70CB3A038B7A8716995B ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:11:23.0446 0x1930  FLEXnet Licensing Service - ok
11:11:23.0459 0x1930  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:11:23.0460 0x1930  flpydisk - ok
11:11:23.0486 0x1930  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:11:23.0491 0x1930  FltMgr - ok
11:11:23.0574 0x1930  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
11:11:23.0610 0x1930  FontCache - ok
11:11:23.0658 0x1930  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:11:23.0662 0x1930  FontCache3.0.0.0 - ok
11:11:23.0681 0x1930  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:11:23.0685 0x1930  FsDepends - ok
11:11:23.0717 0x1930  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:11:23.0720 0x1930  Fs_Rec - ok
11:11:23.0765 0x1930  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:11:23.0776 0x1930  fvevol - ok
11:11:23.0842 0x1930  [ 024C0E47AC6CF525F558400AE09CA63D, FA3B8E56C923FEAFC3899A65B0DC46203F4FC7BEF18535AED0CAE359116E2200 ] FwcAgent        C:\Program Files\Microsoft Firewall Client 2004\FwcAgent.exe
11:11:23.0852 0x1930  FwcAgent - ok
11:11:23.0883 0x1930  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:11:23.0887 0x1930  gagp30kx - ok
11:11:23.0922 0x1930  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:11:23.0924 0x1930  GEARAspiWDM - ok
11:11:23.0991 0x1930  GGSAFERDriver - ok
11:11:24.0056 0x1930  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:11:24.0084 0x1930  gpsvc - ok
11:11:24.0228 0x1930  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:11:24.0237 0x1930  gupdate - ok
11:11:24.0253 0x1930  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:11:24.0260 0x1930  gupdatem - ok
11:11:24.0288 0x1930  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:11:24.0298 0x1930  gusvc - ok
11:11:24.0335 0x1930  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
11:11:24.0337 0x1930  hamachi - ok
11:11:24.0492 0x1930  [ 0DC754051D6618AC2A20DA6E1A2128ED, 07B32EB196357E5B0C684F1FDFECE492A5D3E1925EE5360B5FB4FC8D2651EA27 ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
11:11:24.0532 0x1930  Hamachi2Svc - ok
11:11:24.0553 0x1930  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:11:24.0554 0x1930  hcw85cir - ok
11:11:24.0612 0x1930  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:11:24.0624 0x1930  HdAudAddService - ok
11:11:24.0651 0x1930  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:11:24.0655 0x1930  HDAudBus - ok
11:11:24.0666 0x1930  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:11:24.0668 0x1930  HidBatt - ok
11:11:24.0692 0x1930  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:11:24.0696 0x1930  HidBth - ok
11:11:24.0721 0x1930  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:11:24.0724 0x1930  HidIr - ok
11:11:24.0745 0x1930  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
11:11:24.0751 0x1930  hidserv - ok
11:11:24.0793 0x1930  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:11:24.0795 0x1930  HidUsb - ok
11:11:24.0823 0x1930  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:11:24.0831 0x1930  hkmsvc - ok
11:11:24.0878 0x1930  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:11:24.0892 0x1930  HomeGroupListener - ok
11:11:24.0931 0x1930  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:11:24.0944 0x1930  HomeGroupProvider - ok
11:11:24.0992 0x1930  [ 0573480A26DB723364C65373094CF73C, 1D19039B248BFFC367609E88D04A4460E6CA2D546596EE928987348CC50E5719 ] HOSTNT          C:\Windows\system32\drivers\hostnt.sys
11:11:24.0993 0x1930  HOSTNT - ok
11:11:25.0037 0x1930  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:11:25.0042 0x1930  HpSAMD - ok
11:11:25.0107 0x1930  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:11:25.0131 0x1930  HTTP - ok
11:11:25.0150 0x1930  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:11:25.0152 0x1930  hwpolicy - ok
11:11:25.0185 0x1930  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:11:25.0189 0x1930  i8042prt - ok
11:11:25.0243 0x1930  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:11:25.0259 0x1930  iaStorV - ok
11:11:25.0306 0x1930  [ 2714BB9E5C05BEBF8488207A1B5A5F62, A8A077FF6263DF90C68BA3B8B71C80523BA0267FD00AA11FC3EC462A9D948EB8 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
11:11:25.0313 0x1930  IDMWFP - ok
11:11:25.0405 0x1930  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:11:25.0439 0x1930  idsvc - ok
11:11:25.0634 0x1930  [ FFBDBF55501225FA6D2679FEB4BCD664, C99EC87E08EACEBAAD82428B7B3A31701F44558EB65A36777E1E2C23CD6A7086 ] IDSVix86        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20141011.011\IDSvix86.sys
11:11:25.0658 0x1930  IDSVix86 - ok
11:11:25.0692 0x1930  IEEtwCollectorService - ok
11:11:26.0064 0x1930  [ 74C774C20ACC424874A84A18B3D96667, 98D35E38075E64694B00559A6379DD7FF264C24A94EFA1B160BE0838E034D4B9 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
11:11:26.0416 0x1930  igfx - ok
11:11:26.0457 0x1930  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:11:26.0458 0x1930  iirsp - ok
11:11:26.0520 0x1930  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:11:26.0552 0x1930  IKEEXT - ok
11:11:26.0717 0x1930  [ ABE0582E906E91DD934C56282BED601B, 1516DD5A7E1FF83696A92F448B6438734DB5B7CD5E0321A2319AEC4D549A5245 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:11:26.0775 0x1930  IntcAzAudAddService - ok
11:11:26.0802 0x1930  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:11:26.0806 0x1930  IntcDAud - ok
11:11:26.0833 0x1930  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:11:26.0834 0x1930  intelide - ok
11:11:27.0170 0x1930  [ 74C774C20ACC424874A84A18B3D96667, 98D35E38075E64694B00559A6379DD7FF264C24A94EFA1B160BE0838E034D4B9 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd32.sys
11:11:27.0473 0x1930  intelkmd - ok
11:11:27.0511 0x1930  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:11:27.0512 0x1930  intelppm - ok
11:11:27.0532 0x1930  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:11:27.0542 0x1930  IPBusEnum - ok
11:11:27.0569 0x1930  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:11:27.0573 0x1930  IpFilterDriver - ok
11:11:27.0643 0x1930  [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:11:27.0667 0x1930  iphlpsvc - ok
11:11:27.0694 0x1930  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:11:27.0697 0x1930  IPMIDRV - ok
11:11:27.0718 0x1930  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:11:27.0723 0x1930  IPNAT - ok
11:11:27.0806 0x1930  [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:11:27.0832 0x1930  iPod Service - ok
11:11:27.0855 0x1930  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:11:27.0856 0x1930  IRENUM - ok
11:11:27.0895 0x1930  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:11:27.0898 0x1930  isapnp - ok
11:11:27.0941 0x1930  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:11:27.0955 0x1930  iScsiPrt - ok
11:11:28.0001 0x1930  [ 8BBE388234C79E51EBB091EDBFA77EA7, 35A665F9B0FA08724688CBD2234BB63658A59474CB568CFB4CC84D93A51C8C1E ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
11:11:28.0007 0x1930  JMCR - ok
11:11:28.0061 0x1930  [ 410765797CF25CA4B94493D21CCFD487, A058D91A8C0EE3C40BE0836F58D4E1B8DB95CD5E402957A2F20E307A18D834E9 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
11:11:28.0077 0x1930  k57nd60x - ok
11:11:28.0118 0x1930  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:11:28.0121 0x1930  kbdclass - ok
11:11:28.0162 0x1930  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:11:28.0165 0x1930  kbdhid - ok
11:11:28.0207 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
11:11:28.0212 0x1930  KeyIso - ok
11:11:28.0243 0x1930  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:11:28.0247 0x1930  KSecDD - ok
11:11:28.0293 0x1930  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:11:28.0303 0x1930  KSecPkg - ok
11:11:28.0339 0x1930  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:11:28.0358 0x1930  KtmRm - ok
11:11:28.0411 0x1930  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:11:28.0429 0x1930  LanmanServer - ok
11:11:28.0466 0x1930  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:11:28.0479 0x1930  LanmanWorkstation - ok
11:11:28.0534 0x1930  [ 8FF8B5F04AC4D57F9A965BB4DF07813E, E39669D8F4354CDCB7EDFA8722916E2BF6C3778EDDD81D0F6AF6D129B0619BA7 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX86.sys
11:11:28.0538 0x1930  LHDmgr - ok
11:11:28.0557 0x1930  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:11:28.0561 0x1930  lltdio - ok
11:11:28.0598 0x1930  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:11:28.0615 0x1930  lltdsvc - ok
11:11:28.0634 0x1930  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:11:28.0639 0x1930  lmhosts - ok
11:11:28.0705 0x1930  [ 81B85B4D98D034D5D375EF5D2957A2EC, EFEF3C51CECAB87827A6CC70353EA90D261B7C1E69A6FE64B6A8BC86012337C1 ] LMIGuardianSvc  C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
11:11:28.0728 0x1930  LMIGuardianSvc - ok
11:11:28.0759 0x1930  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:11:28.0763 0x1930  LSI_FC - ok
11:11:28.0791 0x1930  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:11:28.0795 0x1930  LSI_SAS - ok
11:11:28.0823 0x1930  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:11:28.0826 0x1930  LSI_SAS2 - ok
11:11:28.0849 0x1930  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:11:28.0853 0x1930  LSI_SCSI - ok
11:11:28.0882 0x1930  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:11:28.0886 0x1930  luafv - ok
11:11:28.0937 0x1930  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:11:28.0940 0x1930  MBAMProtector - ok
11:11:29.0105 0x1930  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
11:11:29.0160 0x1930  MBAMScheduler - ok
11:11:29.0208 0x1930  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
11:11:29.0222 0x1930  MBAMService - ok
11:11:29.0256 0x1930  [ BD27D97297934FD4217A37FD28A7ABC7, 446F3D6D278A4B3B79B331AA325632FD038952E5E910FC927894E9171A623794 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:11:29.0257 0x1930  MBAMWebAccessControl - ok
11:11:29.0335 0x1930  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
11:11:29.0352 0x1930  McComponentHostService - ok
11:11:29.0385 0x1930  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:11:29.0391 0x1930  Mcx2Svc - ok
11:11:29.0470 0x1930  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
11:11:29.0484 0x1930  MDM - ok
11:11:29.0508 0x1930  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:11:29.0510 0x1930  megasas - ok
11:11:29.0536 0x1930  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:11:29.0545 0x1930  MegaSR - ok
11:11:29.0572 0x1930  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
11:11:29.0574 0x1930  MEI - ok
11:11:29.0626 0x1930  Microsoft SharePoint Workspace Audit Service - ok
11:11:29.0676 0x1930  [ AAFEAD40E23BCFB58F62F988A280ACC9, B37EC35A11C7B1DD55CED6557546B9EC3B7F93DDC8DD0A8BE36C344993D69568 ] Mkd2Bthf        C:\Windows\system32\drivers\Mkd2Bthf.sys
11:11:29.0680 0x1930  Mkd2Bthf - ok
11:11:29.0713 0x1930  [ 964768FA2F6CA7A34CF483F52770AF33, D2DF5375AB27A283D2AC49D5258FC2FCE649C1B869DB61B10504063E5007768F ] Mkd2kfNt        C:\Windows\system32\drivers\Mkd2kfNt.sys
11:11:29.0719 0x1930  Mkd2kfNt - ok
11:11:29.0748 0x1930  [ CF7BFC6518193C18C72D22F186DBF54E, 9DA0B886013D3F879C85151E2DE3FAF8E2E2C7F349DEA6A33CA454F354391575 ] Mkd2Nadr        C:\Windows\system32\drivers\Mkd2Nadr.sys
11:11:29.0752 0x1930  Mkd2Nadr - ok
11:11:29.0780 0x1930  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:11:29.0785 0x1930  MMCSS - ok
11:11:29.0812 0x1930  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:11:29.0814 0x1930  Modem - ok
11:11:29.0830 0x1930  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:11:29.0832 0x1930  monitor - ok
11:11:29.0875 0x1930  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:11:29.0877 0x1930  mouclass - ok
11:11:29.0904 0x1930  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:11:29.0907 0x1930  mouhid - ok
11:11:29.0951 0x1930  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:11:29.0956 0x1930  mountmgr - ok
11:11:30.0023 0x1930  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:11:30.0031 0x1930  MozillaMaintenance - ok
11:11:30.0078 0x1930  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:11:30.0085 0x1930  mpio - ok
11:11:30.0138 0x1930  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:11:30.0141 0x1930  mpsdrv - ok
11:11:30.0192 0x1930  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:11:30.0211 0x1930  MpsSvc - ok
11:11:30.0243 0x1930  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:11:30.0247 0x1930  MRxDAV - ok
11:11:30.0276 0x1930  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:11:30.0280 0x1930  mrxsmb - ok
11:11:30.0297 0x1930  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:11:30.0304 0x1930  mrxsmb10 - ok
11:11:30.0322 0x1930  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:11:30.0326 0x1930  mrxsmb20 - ok
11:11:30.0357 0x1930  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:11:30.0358 0x1930  msahci - ok
11:11:30.0393 0x1930  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:11:30.0396 0x1930  msdsm - ok
11:11:30.0415 0x1930  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:11:30.0427 0x1930  MSDTC - ok
11:11:30.0470 0x1930  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:11:30.0473 0x1930  Msfs - ok
11:11:30.0492 0x1930  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:11:30.0493 0x1930  mshidkmdf - ok
11:11:30.0512 0x1930  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:11:30.0514 0x1930  msisadrv - ok
11:11:30.0553 0x1930  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:11:30.0563 0x1930  MSiSCSI - ok
11:11:30.0572 0x1930  msiserver - ok
11:11:30.0599 0x1930  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:11:30.0601 0x1930  MSKSSRV - ok
11:11:30.0621 0x1930  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:11:30.0623 0x1930  MSPCLOCK - ok
11:11:30.0634 0x1930  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:11:30.0635 0x1930  MSPQM - ok
11:11:30.0666 0x1930  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:11:30.0677 0x1930  MsRPC - ok
11:11:30.0708 0x1930  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:11:30.0711 0x1930  mssmbios - ok
11:11:30.0726 0x1930  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:11:30.0728 0x1930  MSTEE - ok
11:11:30.0913 0x1930  [ 73FA09B84B23A1897809A84F976D5D99, 8ADBEE035DF08DB860D56597C88230F4ECE80B214A13AF22D5D5475C9B7FEFC1 ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
11:11:30.0961 0x1930  msvsmon80 - ok
11:11:30.0978 0x1930  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:11:30.0978 0x1930  MTConfig - ok
11:11:31.0003 0x1930  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:11:31.0008 0x1930  Mup - ok
11:11:31.0062 0x1930  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:11:31.0080 0x1930  napagent - ok
11:11:31.0115 0x1930  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:11:31.0127 0x1930  NativeWifiP - ok
11:11:31.0223 0x1930  [ 339D6CD79DFCB48EF125A89949ED54B4, D3C6F56363F0FA9A45C3560816DD7533C7D15D7DCC78346A4A48C29EA86D9439 ] NAVENG          C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20141013.034\NAVENG.SYS
11:11:31.0230 0x1930  NAVENG - ok
11:11:31.0324 0x1930  [ 2061D3961C053AA0C55A20F6184DA4CF, 4D50107E7245ED58B943BA536B6B69A6C7465202DCE78135BB0FD5EF2EF02FB3 ] NAVEX15         C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20141013.034\NAVEX15.SYS
11:11:31.0355 0x1930  NAVEX15 - ok
11:11:31.0398 0x1930  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:11:31.0411 0x1930  NDIS - ok
11:11:31.0432 0x1930  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:11:31.0433 0x1930  NdisCap - ok
11:11:31.0465 0x1930  [ 609803D1302B80E895035B09084114C3, 464108B2EDB35D8A616F3F818977D6D21898071FB57B9077C7B67E09DAF38040 ] Ndisrd          C:\Windows\system32\DRIVERS\ndisrd.sys
11:11:31.0468 0x1930  Ndisrd - ok
11:11:31.0490 0x1930  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:11:31.0492 0x1930  NdisTapi - ok
11:11:31.0522 0x1930  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:11:31.0524 0x1930  Ndisuio - ok
11:11:31.0557 0x1930  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:11:31.0561 0x1930  NdisWan - ok
11:11:31.0579 0x1930  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:11:31.0581 0x1930  NDProxy - ok
11:11:31.0633 0x1930  [ D251FEEE85F7F2DB06E80B640D6F248C, 71DB3D50CF3B5983373624C558F3A495E2B66D1A045BF58619C0BA49A2CD18F4 ] Neo_vpn         C:\Windows\system32\DRIVERS\Neo_0065.sys
11:11:31.0636 0x1930  Neo_vpn - ok
11:11:31.0688 0x1930  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
11:11:31.0691 0x1930  Netaapl - ok
11:11:31.0718 0x1930  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:11:31.0721 0x1930  NetBIOS - ok
11:11:31.0751 0x1930  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:11:31.0754 0x1930  NetBT - ok
11:11:31.0764 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
11:11:31.0766 0x1930  Netlogon - ok
11:11:31.0801 0x1930  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:11:31.0817 0x1930  Netman - ok
11:11:31.0888 0x1930  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:11:31.0898 0x1930  NetMsmqActivator - ok
11:11:31.0912 0x1930  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:11:31.0921 0x1930  NetPipeActivator - ok
11:11:31.0956 0x1930  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:11:31.0980 0x1930  netprofm - ok
11:11:31.0994 0x1930  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:11:32.0003 0x1930  NetTcpActivator - ok
11:11:32.0017 0x1930  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:11:32.0025 0x1930  NetTcpPortSharing - ok
11:11:32.0295 0x1930  [ 5C979C481981E04919ECBB3B88D54B34, B7FF0BF75A5BCDA33F62BA85BA3391A02704B19609AD676FDF90E541687FC501 ] NETwNs32        C:\Windows\system32\DRIVERS\NETwNs32.sys
11:11:32.0422 0x1930  NETwNs32 - ok
11:11:32.0454 0x1930  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:11:32.0455 0x1930  nfrd960 - ok
11:11:32.0496 0x1930  [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:11:32.0515 0x1930  NlaSvc - ok
11:11:32.0547 0x1930  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:11:32.0549 0x1930  Npfs - ok
11:11:32.0561 0x1930  npggsvc - ok
11:11:32.0587 0x1930  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
11:11:32.0591 0x1930  nsi - ok
11:11:32.0610 0x1930  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:11:32.0611 0x1930  nsiproxy - ok
11:11:32.0716 0x1930  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:11:32.0748 0x1930  Ntfs - ok
11:11:32.0761 0x1930  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:11:32.0762 0x1930  Null - ok
11:11:32.0786 0x1930  [ 156BD6CF8A9EC8292C84E04D09BF0472, DF400262252F47FFE5DD97590AA3F56D0CE8869BBA2FA3760BC6F6247C066332 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:11:32.0787 0x1930  nusb3hub - ok
11:11:32.0821 0x1930  [ 3B8166BB6D665E9242F05EB2BF68527A, 6493BF09B266879604BEEB83B1FE0729628E7240BF4B0F17D23B19A9BF391801 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:11:32.0830 0x1930  nusb3xhc - ok
11:11:32.0886 0x1930  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:11:32.0894 0x1930  nvraid - ok
11:11:32.0920 0x1930  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:11:32.0928 0x1930  nvstor - ok
11:11:32.0977 0x1930  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:11:32.0982 0x1930  nv_agp - ok
11:11:33.0056 0x1930  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:11:33.0077 0x1930  odserv - ok
11:11:33.0117 0x1930  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:11:33.0121 0x1930  ohci1394 - ok
11:11:33.0165 0x1930  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:11:33.0175 0x1930  ose - ok
11:11:33.0387 0x1930  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:11:33.0464 0x1930  osppsvc - ok
11:11:33.0491 0x1930  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:11:33.0500 0x1930  p2pimsvc - ok
11:11:33.0528 0x1930  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:11:33.0543 0x1930  p2psvc - ok
11:11:33.0567 0x1930  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:11:33.0571 0x1930  Parport - ok
11:11:33.0603 0x1930  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:11:33.0606 0x1930  partmgr - ok
11:11:33.0627 0x1930  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:11:33.0628 0x1930  Parvdm - ok
11:11:33.0653 0x1930  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:11:33.0660 0x1930  PcaSvc - ok
11:11:33.0709 0x1930  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:11:33.0719 0x1930  pci - ok
11:11:33.0751 0x1930  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:11:33.0753 0x1930  pciide - ok
11:11:33.0788 0x1930  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:11:33.0800 0x1930  pcmcia - ok
11:11:33.0830 0x1930  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:11:33.0834 0x1930  pcw - ok
11:11:33.0883 0x1930  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:11:33.0916 0x1930  PEAUTH - ok
11:11:33.0974 0x1930  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:11:33.0993 0x1930  PeerDistSvc - ok
11:11:34.0094 0x1930  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
11:11:34.0122 0x1930  pla - ok
11:11:34.0181 0x1930  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:11:34.0205 0x1930  PlugPlay - ok
11:11:34.0271 0x1930  [ 205E1B699FD3F2F9B036EEA2EC30C620, 9D5C8009BC3F6F76438FC82C3DAAA3E9CC87F74CDE841A0ADD9EF00E98DB6890 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
11:11:34.0281 0x1930  PnkBstrA - ok
11:11:34.0308 0x1930  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:11:34.0315 0x1930  PNRPAutoReg - ok
11:11:34.0341 0x1930  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:11:34.0358 0x1930  PNRPsvc - ok
11:11:34.0445 0x1930  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:11:34.0463 0x1930  PolicyAgent - ok
11:11:34.0541 0x1930  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:11:34.0555 0x1930  Power - ok
11:11:34.0676 0x1930  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:11:34.0682 0x1930  PptpMiniport - ok
11:11:34.0735 0x1930  [ 2A4514A9233D35A355F569FF8B8F6240, CFDE4FE30D50727F74933883B614640FD7047FBEE4EB5D6E32DB760C7FA8DA55 ] prepdrvr        C:\Windows\system32\CCM\prepdrv.sys
11:11:34.0737 0x1930  prepdrvr - ok
11:11:34.0764 0x1930  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:11:34.0769 0x1930  Processor - ok
11:11:34.0817 0x1930  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:11:34.0832 0x1930  ProfSvc - ok
11:11:34.0849 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:11:34.0854 0x1930  ProtectedStorage - ok
11:11:34.0891 0x1930  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:11:34.0898 0x1930  Psched - ok
11:11:35.0012 0x1930  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:11:35.0041 0x1930  ql2300 - ok
11:11:35.0063 0x1930  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:11:35.0065 0x1930  ql40xx - ok
11:11:35.0126 0x1930  QMUdisk - ok
11:11:35.0205 0x1930  QQPMAndroidServer - ok
11:11:35.0247 0x1930  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:11:35.0264 0x1930  QWAVE - ok
11:11:35.0284 0x1930  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:11:35.0286 0x1930  QWAVEdrv - ok
11:11:35.0303 0x1930  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:11:35.0304 0x1930  RasAcd - ok
11:11:35.0338 0x1930  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:11:35.0342 0x1930  RasAgileVpn - ok
11:11:35.0371 0x1930  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:11:35.0379 0x1930  RasAuto - ok
11:11:35.0392 0x1930  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:11:35.0397 0x1930  Rasl2tp - ok
11:11:35.0442 0x1930  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:11:35.0460 0x1930  RasMan - ok
11:11:35.0487 0x1930  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:11:35.0492 0x1930  RasPppoe - ok
11:11:35.0523 0x1930  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:11:35.0528 0x1930  RasSstp - ok
11:11:35.0569 0x1930  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:11:35.0584 0x1930  rdbss - ok
11:11:35.0610 0x1930  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:11:35.0612 0x1930  rdpbus - ok
11:11:35.0655 0x1930  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:11:35.0657 0x1930  RDPCDD - ok
11:11:35.0702 0x1930  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:11:35.0710 0x1930  RDPDR - ok
11:11:35.0731 0x1930  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:11:35.0732 0x1930  RDPENCDD - ok
11:11:35.0751 0x1930  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:11:35.0752 0x1930  RDPREFMP - ok
11:11:35.0810 0x1930  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:11:35.0812 0x1930  RdpVideoMiniport - ok
11:11:35.0850 0x1930  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:11:35.0860 0x1930  RDPWD - ok
11:11:35.0913 0x1930  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:11:35.0923 0x1930  rdyboost - ok
11:11:35.0958 0x1930  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:11:35.0966 0x1930  RemoteAccess - ok
11:11:35.0998 0x1930  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:11:36.0009 0x1930  RemoteRegistry - ok
11:11:36.0134 0x1930  [ 290665A064D848B1F99EF91DD0EA6C2B, CA3AC3E70776D5802BA05FCD967465098E37B1220FDD9CE1CE5E72F468BF7CA0 ] RemoteSolverDispatcher C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
11:11:36.0138 0x1930  RemoteSolverDispatcher - ok
11:11:36.0187 0x1930  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:11:36.0196 0x1930  RFCOMM - ok
11:11:36.0239 0x1930  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:11:36.0247 0x1930  RpcEptMapper - ok
11:11:36.0265 0x1930  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:11:36.0270 0x1930  RpcLocator - ok
11:11:36.0329 0x1930  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
11:11:36.0351 0x1930  RpcSs - ok
11:11:36.0378 0x1930  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:11:36.0381 0x1930  rspndr - ok
11:11:36.0640 0x1930  [ 89F368E5BC5742EB6DB41095B83B832A, DF3F24857AC78AEEFBC0401C40CB636A04AE46135C6A4DFA6E4C926FA7FF224C ] rtsuvc          C:\Windows\system32\DRIVERS\rtsuvc.sys
11:11:36.0754 0x1930  rtsuvc - ok
11:11:36.0818 0x1930  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:11:36.0820 0x1930  s3cap - ok
11:11:36.0840 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
11:11:36.0846 0x1930  SamSs - ok
11:11:36.0876 0x1930  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:11:36.0882 0x1930  sbp2port - ok
11:11:36.0920 0x1930  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:11:36.0934 0x1930  SCardSvr - ok
11:11:36.0993 0x1930  [ BB68443901FF680C799E8F4A464ECE39, BA90399AEBD1246A563E90D39240A97A4C60705F43A63033401F61B9BC382618 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
11:11:37.0001 0x1930  SCDEmu - ok
11:11:37.0036 0x1930  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:11:37.0039 0x1930  scfilter - ok
11:11:37.0110 0x1930  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
11:11:37.0144 0x1930  Schedule - ok
11:11:37.0175 0x1930  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:11:37.0178 0x1930  SCPolicySvc - ok
11:11:37.0230 0x1930  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:11:37.0236 0x1930  sdbus - ok
11:11:37.0277 0x1930  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:11:37.0290 0x1930  SDRSVC - ok
11:11:37.0364 0x1930  [ 331E7BDE228914574FC9AE6CD520DAFA, 15C6364E73328E86E431DA0960DEE794F96A6E83FF82C9CA181E70127E395311 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:11:37.0380 0x1930  SeaPort - ok
11:11:37.0413 0x1930  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:11:37.0416 0x1930  secdrv - ok
11:11:37.0446 0x1930  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
11:11:37.0454 0x1930  seclogon - ok
11:11:37.0476 0x1930  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:11:37.0485 0x1930  SENS - ok
11:11:37.0495 0x1930  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:11:37.0503 0x1930  SensrSvc - ok
11:11:37.0656 0x1930  [ 94E826672988FBCE0979F7800EB770C9, 713AF15002F64201A913670A4F9BDD59816D1D55A95B4175E4FEA467D8919BFB ] SepMasterService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
11:11:37.0665 0x1930  SepMasterService - ok
11:11:37.0695 0x1930  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:11:37.0698 0x1930  Serenum - ok
11:11:37.0726 0x1930  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:11:37.0732 0x1930  Serial - ok
11:11:37.0767 0x1930  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:11:37.0769 0x1930  sermouse - ok
11:11:37.0813 0x1930  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:11:37.0826 0x1930  SessionEnv - ok
11:11:38.0024 0x1930  [ 33E91A68FF0B8A1E7B5A1676583D9907, 500BD374DC642D84C0120AE61D75BA92663868CE6354EB6E07FFCD362812CFA1 ] SEVPNCLIENT     C:\Program Files\SoftEther VPN Client\vpnclient.exe
11:11:38.0083 0x1930  SEVPNCLIENT - ok
11:11:38.0120 0x1930  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:11:38.0122 0x1930  sffdisk - ok
11:11:38.0144 0x1930  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:11:38.0145 0x1930  sffp_mmc - ok
11:11:38.0169 0x1930  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:11:38.0171 0x1930  sffp_sd - ok
11:11:38.0217 0x1930  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:11:38.0219 0x1930  sfloppy - ok
11:11:38.0260 0x1930  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:11:38.0271 0x1930  SharedAccess - ok
11:11:38.0310 0x1930  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:11:38.0321 0x1930  ShellHWDetection - ok
11:11:38.0360 0x1930  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:11:38.0364 0x1930  sisagp - ok
11:11:38.0402 0x1930  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:11:38.0405 0x1930  SiSRaid2 - ok
11:11:38.0432 0x1930  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:11:38.0438 0x1930  SiSRaid4 - ok
11:11:38.0461 0x1930  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:11:38.0466 0x1930  Smb - ok
11:11:38.0626 0x1930  [ 75AE764759903F0F9B4A2DF45A70C014, 1BB3D180DD95C93E323F8068DC52773AC83AFE5DD838CDEC58AC88066F27526E ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe
11:11:38.0656 0x1930  SmcService - ok
11:11:38.0661 0x1930  smstsmgr - ok
11:11:38.0698 0x1930  [ 69ACB841E1146458D3160240A99D6E45, 4B6E4AA79D7D3A6958ED1619417B61640F1CBB552C3550CE5F95F0373F4D9581 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\snac.exe
11:11:38.0703 0x1930  SNAC - ok
11:11:38.0742 0x1930  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:11:38.0744 0x1930  SNMPTRAP - ok
11:11:38.0800 0x1930  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
11:11:38.0805 0x1930  SolidWorks Licensing Service - ok
11:11:38.0823 0x1930  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:11:38.0825 0x1930  spldr - ok
11:11:38.0885 0x1930  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:11:38.0906 0x1930  Spooler - ok
11:11:39.0067 0x1930  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:11:39.0121 0x1930  sppsvc - ok
11:11:39.0136 0x1930  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:11:39.0138 0x1930  sppuinotify - ok
11:11:39.0222 0x1930  [ DEC7A6E25F780B0430F4A53F0F5A9EE4, F5BF72308D925418254D5560C5573F28AB5435A1699DDB28FF8CFDA8ABDBFA61 ] SRTSP           C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSP.SYS
11:11:39.0243 0x1930  SRTSP - ok
11:11:39.0268 0x1930  [ FE9BD381778A344F0E39AE2D5E607D7F, 04F7EEE5ADF802BE120CFC730D5D5B97AF561278ABDE3C094E43174886C3867B ] SRTSPX          C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSPX.SYS
11:11:39.0270 0x1930  SRTSPX - ok
11:11:39.0300 0x1930  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:11:39.0311 0x1930  srv - ok
11:11:39.0337 0x1930  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:11:39.0348 0x1930  srv2 - ok
11:11:39.0367 0x1930  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:11:39.0372 0x1930  srvnet - ok
11:11:39.0418 0x1930  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05, 59D015DD86EA35AC8F667C063AE76FAFA9497F04225D256DF5A37EB1461F15D4 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
11:11:39.0426 0x1930  ssadbus - ok
11:11:39.0457 0x1930  [ BB2C84A15C765DA89FD832B0E73F26CE, BAE3E7726F075340B8CC7BCA18869DFEA304A03B0A0429B4C3D186B1149E9A9A ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:11:39.0459 0x1930  ssadmdfl - ok
11:11:39.0483 0x1930  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31, 0A37081D95A56861C3E48592048DFCFAE6FB38510D21AB41C9C73744743E7646 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
11:11:39.0491 0x1930  ssadmdm - ok
11:11:39.0543 0x1930  [ 1A5A397BC459F346AB56492B61EF79F6, 9CB7BE4E4A7B145D97BA0C72EE7ECB844DA6EB0282FBC3BE92A1CC5AD80FA6C4 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
11:11:39.0551 0x1930  ssadserd - ok
11:11:39.0587 0x1930  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:11:39.0601 0x1930  SSDPSRV - ok
11:11:39.0636 0x1930  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:11:39.0646 0x1930  SstpSvc - ok
11:11:39.0794 0x1930  [ AFE32AFD30464FC59CB8E88DC72F66FA, 24644F8AA47E61B98EF867BE18A9BE383822D64F3AADF2ED35E42FBFBA7B340F ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
11:11:39.0820 0x1930  Steam Client Service - ok
11:11:39.0847 0x1930  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:11:39.0848 0x1930  stexstor - ok
11:11:39.0881 0x1930  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
11:11:39.0883 0x1930  StillCam - ok
11:11:39.0937 0x1930  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:11:39.0960 0x1930  StiSvc - ok
11:11:39.0998 0x1930  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:11:40.0000 0x1930  storflt - ok
11:11:40.0016 0x1930  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
11:11:40.0020 0x1930  StorSvc - ok
11:11:40.0034 0x1930  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:11:40.0036 0x1930  storvsc - ok
11:11:40.0047 0x1930  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:11:40.0048 0x1930  swenum - ok
11:11:40.0071 0x1930  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:11:40.0086 0x1930  swprv - ok
11:11:40.0129 0x1930  [ AA2E2C0FF79E029F51B675D92B5E152D, 4A15AAC33E747DADD6C89AA8CA07D631A842CB666B9E8A39A0E8228A79B2CBB4 ] SyDvCtrl        C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\SyDvCtrl32.sys
11:11:40.0131 0x1930  SyDvCtrl - ok
11:11:40.0178 0x1930  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00, 3D02DE6ED9B4734749B6C72730E8D3134FC73EAE9ADD4FB007BF78A9C59E4C8D ] SymDS           C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMDS.SYS
11:11:40.0192 0x1930  SymDS - ok
11:11:40.0246 0x1930  [ 1773FB2920EBB3A8BAD0360618091470, 82ABB41801BB4DBADEC8AED8579F0B2BC4D704B1559F768DC223FCB0B13C6A01 ] SymEFA          C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMEFA.SYS
11:11:40.0265 0x1930  SymEFA - ok
11:11:40.0297 0x1930  [ F50D81D3E0C7A353F205562B89CD06D6, 5D5B3685A6D9B16575C01FCC7A701458524B875F3FBC0EE6D42008E6087D93CC ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
11:11:40.0301 0x1930  SymEvent - ok
11:11:40.0381 0x1930  [ 8C9B9036E301A9965CF15BEC91C58A12, B96C5FF47880552277596FB3CBEEBCFE91115331DB9A77B2A0D8ABA2AFCDF0AF ] SymIRON         C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\Ironx86.SYS
11:11:40.0393 0x1930  SymIRON - ok
11:11:40.0432 0x1930  [ AF879C2A9DBF8529E1F8169B8BAC643C, 6034D7C293EDFAD5BBC76D67CAC999BCF77D41744BDAAA9EEE5E9BE509F04739 ] SYMNETS         C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMNETS.SYS
11:11:40.0444 0x1930  SYMNETS - ok
11:11:40.0459 0x1930  Synth3dVsc - ok
11:11:40.0500 0x1930  [ AF9673965B513E2CFBE552D1F65E950F, 2CC01BDE5A84482181DC3D460107421F5D66313DF1F3D48FF7C3CBEAFBEFDBDB ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:11:40.0511 0x1930  SynTP - ok
11:11:40.0600 0x1930  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
11:11:40.0631 0x1930  SysMain - ok
11:11:40.0680 0x1930  [ 71B8F174208223A7EC83D9BC5FFCF834, 8712305175F121F395AB7B7033607FDB23FD34FFFC8CFAC78837BD69FD35E7FE ] SysPlant        C:\Windows\system32\Drivers\SysPlant.sys
11:11:40.0688 0x1930  SysPlant - ok
11:11:40.0710 0x1930  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:11:40.0719 0x1930  TabletInputService - ok
11:11:40.0767 0x1930  [ B7AEE68D2E867CBF69B649B18FCEDBBB, 82814EEDBD2908DC2D6A2162C647FB323F95EA7D9EA49265DB44CA72468753A0 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
11:11:40.0770 0x1930  tap0901t - ok
11:11:40.0820 0x1930  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:11:40.0837 0x1930  TapiSrv - ok
11:11:40.0862 0x1930  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
11:11:40.0870 0x1930  TBS - ok
11:11:40.0974 0x1930  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:11:41.0005 0x1930  Tcpip - ok
11:11:41.0046 0x1930  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:11:41.0068 0x1930  TCPIP6 - ok
11:11:41.0095 0x1930  [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:11:41.0096 0x1930  tcpipreg - ok
11:11:41.0127 0x1930  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:11:41.0130 0x1930  TDPIPE - ok
11:11:41.0148 0x1930  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:11:41.0152 0x1930  TDTCP - ok
11:11:41.0188 0x1930  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:11:41.0195 0x1930  tdx - ok
11:11:41.0360 0x1930  [ 2BBB318EA9F34FDC508CEA4AAB98D770, AA98BDB7677A452E38DB207E09A522C558F9E09DE43A57D24CD776C6248CC015 ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
11:11:41.0406 0x1930  TeamViewer7 - ok
11:11:41.0467 0x1930  [ 7963AD6F2AED903E089ACB4814BE8212, 9D236179098768331932504E36D4ADA5980085B6EFDCFCDE88DD40760BC3824B ] Teefer2         C:\Windows\system32\DRIVERS\Teefer.sys
11:11:41.0474 0x1930  Teefer2 - ok
11:11:41.0510 0x1930  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:11:41.0515 0x1930  TermDD - ok
11:11:41.0579 0x1930  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
11:11:41.0607 0x1930  TermService - ok
11:11:41.0716 0x1930  [ F356C6EA5835AD48D7753192E0252924, 754EA2FC738C355B114FD03384A5A326E2B0B14F8FBC2A0E9B2BEB89691DF1D4 ] TesSafe         C:\Windows\system32\TesSafe.sys
11:11:41.0748 0x1930  TesSafe - ok
11:11:41.0774 0x1930  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:11:41.0779 0x1930  Themes - ok
11:11:41.0808 0x1930  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:11:41.0815 0x1930  THREADORDER - ok
11:11:41.0847 0x1930  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:11:41.0856 0x1930  TrkWks - ok
11:11:41.0912 0x1930  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:11:41.0927 0x1930  TrustedInstaller - ok
11:11:41.0998 0x1930  [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:11:42.0002 0x1930  tssecsrv - ok
11:11:42.0040 0x1930  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:11:42.0044 0x1930  TsUsbFlt - ok
11:11:42.0057 0x1930  tsusbhub - ok
11:11:42.0101 0x1930  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:11:42.0108 0x1930  tunnel - ok
11:11:42.0203 0x1930  [ 1A5F1301C1EA3B49D1222E9CBB552EBB, 9C74716D67A754D687ED71B21E00E60EF2068AE0749EC965E590D79D6AB200E0 ] TunngleService  C:\Program Files\Tunngle\TnglCtrl.exe
11:11:42.0241 0x1930  TunngleService - ok
11:11:42.0259 0x1930  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:11:42.0263 0x1930  uagp35 - ok
11:11:42.0301 0x1930  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:11:42.0315 0x1930  udfs - ok
11:11:42.0346 0x1930  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:11:42.0354 0x1930  UI0Detect - ok
11:11:42.0390 0x1930  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:11:42.0394 0x1930  uliagpkx - ok
11:11:42.0439 0x1930  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:11:42.0444 0x1930  umbus - ok
11:11:42.0466 0x1930  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:11:42.0468 0x1930  UmPass - ok
11:11:42.0510 0x1930  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:11:42.0527 0x1930  UmRdpService - ok
11:11:42.0569 0x1930  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:11:42.0590 0x1930  upnphost - ok
11:11:42.0626 0x1930  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
11:11:42.0629 0x1930  USBAAPL - ok
11:11:42.0660 0x1930  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:11:42.0665 0x1930  usbccgp - ok
11:11:42.0693 0x1930  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:11:42.0698 0x1930  usbcir - ok
11:11:42.0735 0x1930  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:11:42.0739 0x1930  usbehci - ok
11:11:42.0791 0x1930  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:11:42.0809 0x1930  usbhub - ok
11:11:42.0841 0x1930  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:11:42.0845 0x1930  usbohci - ok
11:11:42.0872 0x1930  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:11:42.0875 0x1930  usbprint - ok
11:11:42.0923 0x1930  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:11:42.0927 0x1930  usbscan - ok
11:11:42.0968 0x1930  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:11:42.0974 0x1930  USBSTOR - ok
11:11:43.0024 0x1930  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:11:43.0027 0x1930  usbuhci - ok
11:11:43.0071 0x1930  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:11:43.0082 0x1930  usbvideo - ok
11:11:43.0115 0x1930  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
11:11:43.0117 0x1930  usb_rndisx - ok
11:11:43.0138 0x1930  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:11:43.0147 0x1930  UxSms - ok
11:11:43.0167 0x1930  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
11:11:43.0172 0x1930  VaultSvc - ok
11:11:43.0236 0x1930  [ 7D8070106CD78C8C87E34F11DFB9F860, 9A8F392DC6137C407712550B10A56CAD94329C5B49ECDB67BAFCA5E11949844C ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:11:43.0245 0x1930  VBoxNetAdp - ok
11:11:43.0255 0x1930  VBoxNetFlt - ok
11:11:43.0285 0x1930  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:11:43.0289 0x1930  vdrvroot - ok
11:11:43.0346 0x1930  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:11:43.0381 0x1930  vds - ok
11:11:43.0401 0x1930  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:11:43.0405 0x1930  vga - ok
11:11:43.0415 0x1930  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:11:43.0418 0x1930  VgaSave - ok
11:11:43.0426 0x1930  VGPU - ok
11:11:43.0472 0x1930  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:11:43.0484 0x1930  vhdmp - ok
11:11:43.0521 0x1930  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:11:43.0526 0x1930  viaagp - ok
11:11:43.0554 0x1930  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:11:43.0560 0x1930  ViaC7 - ok
11:11:43.0584 0x1930  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:11:43.0587 0x1930  viaide - ok
11:11:43.0615 0x1930  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:11:43.0628 0x1930  vmbus - ok
11:11:43.0659 0x1930  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:11:43.0662 0x1930  VMBusHID - ok
11:11:43.0684 0x1930  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:11:43.0690 0x1930  volmgr - ok
11:11:43.0735 0x1930  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:11:43.0755 0x1930  volmgrx - ok
11:11:43.0776 0x1930  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:11:43.0787 0x1930  volsnap - ok
11:11:43.0849 0x1930  [ 8811748190D194EAE2E2155DA3E2B022, 538A0880C2612F60B5AC555C1CE1B55B037D82FD761ACBBF9919A3BBBEEF15DE ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:11:43.0877 0x1930  vpnagent - ok
11:11:43.0895 0x1930  [ 0D8DF4058901616A4E716AB67D472581, A3EA08EB9B66F5DC74A9152700106E0FBBB36E135D9DFAFC69BA8ADE693D2BB5 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
11:11:43.0898 0x1930  vpnva - ok
11:11:43.0947 0x1930  [ 42F5FC978F64FAAB5AC7160EB178F29B, 60592E69C950EFDC32F6D3984D82B1C3F0218FE14D21C45BDBA1FA73535F1405 ] vproiah         C:\Windows\system32\DRIVERS\vproiah.sys
11:11:43.0950 0x1930  vproiah - ok
11:11:43.0996 0x1930  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:11:44.0007 0x1930  vsmraid - ok
11:11:44.0097 0x1930  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:11:44.0140 0x1930  VSS - ok
11:11:44.0167 0x1930  vtany - ok
11:11:44.0173 0x1930  vToolbarUpdater18.1.9 - ok
11:11:44.0200 0x1930  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:11:44.0204 0x1930  vwifibus - ok
11:11:44.0222 0x1930  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:11:44.0227 0x1930  vwififlt - ok
11:11:44.0249 0x1930  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:11:44.0252 0x1930  vwifimp - ok
11:11:44.0297 0x1930  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:11:44.0320 0x1930  W32Time - ok
11:11:44.0342 0x1930  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:11:44.0345 0x1930  WacomPen - ok
11:11:44.0392 0x1930  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:11:44.0397 0x1930  WANARP - ok
11:11:44.0405 0x1930  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:11:44.0409 0x1930  Wanarpv6 - ok
11:11:44.0504 0x1930  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:11:44.0546 0x1930  wbengine - ok
11:11:44.0570 0x1930  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:11:44.0579 0x1930  WbioSrvc - ok
11:11:44.0616 0x1930  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:11:44.0628 0x1930  wcncsvc - ok
11:11:44.0639 0x1930  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:11:44.0644 0x1930  WcsPlugInService - ok
11:11:44.0656 0x1930  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:11:44.0658 0x1930  Wd - ok
11:11:44.0697 0x1930  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
11:11:44.0700 0x1930  WDC_SAM - ok
11:11:44.0769 0x1930  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:11:44.0792 0x1930  Wdf01000 - ok
11:11:44.0818 0x1930  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:11:44.0825 0x1930  WdiServiceHost - ok
11:11:44.0833 0x1930  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:11:44.0840 0x1930  WdiSystemHost - ok
11:11:44.0872 0x1930  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
11:11:44.0885 0x1930  WebClient - ok
11:11:44.0905 0x1930  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:11:44.0916 0x1930  Wecsvc - ok
11:11:44.0932 0x1930  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:11:44.0939 0x1930  wercplsupport - ok
11:11:44.0966 0x1930  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:11:44.0974 0x1930  WerSvc - ok
11:11:45.0000 0x1930  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:11:45.0002 0x1930  WfpLwf - ok
11:11:45.0020 0x1930  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:11:45.0023 0x1930  WIMMount - ok
11:11:45.0106 0x1930  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:11:45.0132 0x1930  WinDefend - ok
11:11:45.0142 0x1930  WinHttpAutoProxySvc - ok
11:11:45.0193 0x1930  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:11:45.0206 0x1930  Winmgmt - ok
11:11:45.0295 0x1930  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
11:11:45.0356 0x1930  WinRM - ok
11:11:45.0404 0x1930  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:11:45.0408 0x1930  WinUsb - ok
11:11:45.0477 0x1930  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:11:45.0516 0x1930  Wlansvc - ok
11:11:45.0691 0x1930  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:11:45.0740 0x1930  wlidsvc - ok
11:11:45.0771 0x1930  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:11:45.0773 0x1930  WmiAcpi - ok
11:11:45.0806 0x1930  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:11:45.0813 0x1930  wmiApSrv - ok
11:11:45.0922 0x1930  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:11:45.0960 0x1930  WMPNetworkSvc - ok
11:11:45.0986 0x1930  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:11:45.0991 0x1930  WPCSvc - ok
11:11:46.0006 0x1930  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:11:46.0013 0x1930  WPDBusEnum - ok
11:11:46.0042 0x1930  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:11:46.0044 0x1930  ws2ifsl - ok
11:11:46.0067 0x1930  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:11:46.0078 0x1930  wscsvc - ok
11:11:46.0086 0x1930  WSearch - ok
11:11:46.0172 0x1930  [ BAEDC491374DEFD5E76336901D6D397D, E9DBE0E1361F0FD6CEF5B46DE2464B9604FE19CF59B7524D6EA8A063F718AB69 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
11:11:46.0179 0x1930  wsvd - ok
11:11:46.0337 0x1930  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:11:46.0371 0x1930  wuauserv - ok
11:11:46.0398 0x1930  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:11:46.0399 0x1930  WudfPf - ok
11:11:46.0440 0x1930  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:11:46.0450 0x1930  WUDFRd - ok
11:11:46.0471 0x1930  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:11:46.0477 0x1930  wudfsvc - ok
11:11:46.0504 0x1930  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:11:46.0515 0x1930  WwanSvc - ok
11:11:46.0540 0x1930  XDva399 - ok
11:11:46.0551 0x1930  XDva400 - ok
11:11:46.0566 0x1930  XDva401 - ok
11:11:46.0599 0x1930  xhunter1 - ok
11:11:46.0667 0x1930  [ CE0C846127D6ABB1E2A22E59682B2527, 9FDDECDC964A2E0AD306C68E1CF6B8B77388BBD0EC7642B61EE03273381777F7 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
11:11:46.0688 0x1930  xnacc - ok
11:11:46.0748 0x1930  ================ Scan global ===============================
11:11:46.0772 0x1930  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:11:46.0810 0x1930  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:11:46.0836 0x1930  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:11:46.0866 0x1930  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:11:46.0896 0x1930  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:11:46.0906 0x1930  [ Global ] - ok
11:11:46.0907 0x1930  ================ Scan MBR ==================================
11:11:46.0912 0x1930  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:11:47.0324 0x1930  \Device\Harddisk0\DR0 - ok
11:11:47.0325 0x1930  ================ Scan VBR ==================================
11:11:47.0331 0x1930  [ E9D743C2D983EA6433B21881E073FB87 ] \Device\Harddisk0\DR0\Partition1
11:11:47.0334 0x1930  \Device\Harddisk0\DR0\Partition1 - ok
11:11:47.0341 0x1930  [ FA362A745EC64AF1400B4CCF2489059D ] \Device\Harddisk0\DR0\Partition2
11:11:47.0344 0x1930  \Device\Harddisk0\DR0\Partition2 - ok
11:11:47.0351 0x1930  [ DB7A19CCAEB1F890DC6010FC39E9510E ] \Device\Harddisk0\DR0\Partition3
11:11:47.0378 0x1930  \Device\Harddisk0\DR0\Partition3 - ok
11:11:47.0379 0x1930  ================ Scan generic autorun ======================
11:11:47.0620 0x1930  [ E5AF97988E4E99A3B91F0C693D16965C, E59E701965E7351E4E27941F9F96188C71966D255310A522278A226F8FAFD657 ] C:\Program Files\Microsoft Office Communicator\communicator.exe
11:11:47.0705 0x1930  Communicator - ok
11:11:47.0768 0x1930  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
11:11:47.0774 0x1930  BCSSync - ok
11:11:48.0093 0x1930  [ 3C958582E48340E84EF268E7661BA30E, 05B82DA8C20529EA3E0968666B2B7D8422E56213B5B287446095443E266F8440 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
11:11:48.0258 0x1930  RtHDVCpl - ok
11:11:48.0584 0x1930  [ AB6D266871A22D0825643BDF72567D0C, 31F1C3CC6CAF9FD785A8A6ADB2B1ED81B60822D0DE37BA838DAB111141CB3A89 ] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
11:11:48.0733 0x1930  Energy Management - ok
11:11:48.0967 0x1930  [ BCA829587BFE4FBE50F3ABAD387EA797, 2A8B706CBD12EFB20B89D40DBA0B2B04648D5BA3F19F8F5A69ED0B56E88FB60F ] C:\Program Files\Lenovo\Energy Management\Utility.exe
11:11:49.0060 0x1930  EnergyUtility - ok
11:11:49.0108 0x1930  [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
11:11:49.0121 0x1930  UpdatePRCShortCut - ok
11:11:49.0154 0x1930  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
11:11:49.0162 0x1930  NUSB3MON - ok
11:11:49.0287 0x1930  [ 668E606EA75961D2ACC2C624328713B6, EEDDB4C48C1216469457E3021BCDD5EC38A0D08D6BE0B1EA827324945081C6F7 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
11:11:49.0325 0x1930  SynTPEnh - ok
11:11:49.0347 0x1930  [ 44D5ED79AA62037B60E208A443A7553F, AF6EB867D157022E932B4453E6F635FF61E8BF77E13DA686A9843165628B30FC ] C:\Windows\system32\igfxtray.exe
11:11:49.0351 0x1930  IgfxTray - ok
11:11:49.0382 0x1930  [ 42B9E0DE56C41F8F18566FF9CC537A31, 4C5EE588D8BC1119A9BC27308074F409C7B241352A47935C019C026078F9F591 ] C:\Windows\system32\hkcmd.exe
11:11:49.0395 0x1930  HotKeysCmds - ok
11:11:49.0414 0x1930  [ DA87066E188A1942BB0A046406DAAF4B, 3BC2BA114FE9102D7F71E2B48FE80A18DDD233A8E90FC62B14EA4AA5EA039BBA ] C:\Windows\system32\igfxpers.exe
11:11:49.0422 0x1930  Persistence - ok
11:11:49.0474 0x1930  [ 25941D5D761D62D2C404C72F9652B692, 3501436DC087F8A571431D7943A52BCECE8E9B1643AF914D67786E53D3CA0B8C ] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
11:11:49.0495 0x1930  Cisco AnyConnect Secure Mobility Agent for Windows - ok
11:11:49.0570 0x1930  [ 8A7F55E5B5543C95D8AF191BCBF6D125, 6DE8F960AEF4D953804CF9FFE813392BF7A3AFF798829B5D325204883CBD49A8 ] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
11:11:49.0590 0x1930  Microsoft Default Manager - ok
11:11:49.0657 0x1930  [ 46DA8E7484AC7A52CE1D6E428398724B, 540BBAB567E98D0A6810919CA7B2DB95CE3146BB4DFCF9E501228ADEE85F80B9 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:11:49.0660 0x1930  APSDaemon - ok
11:11:49.0739 0x1930  [ AE2A8DC5C08AE6A198D5EC47561C0DEF, A32AE3B0983BD4A34D421AFBEBBDB6F0833FC19F134AA4189DFFC25B067C9A70 ] C:\Program Files\PowerISO\PWRISOVM.EXE
11:11:49.0757 0x1930  PWRISOVM.EXE - ok
11:11:49.0832 0x1930  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files\QuickTime\QTTask.exe
11:11:49.0851 0x1930  QuickTime Task - ok
11:11:49.0902 0x1930  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
11:11:49.0906 0x1930  HP Software Update - ok
11:11:49.0911 0x1930  MSPCLOCK - ok
11:11:49.0916 0x1930  MSPQM - ok
11:11:49.0920 0x1930  MSKSSRV - ok
11:11:49.0925 0x1930  MSTEE.CxTransform - ok
11:11:49.0930 0x1930  MSTEE.Splitter - ok
11:11:49.0966 0x1930  [ 5FEAB868CAEDBBD1B7A145CA8261E4AA, 08BACE187A0225E10677DE9AA6738A7118BE3E5CAD6DC45FB8D3366A61BB343C ] C:\Windows\SYSTEM32\WerFault.exe
11:11:49.0988 0x1930  *WerKernelReporting - ok
11:11:50.0028 0x1930  [ 78079EB83665E1AC18AC9C5E273845BF, 6C60EF1D733351CB28B714F4620BC881CB0E1338D0E293B1615469A31F5C34EC ] C:\Windows\system32\rstrui.exe
11:11:50.0048 0x1930  *Restore - ok
11:11:50.0098 0x1930  [ 4DA2F2DA54A92850F56C0DB712058188, 9FB9BD1D9874DD64A627FFBE7B54B753D5496425BB595A112D0E17601A5E86A0 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
11:11:50.0102 0x1930  Malwarebytes Anti-Malware (cleanup) - ok
11:11:50.0380 0x1930  [ 4FBC630768570E6AC35C3DE8F6EC79F5, CF4E271683AA4AADF763A5B3081B8135C9D69F2C6D9DED9C3717B085A1BF14CF ] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
11:11:50.0495 0x1930  Malwarebytes Anti-Malware - ok
11:11:50.0627 0x1930  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:11:50.0658 0x1930  Sidebar - ok
11:11:50.0680 0x1930  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:11:50.0683 0x1930  mctadmin - ok
11:11:50.0712 0x1930  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:11:50.0731 0x1930  Sidebar - ok
11:11:50.0736 0x1930  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:11:50.0739 0x1930  mctadmin - ok
11:11:50.0739 0x1930  AVG-Secure-Search-Update_JUNE2013_TB - ok
11:11:50.0741 0x1930  AVG-Secure-Search-Update_JUNE2013_HP - ok
11:11:50.0742 0x1930  AVG-Secure-Search-Update_JUNE2013_TB - ok
11:11:50.0743 0x1930  AVG-Secure-Search-Update_JUNE2013_HP - ok
11:11:50.0868 0x1930  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\127320\AppData\Local\Facebook\Update\FacebookUpdate.exe
11:11:50.0876 0x1930  Facebook Update - ok
11:11:51.0018 0x1930  [ 1A064CCF11A1D0B05E35EA4582255A2D, 048CB879830BED0B9A3F8E06EB53E4F1BB830C40CA5E05AF45BD3B875BEA877D ] C:\Program Files\Internet Download Manager\IDMan.exe
11:11:51.0074 0x1930  IDMan - ok
11:11:51.0116 0x1930  [ 0E44AE22235BCC723C96E05E82F5CB5A, 2D5FAC81729628587F3FBDF3731EE5C4F68130599422DDE64833B57C2E038AD5 ] D:\WordWeb\wweb32.exe
11:11:51.0122 0x1930  WordWeb - ok
11:11:51.0498 0x1930  [ BF44CD9A424C0EBD6D1060584ABB0F1E, ED27A20D218E77150B0AC98D6A17500A5703ACE36E174EF0AA9FA5A82A9C77A1 ] C:\Program Files\Garena Plus\GarenaMessenger.exe
11:11:51.0661 0x1930  GarenaPlus - ok
11:11:51.0742 0x1930  [ E29035AF1F453BF4B888FE0CEAE6F622, 9B788537B031D5B0E70CF332A3080B9FA07EC57055057A625AAFC0EDF7D3F90A ] C:\PROGRA~1\Raptr\raptrstub.exe
11:11:51.0747 0x1930  Raptr - ok
11:11:52.0011 0x1930  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\127320\AppData\Local\Akamai\netsession_win.exe
11:11:52.0088 0x1930  Akamai NetSession Interface - ok
11:11:52.0094 0x1930  ISUSPM - ok
11:11:52.0259 0x1930  [ 0DF3D43C5FE1495BEB3B6739379EF2B9, 44393AF83BC77C61E025FEF7143563018346F94CEAEE4FAEF9A8240AD0AB7F1F ] C:\Users\127320\AppData\Roaming\uTorrent\uTorrent.exe
11:11:52.0289 0x1930  uTorrent - ok
11:11:52.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:53.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:54.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:55.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:56.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:57.0291 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:58.0292 0x1930  Waiting for KSN requests completion. In queue: 256
11:11:59.0292 0x1930  Waiting for KSN requests completion. In queue: 256
11:12:00.0329 0x1930  AV detected via SS2: Symantec Endpoint Protection, C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\WSCSavNotifier.exe ( 12.1.3001.165 ), 0x71000 ( enabled : updated )
11:12:00.0334 0x1930  FW detected via SS2: Symantec Endpoint Protection, C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe ( 12.1.3001.165 ), 0x41010 ( enabled )
11:12:08.0374 0x1930  ============================================================
11:12:08.0374 0x1930  Scan finished
11:12:08.0374 0x1930  ============================================================
11:12:08.0395 0x1b80  Detected object count: 0
11:12:08.0395 0x1b80  Actual detected object count: 0
11:12:12.0486 0x0cf8  Deinitialize success
 



#5 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 09:44 PM

# AdwCleaner v4.000 - Report created 15/10/2014 at 11:25:08
# Updated 12/10/2014 by Xplode
# Database : 2014-10-14.6
# Operating System : Windows 7 Enterprise Service Pack 1 (32 bits)
# Username : 127320 - RP127320
# Running from : C:\Users\127320\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v37.0.2062.124

Found [Search Provider] : hxxp://isearch.avg.com/search?cid={D40939DC-9437-4E06-9D4B-58BB85CD68DD}&mid=1ae40ba18b9347d0b5fc0d47e76dd560-ee6a04ea82b1fc9cdfbb4a4226aeada329bff2fc&lang=en&ds=gm011&pr=sa&d=2012-05-04 10:28:59&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1527 octets] - [14/10/2014 14:49:25]
AdwCleaner[R1].txt - [1015 octets] - [15/10/2014 11:25:08]
AdwCleaner[S0].txt - [1326 octets] - [14/10/2014 14:53:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1135 octets] ##########
 



#6 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 10:03 PM

For Junkware Removal Tool and possibly ESET Online Scanner, I don't think it is possible for me to disable Symantec Endpoint Protection as it is installed by my school and I cannot disable it at all so is it okay that I leave Symantec enabled while using this both tools ?



#7 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 14 October 2014 - 10:04 PM

# AdwCleaner v4.000 - Report created 15/10/2014 at 11:45:26
# DB v2014-10-14.6
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (32 bits)
# Username : 127320 - RP127320
# Running from : C:\Users\127320\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [1527 octets] - [14/10/2014 14:49:25]
AdwCleaner[R1].txt - [1215 octets] - [15/10/2014 11:25:08]
AdwCleaner[S0].txt - [1326 octets] - [14/10/2014 14:53:41]
AdwCleaner[S1].txt - [864 octets] - [15/10/2014 11:45:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [923 octets] ##########
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 AM

Posted 15 October 2014 - 07:36 PM

Yes run ESET with it on.

 

Also do you know this program,in your installed list

剑灵_腾讯 (HKLM\...\剑灵_腾讯) (Version:  - Tencent)


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 15 October 2014 - 07:58 PM

What about Junkware, is it okay to leave Symantec on since I cannot disable it ?

 

剑灵_腾讯 is a Chinese game that I downloaded not long ago.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 AM

Posted 15 October 2014 - 08:18 PM

Yes, the worst scenario is the tools will not run.

Edited by boopme, 15 October 2014 - 09:03 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 15 October 2014 - 09:00 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Enterprise x86
Ran by 127320 on 16/10/2014 Thu at 10:45:53.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\127320\AppData\Roaming\mozilla\firefox\profiles\zpd26my8.default-1353306917492\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/10/2014 Thu at 10:52:31.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 AM

Posted 15 October 2014 - 09:03 PM

OK do ESET
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 16 October 2014 - 10:27 AM

ESET produced no logs as no threats are found, does that mean I need to find a log for this ?



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 AM

Posted 16 October 2014 - 02:58 PM

No, it's clean.
You are OK.. Probably should submit the file to Symantec for review as a False Positve
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 ricee

ricee
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 16 October 2014 - 08:00 PM

Does that mean that the computer is clean from the trojan itself ?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users