Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects hijacking productivity


  • Please log in to reply
5 replies to this topic

#1 ushiugajin

ushiugajin

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:53 AM

Posted 26 October 2014 - 12:01 PM

Monday morning a friend told me he had "Strange things "happening on his computer and was being sent places he didn't want to go. I looked into this and found his browsers had pictures in the pages being changed to ib.adnxs.com and he was also being redirected to Trovigo. I ran a battery of scans and resets:

 

1 ADWCleaner

2 Junkware Removal Tool

3 Malwarebytes Free Version

4 Hitman Pro

 

Finally I reset the browsers to factory settings includint IE, Firefox, and Chrome

 

The hijacking is still there. 

 

Next day I repeated as above with Malware set to custom scan and rootkits

Then I reinstalled chrome and firefox. 

 

The hijacking is still there. 

 

I have hijack this and frst logs available at this point before I do anything else if that would help. 

 

Thanks in advance. 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:53 AM

Posted 26 October 2014 - 06:48 PM

Hello, Let's run 3 more
 
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 26 October 2014 - 06:48 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ushiugajin

ushiugajin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:53 AM

Posted 27 October 2014 - 10:34 PM

I ran those and the results are appended below. ESET too 10 hours to run and found over 120 infections but after reboot and reseting chrome just in case of cached data I went to the web and nothing had changed I load a page and it is normal for about 2 seconds and then pictures in the page start changing to redirects. 

 

I need to get his computer back to him tomorrow so if no one has any bright ideas I guess this means reinstall windows. I have only had to do that once for an infection in over 20 years. 

 

 

tdsskiller log
 
10:08:55.0302 0x1224  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:09:13.0517 0x1224  ============================================================
10:09:13.0517 0x1224  Current date / time: 2014/10/27 10:09:13.0517
10:09:13.0517 0x1224  SystemInfo:
10:09:13.0517 0x1224  
10:09:13.0517 0x1224  OS Version: 6.1.7601 ServicePack: 1.0
10:09:13.0517 0x1224  Product type: Workstation
10:09:13.0517 0x1224  ComputerName: GM-HP
10:09:13.0517 0x1224  UserName: GM
10:09:13.0517 0x1224  Windows directory: C:\Windows
10:09:13.0517 0x1224  System windows directory: C:\Windows
10:09:13.0517 0x1224  Running under WOW64
10:09:13.0517 0x1224  Processor architecture: Intel x64
10:09:13.0517 0x1224  Number of processors: 2
10:09:13.0517 0x1224  Page size: 0x1000
10:09:13.0517 0x1224  Boot type: Normal boot
10:09:13.0517 0x1224  ============================================================
10:09:15.0017 0x1224  KLMD registered as C:\Windows\system32\drivers\79294535.sys
10:09:16.0234 0x1224  System UUID: {01055C0B-1FA2-7D02-F9D8-7E7B5EA0BDC5}
10:09:17.0217 0x1224  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:09:17.0248 0x1224  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:09:17.0545 0x1224  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:09:17.0545 0x1224  ============================================================
10:09:17.0545 0x1224  \Device\Harddisk0\DR0:
10:09:17.0576 0x1224  MBR partitions:
10:09:17.0576 0x1224  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:09:17.0576 0x1224  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38EFF000
10:09:17.0576 0x1224  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38F31800, BlocksNum 0x1420000
10:09:17.0576 0x1224  \Device\Harddisk1\DR1:
10:09:17.0576 0x1224  MBR partitions:
10:09:17.0576 0x1224  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x301AF67F
10:09:17.0576 0x1224  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x301B357E, BlocksNum 0xA1D16C3
10:09:17.0576 0x1224  \Device\Harddisk2\DR2:
10:09:17.0576 0x1224  MBR partitions:
10:09:17.0576 0x1224  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385030
10:09:17.0576 0x1224  ============================================================
10:09:17.0716 0x1224  C: <-> \Device\Harddisk0\DR0\Partition2
10:09:17.0810 0x1224  D: <-> \Device\Harddisk0\DR0\Partition3
10:09:17.0841 0x1224  E: <-> \Device\Harddisk1\DR1\Partition1
10:09:17.0872 0x1224  F: <-> \Device\Harddisk1\DR1\Partition2
10:09:18.0091 0x1224  I: <-> \Device\Harddisk2\DR2\Partition1
10:09:18.0091 0x1224  ============================================================
10:09:18.0091 0x1224  Initialize success
10:09:18.0091 0x1224  ============================================================
10:09:19.0713 0x103c  ============================================================
10:09:19.0713 0x103c  Scan started
10:09:19.0713 0x103c  Mode: Manual; 
10:09:19.0713 0x103c  ============================================================
10:09:19.0713 0x103c  KSN ping started
10:09:23.0723 0x103c  KSN ping finished: true
10:09:25.0298 0x103c  ================ Scan system memory ========================
10:09:25.0298 0x103c  System memory - ok
10:09:25.0298 0x103c  ================ Scan services =============================
10:09:26.0517 0x103c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:09:26.0533 0x103c  1394ohci - ok
10:09:26.0579 0x103c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:09:26.0595 0x103c  ACPI - ok
10:09:26.0673 0x103c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:09:26.0673 0x103c  AcpiPmi - ok
10:09:26.0907 0x103c  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:09:26.0907 0x103c  AdobeFlashPlayerUpdateSvc - ok
10:09:27.0001 0x103c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:09:27.0016 0x103c  adp94xx - ok
10:09:27.0063 0x103c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:09:27.0063 0x103c  adpahci - ok
10:09:27.0110 0x103c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:09:27.0110 0x103c  adpu320 - ok
10:09:27.0141 0x103c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:09:27.0141 0x103c  AeLookupSvc - ok
10:09:27.0266 0x103c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
10:09:27.0266 0x103c  AERTFilters - ok
10:09:27.0359 0x103c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:09:27.0359 0x103c  AFD - ok
10:09:27.0391 0x103c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:09:27.0406 0x103c  agp440 - ok
10:09:27.0422 0x103c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:09:27.0437 0x103c  ALG - ok
10:09:27.0469 0x103c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:09:27.0469 0x103c  aliide - ok
10:09:27.0547 0x103c  [ 1F500945F87AA517BD2F049256B304DD, AFAA5C58A516C63C5142798FAF5CA55AF14EF85BA6EF5E9657C8FF7B0F7311E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:09:27.0547 0x103c  AMD External Events Utility - ok
10:09:27.0593 0x103c  AMD FUEL Service - ok
10:09:27.0656 0x103c  [ C17BAFA60F941A1AF5C2B10D8632C409, 43B030E2571D5FC8F6B439C678C2A2261188945C65D6A83E8487E8084645C79A ] amdhub30        C:\Windows\system32\drivers\amdhub30.sys
10:09:27.0656 0x103c  amdhub30 - ok
10:09:27.0703 0x103c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:09:27.0703 0x103c  amdide - ok
10:09:27.0749 0x103c  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\drivers\amdiox64.sys
10:09:27.0749 0x103c  amdiox64 - ok
10:09:27.0781 0x103c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:09:27.0781 0x103c  AmdK8 - ok
10:09:28.0124 0x103c  [ 2A831A7F9031B5BBA6EF189381D65228, 797FBD32F7514235293E003F0AE9F570173E7738251070879500C4F21F105C96 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:09:28.0311 0x103c  amdkmdag - ok
10:09:28.0389 0x103c  [ B9ACB2AA40709E060CDC34F13F1C9C8F, D483FCFC5EC76998DA4D0655ADCC5A5844E74FD5FB4B5862761B9FEAEFCFC6DB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:09:28.0405 0x103c  amdkmdap - ok
10:09:28.0451 0x103c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:09:28.0451 0x103c  AmdPPM - ok
10:09:28.0514 0x103c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:09:28.0514 0x103c  amdsata - ok
10:09:28.0561 0x103c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:09:28.0561 0x103c  amdsbs - ok
10:09:28.0592 0x103c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:09:28.0592 0x103c  amdxata - ok
10:09:28.0654 0x103c  [ 3DC51308F5E7A4BB8020D16E64E9D882, 08A0870D7343E3DB3CCDEDB6F53DE7A86440B0272E1D4F0E826D444EC3D8FBC0 ] amdxhc          C:\Windows\system32\drivers\amdxhc.sys
10:09:28.0670 0x103c  amdxhc - ok
10:09:28.0701 0x103c  [ A4947E035B441D946422BD9A5D411C98, 60A72E6F7C0807628D4182958DA5C7758B3D970F5BBD96E6621196E7A8A528D3 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
10:09:28.0717 0x103c  amd_sata - ok
10:09:28.0763 0x103c  [ 7A0E0CE7AECEE3F175CB2DAC81694499, D0EBBDC4585F54AF69E36B5525E5827A3297687B844FB59A0486B35276250A66 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
10:09:28.0763 0x103c  amd_xata - ok
10:09:28.0826 0x103c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:09:28.0841 0x103c  AppID - ok
10:09:28.0888 0x103c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:09:28.0888 0x103c  AppIDSvc - ok
10:09:28.0919 0x103c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:09:28.0935 0x103c  Appinfo - ok
10:09:29.0013 0x103c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:09:29.0013 0x103c  AppMgmt - ok
10:09:29.0091 0x103c  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
10:09:29.0091 0x103c  APXACC - ok
10:09:29.0138 0x103c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:09:29.0138 0x103c  arc - ok
10:09:29.0185 0x103c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:09:29.0185 0x103c  arcsas - ok
10:09:29.0434 0x103c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:09:29.0434 0x103c  aspnet_state - ok
10:09:29.0465 0x103c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:09:29.0481 0x103c  AsyncMac - ok
10:09:29.0528 0x103c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:09:29.0528 0x103c  atapi - ok
10:09:29.0559 0x103c  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:09:29.0559 0x103c  AtiHDAudioService - ok
10:09:29.0637 0x103c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:09:29.0653 0x103c  AudioEndpointBuilder - ok
10:09:29.0668 0x103c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:09:29.0684 0x103c  AudioSrv - ok
10:09:29.0793 0x103c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:09:29.0793 0x103c  AxInstSV - ok
10:09:29.0840 0x103c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:09:29.0855 0x103c  b06bdrv - ok
10:09:29.0918 0x103c  [ 4306FB2812531F803EA7733EF95251C9, 8C16C70D545BAF7799FC6097E5FEFE16A6829216E236CDF7A6ABE36904DC904F ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:09:29.0933 0x103c  b57nd60a - ok
10:09:29.0996 0x103c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:09:29.0996 0x103c  BDESVC - ok
10:09:30.0011 0x103c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:09:30.0027 0x103c  Beep - ok
10:09:30.0074 0x103c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:09:30.0089 0x103c  BFE - ok
10:09:30.0136 0x103c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:09:30.0152 0x103c  BITS - ok
10:09:30.0183 0x103c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:09:30.0183 0x103c  blbdrive - ok
10:09:30.0230 0x103c  [ DCC3D429B4B800E6B854B2E8AE7379EC, 64CDB7350814FB42F47905074D3394C4610B82FF010BE8EF19D72329C18A4625 ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
10:09:30.0245 0x103c  Blfp - ok
10:09:30.0308 0x103c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:09:30.0308 0x103c  Bonjour Service - ok
10:09:30.0370 0x103c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:09:30.0386 0x103c  bowser - ok
10:09:30.0448 0x103c  [ A2200161B725331E5580D72D640D2494, B72AF36524F85CB2BA2CB2CC027CC11EEFCFBF371BBD48D92048048405D35081 ] BrcmMgmtAgent   C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
10:09:30.0495 0x103c  BrcmMgmtAgent - ok
10:09:30.0526 0x103c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:09:30.0526 0x103c  BrFiltLo - ok
10:09:30.0542 0x103c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:09:30.0542 0x103c  BrFiltUp - ok
10:09:30.0557 0x103c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:09:30.0573 0x103c  Browser - ok
10:09:30.0604 0x103c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:09:30.0604 0x103c  Brserid - ok
10:09:30.0635 0x103c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:09:30.0635 0x103c  BrSerWdm - ok
10:09:30.0651 0x103c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:09:30.0651 0x103c  BrUsbMdm - ok
10:09:30.0682 0x103c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:09:30.0682 0x103c  BrUsbSer - ok
10:09:30.0698 0x103c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:09:30.0698 0x103c  BTHMODEM - ok
10:09:30.0745 0x103c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:09:30.0745 0x103c  bthserv - ok
10:09:30.0760 0x103c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:09:30.0760 0x103c  cdfs - ok
10:09:30.0823 0x103c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:09:30.0838 0x103c  cdrom - ok
10:09:30.0869 0x103c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:09:30.0869 0x103c  CertPropSvc - ok
10:09:30.0901 0x103c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:09:30.0901 0x103c  circlass - ok
10:09:30.0932 0x103c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:09:30.0932 0x103c  CLFS - ok
10:09:31.0197 0x103c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:09:31.0197 0x103c  clr_optimization_v2.0.50727_32 - ok
10:09:31.0509 0x103c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:09:31.0525 0x103c  clr_optimization_v2.0.50727_64 - ok
10:09:32.0102 0x103c  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:09:32.0149 0x103c  clr_optimization_v4.0.30319_32 - ok
10:09:32.0164 0x103c  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:09:32.0211 0x103c  clr_optimization_v4.0.30319_64 - ok
10:09:32.0273 0x103c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
10:09:32.0273 0x103c  CLVirtualDrive - ok
10:09:32.0336 0x103c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:09:32.0351 0x103c  CmBatt - ok
10:09:32.0383 0x103c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:09:32.0383 0x103c  cmdide - ok
10:09:32.0429 0x103c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:09:32.0461 0x103c  CNG - ok
10:09:32.0492 0x103c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:09:32.0492 0x103c  Compbatt - ok
10:09:32.0539 0x103c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:09:32.0539 0x103c  CompositeBus - ok
10:09:32.0554 0x103c  COMSysApp - ok
10:09:32.0570 0x103c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:09:32.0570 0x103c  crcdisk - ok
10:09:32.0804 0x103c  [ 9F2F36450143AD7F8C9E484E11C8AFAF, DC19F98916EAD3CD56469A35184892894E6D55CC5AFE1FDD8102E5F1CF0623A0 ] CreoService     C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
10:09:32.0835 0x103c  CreoService - ok
10:09:32.0929 0x103c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:09:32.0960 0x103c  CryptSvc - ok
10:09:32.0991 0x103c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:09:33.0007 0x103c  CSC - ok
10:09:33.0069 0x103c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:09:33.0085 0x103c  CscService - ok
10:09:33.0194 0x103c  [ C9EB7925F3C5246C03686774C973602B, EE01600DF0E7D16FABD15A1757AF9968590F793ACEFF45F04A74BE6252795A04 ] CtAgentService  C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
10:09:33.0194 0x103c  CtAgentService - ok
10:09:33.0490 0x103c  [ A423F5B5310EB31E4321A688D534DDCD, 14CCEBD4733444EAFC945A7A7A7F1C850164D2FB86D6C03815962AA0244BC0FC ] CyberLink PowerDVD 12 Media Server Monitor Service c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
10:09:33.0506 0x103c  CyberLink PowerDVD 12 Media Server Monitor Service - ok
10:09:33.0537 0x103c  [ 2361959EEA70D8A71A56FFAEE6EA1A6D, D6426CF1412E0B150E084CAB1CCEF4C9981718C77917EBC56716BAFA30D575D7 ] CyberLink PowerDVD 12 Media Server Service c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
10:09:33.0553 0x103c  CyberLink PowerDVD 12 Media Server Service - ok
10:09:33.0568 0x103c  [ E89FFE4751BEC77F93FFE82175499CA2, 24F5DC64B7F45303416810E33A589586F56DB0AAC7861C76D86DA9655F21BFAF ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys
10:09:33.0568 0x103c  DAMDrv - ok
10:09:33.0631 0x103c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:09:33.0646 0x103c  DcomLaunch - ok
10:09:33.0662 0x103c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:09:33.0677 0x103c  defragsvc - ok
10:09:33.0693 0x103c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:09:33.0693 0x103c  DfsC - ok
10:09:33.0724 0x103c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:09:33.0740 0x103c  Dhcp - ok
10:09:33.0740 0x103c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:09:33.0740 0x103c  discache - ok
10:09:33.0787 0x103c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:09:33.0802 0x103c  Disk - ok
10:09:33.0849 0x103c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:09:33.0849 0x103c  dmvsc - ok
10:09:33.0896 0x103c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:09:33.0911 0x103c  Dnscache - ok
10:09:33.0943 0x103c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:09:33.0943 0x103c  dot3svc - ok
10:09:34.0145 0x103c  [ A2DD1A02E21E8041B32548C15B1DFD5B, 21334CFE967D2FB70F4E975C2D93963EBE8AC9A5BE491BA1D24F032620A1B855 ] DpHost          c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
10:09:34.0145 0x103c  DpHost - ok
10:09:34.0192 0x103c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:09:34.0208 0x103c  DPS - ok
10:09:34.0255 0x103c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:09:34.0255 0x103c  drmkaud - ok
10:09:34.0333 0x103c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:09:34.0348 0x103c  DXGKrnl - ok
10:09:34.0379 0x103c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:09:34.0379 0x103c  EapHost - ok
10:09:34.0520 0x103c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:09:34.0598 0x103c  ebdrv - ok
10:09:34.0645 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:09:34.0645 0x103c  EFS - ok
10:09:34.0832 0x103c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:09:34.0847 0x103c  ehRecvr - ok
10:09:34.0863 0x103c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:09:34.0910 0x103c  ehSched - ok
10:09:34.0957 0x103c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:09:34.0972 0x103c  elxstor - ok
10:09:34.0988 0x103c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:09:34.0988 0x103c  ErrDev - ok
10:09:35.0050 0x103c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:09:35.0050 0x103c  EventSystem - ok
10:09:35.0081 0x103c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:09:35.0081 0x103c  exfat - ok
10:09:35.0097 0x103c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:09:35.0113 0x103c  fastfat - ok
10:09:35.0191 0x103c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:09:35.0206 0x103c  Fax - ok
10:09:35.0269 0x103c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:09:35.0315 0x103c  fdc - ok
10:09:35.0409 0x103c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:09:35.0409 0x103c  fdPHost - ok
10:09:35.0440 0x103c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:09:35.0440 0x103c  FDResPub - ok
10:09:35.0456 0x103c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:09:35.0456 0x103c  FileInfo - ok
10:09:35.0471 0x103c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:09:35.0471 0x103c  Filetrace - ok
10:09:35.0955 0x103c  [ F7EBE241CBFDBD07DBE441029CA8302D, 0ED89093BC333792A1A85482CB7446E31E41E1CCEF4755E50BD123D503E94173 ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
10:09:35.0971 0x103c  FLCDLOCK - ok
10:09:36.0002 0x103c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:09:36.0017 0x103c  flpydisk - ok
10:09:36.0033 0x103c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:09:36.0033 0x103c  FltMgr - ok
10:09:36.0080 0x103c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:09:36.0127 0x103c  FontCache - ok
10:09:36.0158 0x103c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:09:36.0158 0x103c  FontCache3.0.0.0 - ok
10:09:36.0158 0x103c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:09:36.0158 0x103c  FsDepends - ok
10:09:36.0189 0x103c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:09:36.0189 0x103c  Fs_Rec - ok
10:09:36.0236 0x103c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:09:36.0251 0x103c  fvevol - ok
10:09:36.0298 0x103c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:09:36.0314 0x103c  gagp30kx - ok
10:09:36.0345 0x103c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:09:36.0376 0x103c  gpsvc - ok
10:09:36.0470 0x103c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:36.0470 0x103c  gupdate - ok
10:09:36.0532 0x103c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:36.0532 0x103c  gupdatem - ok
10:09:36.0563 0x103c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:09:36.0579 0x103c  hcw85cir - ok
10:09:36.0641 0x103c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:09:36.0657 0x103c  HdAudAddService - ok
10:09:36.0704 0x103c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:09:36.0719 0x103c  HDAudBus - ok
10:09:36.0719 0x103c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:09:36.0735 0x103c  HidBatt - ok
10:09:36.0751 0x103c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:09:36.0751 0x103c  HidBth - ok
10:09:36.0766 0x103c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:09:36.0766 0x103c  HidIr - ok
10:09:36.0782 0x103c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:09:36.0797 0x103c  hidserv - ok
10:09:36.0829 0x103c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:09:36.0829 0x103c  HidUsb - ok
10:09:36.0891 0x103c  [ 846FCDB73941A5B8FC4299A234659713, A08AD3D82EF977C2CC095FDB39E50AEE2C30FA7FDCCA192F2174A979CCFD16AA ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
10:09:36.0907 0x103c  HitmanProScheduler - ok
10:09:36.0938 0x103c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:09:36.0938 0x103c  hkmsvc - ok
10:09:36.0969 0x103c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:09:36.0969 0x103c  HomeGroupListener - ok
10:09:37.0000 0x103c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:09:37.0016 0x103c  HomeGroupProvider - ok
10:09:37.0078 0x103c  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
10:09:37.0094 0x103c  HP DS Service - ok
10:09:37.0156 0x103c  [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
10:09:37.0187 0x103c  HP LaserJet Service - ok
10:09:37.0250 0x103c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:09:37.0265 0x103c  HP Support Assistant Service - ok
10:09:37.0390 0x103c  [ 87DFFF3009EAE8C56E5C8CAFFE8AF37F, A4787E7E3EDFC635A9773849D5A638C155C974A5CE91629E39DFF744C7A2C5C3 ] HPFSService     C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
10:09:37.0421 0x103c  HPFSService - ok
10:09:37.0531 0x103c  [ CC11313F44792799BC85793420E4D08D, 7FF812A0BA9AC90D9A1D69BE32366174BD9EF7301AE66CC9FC95F0ADB145D891 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:09:37.0562 0x103c  hpqwmiex - ok
10:09:37.0609 0x103c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:09:37.0609 0x103c  HpSAMD - ok
10:09:37.0655 0x103c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:09:37.0671 0x103c  HTTP - ok
10:09:37.0671 0x103c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:09:37.0671 0x103c  hwpolicy - ok
10:09:37.0718 0x103c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:09:37.0718 0x103c  i8042prt - ok
10:09:37.0749 0x103c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:09:37.0765 0x103c  iaStorV - ok
10:09:37.0811 0x103c  [ DC93D059EAEDAB5885BF52DB5FCB1D07, E217E6A88A1C61C6E8ACDD9E3FA759256DDE7EF50A41A3D7B07EF02BE6F974AE ] IceKore         C:\Windows\system32\DRIVERS\IceKore.sys
10:09:37.0811 0x103c  IceKore - ok
10:09:37.0874 0x103c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:09:37.0889 0x103c  idsvc - ok
10:09:37.0921 0x103c  IEEtwCollectorService - ok
10:09:38.0123 0x103c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:09:38.0311 0x103c  igfx - ok
10:09:38.0357 0x103c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:09:38.0357 0x103c  iirsp - ok
10:09:38.0420 0x103c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:09:38.0451 0x103c  IKEEXT - ok
10:09:38.0591 0x103c  [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:09:38.0665 0x103c  IntcAzAudAddService - ok
10:09:38.0688 0x103c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:09:38.0690 0x103c  intelide - ok
10:09:38.0727 0x103c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:09:38.0731 0x103c  intelppm - ok
10:09:38.0773 0x103c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:09:38.0780 0x103c  IPBusEnum - ok
10:09:38.0810 0x103c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:09:38.0814 0x103c  IpFilterDriver - ok
10:09:38.0857 0x103c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:09:38.0875 0x103c  iphlpsvc - ok
10:09:38.0890 0x103c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:09:38.0893 0x103c  IPMIDRV - ok
10:09:38.0900 0x103c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:09:38.0903 0x103c  IPNAT - ok
10:09:38.0937 0x103c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:09:38.0940 0x103c  IRENUM - ok
10:09:38.0969 0x103c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:09:38.0972 0x103c  isapnp - ok
10:09:39.0008 0x103c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:09:39.0022 0x103c  iScsiPrt - ok
10:09:39.0057 0x103c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:09:39.0058 0x103c  kbdclass - ok
10:09:39.0096 0x103c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:09:39.0098 0x103c  kbdhid - ok
10:09:39.0123 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:09:39.0124 0x103c  KeyIso - ok
10:09:39.0162 0x103c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:09:39.0165 0x103c  KSecDD - ok
10:09:39.0196 0x103c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:09:39.0199 0x103c  KSecPkg - ok
10:09:39.0230 0x103c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:09:39.0232 0x103c  ksthunk - ok
10:09:39.0262 0x103c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:09:39.0273 0x103c  KtmRm - ok
10:09:39.0329 0x103c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:09:39.0346 0x103c  LanmanServer - ok
10:09:39.0388 0x103c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:09:39.0394 0x103c  LanmanWorkstation - ok
10:09:39.0421 0x103c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:09:39.0423 0x103c  lltdio - ok
10:09:39.0454 0x103c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:09:39.0464 0x103c  lltdsvc - ok
10:09:39.0470 0x103c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:09:39.0473 0x103c  lmhosts - ok
10:09:39.0517 0x103c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:09:39.0521 0x103c  LSI_FC - ok
10:09:39.0566 0x103c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:09:39.0571 0x103c  LSI_SAS - ok
10:09:39.0605 0x103c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:09:39.0623 0x103c  LSI_SAS2 - ok
10:09:39.0660 0x103c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:09:39.0665 0x103c  LSI_SCSI - ok
10:09:39.0712 0x103c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:09:39.0712 0x103c  luafv - ok
10:09:39.0728 0x103c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:09:39.0728 0x103c  Mcx2Svc - ok
10:09:39.0743 0x103c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:09:39.0743 0x103c  megasas - ok
10:09:39.0759 0x103c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:09:39.0774 0x103c  MegaSR - ok
10:09:39.0930 0x103c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:09:39.0946 0x103c  Microsoft Office Groove Audit Service - ok
10:09:39.0962 0x103c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:09:39.0977 0x103c  MMCSS - ok
10:09:39.0993 0x103c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:09:39.0993 0x103c  Modem - ok
10:09:40.0040 0x103c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:09:40.0040 0x103c  monitor - ok
10:09:40.0071 0x103c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:09:40.0086 0x103c  mouclass - ok
10:09:40.0118 0x103c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:09:40.0133 0x103c  mouhid - ok
10:09:40.0149 0x103c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:09:40.0149 0x103c  mountmgr - ok
10:09:40.0227 0x103c  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:09:40.0227 0x103c  MozillaMaintenance - ok
10:09:40.0274 0x103c  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:09:40.0289 0x103c  MpFilter - ok
10:09:40.0305 0x103c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:09:40.0305 0x103c  mpio - ok
10:09:40.0352 0x103c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:09:40.0352 0x103c  mpsdrv - ok
10:09:40.0398 0x103c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:09:40.0414 0x103c  MpsSvc - ok
10:09:40.0430 0x103c  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:09:40.0430 0x103c  MRxDAV - ok
10:09:40.0461 0x103c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:09:40.0461 0x103c  mrxsmb - ok
10:09:40.0492 0x103c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:09:40.0492 0x103c  mrxsmb10 - ok
10:09:40.0508 0x103c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:09:40.0523 0x103c  mrxsmb20 - ok
10:09:40.0539 0x103c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:09:40.0539 0x103c  msahci - ok
10:09:40.0554 0x103c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:09:40.0554 0x103c  msdsm - ok
10:09:40.0570 0x103c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:09:40.0570 0x103c  MSDTC - ok
10:09:40.0601 0x103c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:09:40.0601 0x103c  Msfs - ok
10:09:40.0617 0x103c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:09:40.0617 0x103c  mshidkmdf - ok
10:09:40.0648 0x103c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:09:40.0648 0x103c  msisadrv - ok
10:09:40.0695 0x103c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:09:40.0695 0x103c  MSiSCSI - ok
10:09:40.0710 0x103c  msiserver - ok
10:09:40.0726 0x103c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:09:40.0726 0x103c  MSKSSRV - ok
10:09:40.0788 0x103c  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:09:40.0788 0x103c  MsMpSvc - ok
10:09:40.0820 0x103c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:09:40.0820 0x103c  MSPCLOCK - ok
10:09:40.0835 0x103c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:09:40.0835 0x103c  MSPQM - ok
10:09:40.0866 0x103c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:09:40.0882 0x103c  MsRPC - ok
10:09:40.0913 0x103c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:09:40.0913 0x103c  mssmbios - ok
10:09:40.0929 0x103c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:09:40.0944 0x103c  MSTEE - ok
10:09:40.0960 0x103c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:09:40.0960 0x103c  MTConfig - ok
10:09:40.0976 0x103c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:09:40.0976 0x103c  Mup - ok
10:09:41.0007 0x103c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:09:41.0022 0x103c  napagent - ok
10:09:41.0054 0x103c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:09:41.0069 0x103c  NativeWifiP - ok
10:09:41.0132 0x103c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:09:41.0147 0x103c  NDIS - ok
10:09:41.0178 0x103c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:09:41.0194 0x103c  NdisCap - ok
10:09:41.0194 0x103c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:09:41.0194 0x103c  NdisTapi - ok
10:09:41.0210 0x103c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:09:41.0210 0x103c  Ndisuio - ok
10:09:41.0210 0x103c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:09:41.0225 0x103c  NdisWan - ok
10:09:41.0225 0x103c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:09:41.0225 0x103c  NDProxy - ok
10:09:41.0272 0x103c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:09:41.0272 0x103c  Net Driver HPZ12 - ok
10:09:41.0303 0x103c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:09:41.0303 0x103c  NetBIOS - ok
10:09:41.0334 0x103c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:09:41.0334 0x103c  NetBT - ok
10:09:41.0366 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:09:41.0366 0x103c  Netlogon - ok
10:09:41.0412 0x103c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:09:41.0444 0x103c  Netman - ok
10:09:41.0631 0x103c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0646 0x103c  NetMsmqActivator - ok
10:09:41.0678 0x103c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0678 0x103c  NetPipeActivator - ok
10:09:41.0740 0x103c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:09:41.0756 0x103c  netprofm - ok
10:09:41.0756 0x103c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0771 0x103c  NetTcpActivator - ok
10:09:41.0771 0x103c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0771 0x103c  NetTcpPortSharing - ok
10:09:41.0818 0x103c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:09:41.0818 0x103c  nfrd960 - ok
10:09:41.0834 0x103c  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:09:41.0834 0x103c  NisDrv - ok
10:09:41.0865 0x103c  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:09:41.0865 0x103c  NisSrv - ok
10:09:41.0896 0x103c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:09:41.0912 0x103c  NlaSvc - ok
10:09:41.0912 0x103c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:09:41.0912 0x103c  Npfs - ok
10:09:41.0943 0x103c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:09:41.0943 0x103c  nsi - ok
10:09:41.0943 0x103c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:09:41.0958 0x103c  nsiproxy - ok
10:09:42.0005 0x103c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:09:42.0068 0x103c  Ntfs - ok
10:09:42.0130 0x103c  [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
10:09:42.0130 0x103c  NuidFltr - ok
10:09:42.0146 0x103c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:09:42.0146 0x103c  Null - ok
10:09:42.0177 0x103c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:09:42.0192 0x103c  nvraid - ok
10:09:42.0208 0x103c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:09:42.0224 0x103c  nvstor - ok
10:09:42.0239 0x103c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:09:42.0239 0x103c  nv_agp - ok
10:09:42.0333 0x103c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:09:42.0348 0x103c  odserv - ok
10:09:42.0380 0x103c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:09:42.0380 0x103c  ohci1394 - ok
10:09:42.0426 0x103c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:09:42.0426 0x103c  ose - ok
10:09:42.0473 0x103c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:09:42.0489 0x103c  p2pimsvc - ok
10:09:42.0504 0x103c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:09:42.0520 0x103c  p2psvc - ok
10:09:42.0551 0x103c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:09:42.0551 0x103c  Parport - ok
10:09:42.0582 0x103c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:09:42.0582 0x103c  partmgr - ok
10:09:42.0660 0x103c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:09:42.0692 0x103c  PcaSvc - ok
10:09:42.0723 0x103c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:09:42.0723 0x103c  pci - ok
10:09:42.0738 0x103c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:09:42.0738 0x103c  pciide - ok
10:09:42.0754 0x103c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:09:42.0754 0x103c  pcmcia - ok
10:09:42.0770 0x103c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:09:42.0770 0x103c  pcw - ok
10:09:42.0785 0x103c  pdfcDispatcher - ok
10:09:42.0832 0x103c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:09:42.0863 0x103c  PEAUTH - ok
10:09:42.0972 0x103c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:09:43.0019 0x103c  PeerDistSvc - ok
10:09:43.0347 0x103c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:09:43.0362 0x103c  PerfHost - ok
10:09:43.0440 0x103c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:09:43.0487 0x103c  pla - ok
10:09:43.0550 0x103c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:09:43.0565 0x103c  PlugPlay - ok
10:09:43.0581 0x103c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:09:43.0581 0x103c  Pml Driver HPZ12 - ok
10:09:43.0596 0x103c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:09:43.0596 0x103c  PNRPAutoReg - ok
10:09:43.0643 0x103c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:09:43.0643 0x103c  PNRPsvc - ok
10:09:43.0690 0x103c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:09:43.0706 0x103c  PolicyAgent - ok
10:09:43.0721 0x103c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:09:43.0737 0x103c  Power - ok
10:09:43.0784 0x103c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:09:43.0784 0x103c  PptpMiniport - ok
10:09:43.0799 0x103c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:09:43.0799 0x103c  Processor - ok
10:09:43.0830 0x103c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:09:43.0846 0x103c  ProfSvc - ok
10:09:43.0862 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:09:43.0862 0x103c  ProtectedStorage - ok
10:09:43.0893 0x103c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:09:43.0893 0x103c  Psched - ok
10:09:43.0940 0x103c  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
10:09:43.0940 0x103c  PxHlpa64 - ok
10:09:44.0033 0x103c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:09:44.0080 0x103c  ql2300 - ok
10:09:44.0096 0x103c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:09:44.0096 0x103c  ql40xx - ok
10:09:44.0127 0x103c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:09:44.0127 0x103c  QWAVE - ok
10:09:44.0158 0x103c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:09:44.0158 0x103c  QWAVEdrv - ok
10:09:44.0158 0x103c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:09:44.0158 0x103c  RasAcd - ok
10:09:44.0174 0x103c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:09:44.0174 0x103c  RasAgileVpn - ok
10:09:44.0189 0x103c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:09:44.0189 0x103c  RasAuto - ok
10:09:44.0220 0x103c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:09:44.0236 0x103c  Rasl2tp - ok
10:09:44.0252 0x103c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:09:44.0252 0x103c  RasMan - ok
10:09:44.0283 0x103c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:09:44.0283 0x103c  RasPppoe - ok
10:09:44.0298 0x103c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:09:44.0314 0x103c  RasSstp - ok
10:09:44.0314 0x103c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:09:44.0330 0x103c  rdbss - ok
10:09:44.0345 0x103c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:09:44.0345 0x103c  rdpbus - ok
10:09:44.0345 0x103c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:09:44.0345 0x103c  RDPCDD - ok
10:09:44.0361 0x103c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:09:44.0361 0x103c  RDPDR - ok
10:09:44.0392 0x103c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:09:44.0392 0x103c  RDPENCDD - ok
10:09:44.0392 0x103c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:09:44.0392 0x103c  RDPREFMP - ok
10:09:44.0439 0x103c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:09:44.0439 0x103c  RDPWD - ok
10:09:44.0470 0x103c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:09:44.0470 0x103c  rdyboost - ok
10:09:44.0501 0x103c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:09:44.0517 0x103c  RemoteAccess - ok
10:09:44.0532 0x103c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:09:44.0532 0x103c  RemoteRegistry - ok
10:09:44.0548 0x103c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:09:44.0548 0x103c  RpcEptMapper - ok
10:09:44.0564 0x103c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:09:44.0564 0x103c  RpcLocator - ok
10:09:44.0579 0x103c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:09:44.0595 0x103c  RpcSs - ok
10:09:44.0626 0x103c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:09:44.0626 0x103c  rspndr - ok
10:09:44.0688 0x103c  [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
10:09:44.0704 0x103c  RtkAudioService - ok
10:09:44.0720 0x103c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:09:44.0720 0x103c  s3cap - ok
10:09:44.0751 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:09:44.0751 0x103c  SamSs - ok
10:09:44.0782 0x103c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:09:44.0782 0x103c  sbp2port - ok
10:09:44.0829 0x103c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:09:44.0844 0x103c  SCardSvr - ok
10:09:44.0876 0x103c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:09:44.0876 0x103c  scfilter - ok
10:09:44.0922 0x103c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:09:44.0969 0x103c  Schedule - ok
10:09:44.0985 0x103c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:09:44.0985 0x103c  SCPolicySvc - ok
10:09:45.0016 0x103c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:09:45.0016 0x103c  SDRSVC - ok
10:09:45.0047 0x103c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:09:45.0047 0x103c  secdrv - ok
10:09:45.0063 0x103c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:09:45.0063 0x103c  seclogon - ok
10:09:45.0078 0x103c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:09:45.0078 0x103c  SENS - ok
10:09:45.0094 0x103c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:09:45.0094 0x103c  SensrSvc - ok
10:09:45.0125 0x103c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:09:45.0125 0x103c  Serenum - ok
10:09:45.0141 0x103c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:09:45.0141 0x103c  Serial - ok
10:09:45.0156 0x103c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:09:45.0156 0x103c  sermouse - ok
10:09:45.0188 0x103c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:09:45.0188 0x103c  SessionEnv - ok
10:09:45.0203 0x103c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:09:45.0203 0x103c  sffdisk - ok
10:09:45.0219 0x103c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:09:45.0219 0x103c  sffp_mmc - ok
10:09:45.0234 0x103c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:09:45.0234 0x103c  sffp_sd - ok
10:09:45.0266 0x103c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:09:45.0266 0x103c  sfloppy - ok
10:09:45.0297 0x103c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:09:45.0312 0x103c  SharedAccess - ok
10:09:45.0328 0x103c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:09:45.0344 0x103c  ShellHWDetection - ok
10:09:45.0359 0x103c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:09:45.0359 0x103c  SiSRaid2 - ok
10:09:45.0375 0x103c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:09:45.0375 0x103c  SiSRaid4 - ok
10:09:45.0406 0x103c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:09:45.0406 0x103c  Smb - ok
10:09:45.0437 0x103c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:09:45.0437 0x103c  SNMPTRAP - ok
10:09:45.0437 0x103c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:09:45.0453 0x103c  spldr - ok
10:09:45.0484 0x103c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:09:45.0500 0x103c  Spooler - ok
10:09:45.0671 0x103c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:09:45.0765 0x103c  sppsvc - ok
10:09:45.0780 0x103c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:09:45.0780 0x103c  sppuinotify - ok
10:09:45.0812 0x103c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:09:45.0827 0x103c  srv - ok
10:09:45.0843 0x103c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:09:45.0858 0x103c  srv2 - ok
10:09:45.0874 0x103c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:09:45.0874 0x103c  srvnet - ok
10:09:45.0905 0x103c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:09:45.0905 0x103c  SSDPSRV - ok
10:09:45.0921 0x103c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:09:45.0921 0x103c  SstpSvc - ok
10:09:45.0936 0x103c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:09:45.0936 0x103c  stexstor - ok
10:09:45.0968 0x103c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:09:45.0983 0x103c  stisvc - ok
10:09:45.0999 0x103c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:09:45.0999 0x103c  storflt - ok
10:09:45.0999 0x103c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:09:46.0014 0x103c  StorSvc - ok
10:09:46.0030 0x103c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:09:46.0030 0x103c  storvsc - ok
10:09:46.0046 0x103c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:09:46.0046 0x103c  swenum - ok
10:09:46.0217 0x103c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:09:46.0233 0x103c  SwitchBoard - ok
10:09:46.0264 0x103c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:09:46.0280 0x103c  swprv - ok
10:09:46.0358 0x103c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:09:46.0420 0x103c  SysMain - ok
10:09:46.0436 0x103c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:09:46.0436 0x103c  TabletInputService - ok
10:09:46.0467 0x103c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:09:46.0467 0x103c  TapiSrv - ok
10:09:46.0482 0x103c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:09:46.0482 0x103c  TBS - ok
10:09:46.0607 0x103c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:09:46.0654 0x103c  Tcpip - ok
10:09:46.0826 0x103c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:09:46.0857 0x103c  TCPIP6 - ok
10:09:46.0904 0x103c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:09:46.0904 0x103c  tcpipreg - ok
10:09:46.0935 0x103c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:09:46.0935 0x103c  TDPIPE - ok
10:09:46.0966 0x103c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:09:46.0966 0x103c  TDTCP - ok
10:09:46.0966 0x103c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:09:46.0966 0x103c  tdx - ok
10:09:46.0982 0x103c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:09:46.0997 0x103c  TermDD - ok
10:09:47.0044 0x103c  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
10:09:47.0075 0x103c  TermService - ok
10:09:47.0106 0x103c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:09:47.0106 0x103c  Themes - ok
10:09:47.0138 0x103c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:09:47.0138 0x103c  THREADORDER - ok
10:09:47.0169 0x103c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
10:09:47.0184 0x103c  TPM - ok
10:09:47.0200 0x103c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:09:47.0200 0x103c  TrkWks - ok
10:09:47.0247 0x103c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:09:47.0262 0x103c  TrustedInstaller - ok
10:09:47.0294 0x103c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:09:47.0309 0x103c  tssecsrv - ok
10:09:47.0340 0x103c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:09:47.0340 0x103c  TsUsbFlt - ok
10:09:47.0356 0x103c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:09:47.0372 0x103c  TsUsbGD - ok
10:09:47.0387 0x103c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:09:47.0403 0x103c  tunnel - ok
10:09:47.0434 0x103c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:09:47.0434 0x103c  uagp35 - ok
10:09:47.0465 0x103c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:09:47.0481 0x103c  udfs - ok
10:09:47.0512 0x103c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:09:47.0528 0x103c  UI0Detect - ok
10:09:47.0543 0x103c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:09:47.0543 0x103c  uliagpkx - ok
10:09:47.0574 0x103c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:09:47.0574 0x103c  umbus - ok
10:09:47.0590 0x103c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:09:47.0606 0x103c  UmPass - ok
10:09:47.0621 0x103c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:09:47.0637 0x103c  UmRdpService - ok
10:09:47.0652 0x103c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:09:47.0652 0x103c  upnphost - ok
10:09:47.0684 0x103c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:09:47.0699 0x103c  usbccgp - ok
10:09:47.0715 0x103c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:09:47.0730 0x103c  usbcir - ok
10:09:47.0762 0x103c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:09:47.0762 0x103c  usbehci - ok
10:09:47.0777 0x103c  [ 5AE9C87A1ED4B243942B3FDDD902134B, E19657C637B354F968099755DD311A159E57C4BD5ED89D81BDA1C70A62DC732E ] usbfilter       C:\Windows\system32\drivers\usbfilter.sys
10:09:47.0777 0x103c  usbfilter - ok
10:09:47.0824 0x103c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:09:47.0824 0x103c  usbhub - ok
10:09:47.0855 0x103c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:09:47.0855 0x103c  usbohci - ok
10:09:47.0871 0x103c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:09:47.0871 0x103c  usbprint - ok
10:09:47.0902 0x103c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:09:47.0918 0x103c  USBSTOR - ok
10:09:47.0933 0x103c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:09:47.0933 0x103c  usbuhci - ok
10:09:47.0964 0x103c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:09:47.0964 0x103c  UxSms - ok
10:09:47.0996 0x103c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:09:47.0996 0x103c  VaultSvc - ok
10:09:48.0042 0x103c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:09:48.0042 0x103c  vdrvroot - ok
10:09:48.0090 0x103c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:09:48.0106 0x103c  vds - ok
10:09:48.0121 0x103c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:09:48.0121 0x103c  vga - ok
10:09:48.0137 0x103c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:09:48.0137 0x103c  VgaSave - ok
10:09:48.0449 0x103c  [ CD1AA102EF0CF8CFB325925D55C26250, A2EB5EE87B9FB5D2DEE203B8D27ADE9AEAD0B0E19EC41EEEF651C55C0232E6BC ] VHBsAVIjJGK     C:\ProgramData\RMtZfI\VHBsAVIjJGK.exe
10:09:48.0511 0x103c  VHBsAVIjJGK - ok
10:09:48.0543 0x103c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:09:48.0543 0x103c  vhdmp - ok
10:09:48.0574 0x103c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:09:48.0589 0x103c  viaide - ok
10:09:48.0621 0x103c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:09:48.0621 0x103c  vmbus - ok
10:09:48.0667 0x103c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:09:48.0667 0x103c  VMBusHID - ok
10:09:48.0683 0x103c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:09:48.0699 0x103c  volmgr - ok
10:09:48.0730 0x103c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:09:48.0730 0x103c  volmgrx - ok
10:09:48.0777 0x103c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:09:48.0792 0x103c  volsnap - ok
10:09:48.0823 0x103c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:09:48.0823 0x103c  vsmraid - ok
10:09:48.0886 0x103c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:09:48.0933 0x103c  VSS - ok
10:09:48.0948 0x103c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:09:48.0964 0x103c  vwifibus - ok
10:09:48.0979 0x103c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:09:48.0995 0x103c  W32Time - ok
10:09:49.0026 0x103c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:09:49.0042 0x103c  WacomPen - ok
10:09:49.0073 0x103c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:09:49.0073 0x103c  WANARP - ok
10:09:49.0104 0x103c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:09:49.0104 0x103c  Wanarpv6 - ok
10:09:49.0182 0x103c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:09:49.0229 0x103c  WatAdminSvc - ok
10:09:49.0291 0x103c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:09:49.0338 0x103c  wbengine - ok
10:09:49.0354 0x103c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:09:49.0354 0x103c  WbioSrvc - ok
10:09:49.0369 0x103c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:09:49.0385 0x103c  wcncsvc - ok
10:09:49.0385 0x103c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:09:49.0401 0x103c  WcsPlugInService - ok
10:09:49.0416 0x103c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:09:49.0416 0x103c  Wd - ok
10:09:49.0463 0x103c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:09:49.0479 0x103c  Wdf01000 - ok
10:09:49.0510 0x103c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:09:49.0510 0x103c  WdiServiceHost - ok
10:09:49.0525 0x103c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:09:49.0525 0x103c  WdiSystemHost - ok
10:09:49.0541 0x103c  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
10:09:49.0541 0x103c  WebClient - ok
10:09:49.0557 0x103c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:09:49.0572 0x103c  Wecsvc - ok
10:09:49.0588 0x103c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:09:49.0588 0x103c  wercplsupport - ok
10:09:49.0619 0x103c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:09:49.0619 0x103c  WerSvc - ok
10:09:49.0666 0x103c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:09:49.0666 0x103c  WfpLwf - ok
10:09:49.0681 0x103c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:09:49.0681 0x103c  WIMMount - ok
10:09:49.0697 0x103c  WinDefend - ok
10:09:49.0697 0x103c  WinHttpAutoProxySvc - ok
10:09:49.0791 0x103c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:09:49.0837 0x103c  Winmgmt - ok
10:09:49.0900 0x103c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:09:49.0962 0x103c  WinRM - ok
10:09:50.0025 0x103c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:09:50.0040 0x103c  WinUsb - ok
10:09:50.0103 0x103c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:09:50.0118 0x103c  Wlansvc - ok
10:09:50.0165 0x103c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:09:50.0165 0x103c  WmiAcpi - ok
10:09:50.0181 0x103c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:09:50.0196 0x103c  wmiApSrv - ok
10:09:50.0212 0x103c  WMPNetworkSvc - ok
10:09:50.0259 0x103c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:09:50.0259 0x103c  WPCSvc - ok
10:09:50.0274 0x103c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:09:50.0274 0x103c  WPDBusEnum - ok
10:09:50.0290 0x103c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:09:50.0290 0x103c  ws2ifsl - ok
10:09:50.0305 0x103c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:09:50.0305 0x103c  wscsvc - ok
10:09:50.0352 0x103c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:09:50.0352 0x103c  WSDPrintDevice - ok
10:09:50.0368 0x103c  WSearch - ok
10:09:50.0477 0x103c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:09:50.0524 0x103c  wuauserv - ok
10:09:50.0555 0x103c  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:09:50.0555 0x103c  WudfPf - ok
10:09:50.0571 0x103c  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:09:50.0571 0x103c  WUDFRd - ok
10:09:50.0617 0x103c  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:09:50.0617 0x103c  wudfsvc - ok
10:09:50.0680 0x103c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:09:50.0695 0x103c  WwanSvc - ok
10:09:50.0695 0x103c  ================ Scan global ===============================
10:09:50.0727 0x103c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:09:50.0758 0x103c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:09:50.0773 0x103c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:09:50.0805 0x103c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:09:50.0820 0x103c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:09:50.0836 0x103c  [ Global ] - ok
10:09:50.0836 0x103c  ================ Scan MBR ==================================
10:09:50.0851 0x103c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:09:51.0055 0x103c  \Device\Harddisk0\DR0 - ok
10:09:51.0086 0x103c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:09:51.0383 0x103c  \Device\Harddisk1\DR1 - ok
10:09:51.0664 0x103c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
10:09:51.0679 0x103c  \Device\Harddisk2\DR2 - ok
10:09:51.0679 0x103c  ================ Scan VBR ==================================
10:09:51.0695 0x103c  [ 79B4590BA4293236910E51138200D638 ] \Device\Harddisk0\DR0\Partition1
10:09:51.0710 0x103c  \Device\Harddisk0\DR0\Partition1 - ok
10:09:51.0710 0x103c  [ 0E468F2B4259ABEC69CDC1BB73F25607 ] \Device\Harddisk0\DR0\Partition2
10:09:51.0726 0x103c  \Device\Harddisk0\DR0\Partition2 - ok
10:09:51.0742 0x103c  [ 9599F70B86BA4CD5506603B7BC4F5841 ] \Device\Harddisk0\DR0\Partition3
10:09:51.0742 0x103c  \Device\Harddisk0\DR0\Partition3 - ok
10:09:51.0742 0x103c  [ 7AB3F8747FB079568A5E074887070633 ] \Device\Harddisk1\DR1\Partition1
10:09:51.0788 0x103c  \Device\Harddisk1\DR1\Partition1 - ok
10:09:51.0804 0x103c  [ 39C33BB303CB571ECA766B9B874E546A ] \Device\Harddisk1\DR1\Partition2
10:09:51.0820 0x103c  \Device\Harddisk1\DR1\Partition2 - ok
10:09:51.0835 0x103c  [ 220BA69A3EFE4B83927A7BC3B4C2A9B7 ] \Device\Harddisk2\DR2\Partition1
10:09:51.0835 0x103c  \Device\Harddisk2\DR2\Partition1 - ok
10:09:51.0835 0x103c  ================ Scan generic autorun ======================
10:09:52.0210 0x0e94  Object required for P2P: [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC
10:09:52.0397 0x103c  [ 2166853BF49ECB1870385736CFA0068C, 37FF80713C4EFDF1248D90253DF501351245A9ECD4CA2C85E5ACAACFF1895C38 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:09:52.0522 0x103c  RTHDVCPL - ok
10:09:52.0896 0x103c  [ 5B8E55EFAE30A69D4979666A379D73B0, 6509DA0F58633BE58E2863F2BB3327A39B032CDAB1D7C5F7D8FE6A87D8326339 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:09:52.0927 0x103c  StartCCC - ok
10:09:53.0442 0x103c  [ FB9242750BEF44B7740B8D10BFF99DA3, C36F8B2FBF6484D98825BFCCDB20398B525024C69B7B25B571AEAC37222892D1 ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
10:09:53.0458 0x103c  CLMLServer_For_P2G8 - ok
10:09:53.0504 0x103c  [ CE66822E3C4E0221BB1638B4CBD37C62, 3B49307C9D688EC6724070CCCFEDDD7460837D7CF70D05AD962DD1E6CDA73ECF ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
10:09:53.0520 0x103c  CLVirtualDrive - ok
10:09:53.0629 0x103c  [ 3F60007F5DD0BA5FDA0E197ED7DDC6FF, 1C7B8063AAB30883895A31B1581219B816BE1D106E959C9C019C7D7CBF475DD1 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
10:09:53.0645 0x103c  PDF Complete - ok
10:09:53.0832 0x103c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:09:54.0347 0x103c  Sidebar - ok
10:09:54.0378 0x103c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:09:54.0378 0x103c  mctadmin - ok
10:09:54.0440 0x103c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:09:54.0456 0x103c  Sidebar - ok
10:09:54.0472 0x103c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:09:54.0472 0x103c  mctadmin - ok
10:09:54.0674 0x103c  [ B53D59915A356B06C1D7DE5B22B4177C, 98E7DF7D9695E0CB18B2C1B39473E147C6C943828950CB9EBAD71C82241FDBD7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
10:09:54.0690 0x103c  GoogleChromeAutoLaunch_3E6135E752F5BC033A0785300142316F - ok
10:09:54.0815 0x103c  [ 9AB9D6123B05EA2FF896B272F97BEDB2, 103B9B6FD6360A357C553B18885806F76A14AA7D2A7098E5FACE58543A58E651 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
10:09:54.0846 0x103c  HydraVisionDesktopManager - ok
10:09:54.0846 0x103c  Waiting for KSN requests completion. In queue: 263
10:09:55.0860 0x103c  Waiting for KSN requests completion. In queue: 263
10:09:56.0624 0x0e94  Object send P2P result: true
10:09:56.0874 0x103c  Waiting for KSN requests completion. In queue: 78
10:09:57.0888 0x103c  Waiting for KSN requests completion. In queue: 78
10:09:58.0902 0x103c  Waiting for KSN requests completion. In queue: 78
10:09:59.0916 0x103c  Waiting for KSN requests completion. In queue: 78
10:10:00.0946 0x103c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:10:00.0961 0x103c  Win FW state via NFP2: enabled
10:10:05.0315 0x103c  ============================================================
10:10:05.0315 0x103c  Scan finished
10:10:05.0315 0x103c  ============================================================
10:10:05.0315 0x17b8  Detected object count: 0
10:10:05.0315 0x17b8  Actual detected object count: 0
 
 
 
JRT log
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Professional x64
Ran by GM on Mon 10/27/2014 at 10:17:05.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-103569552-2442041212-2060128428-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/27/2014 at 10:22:58.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ESET log
 
E:\Documents and Settings\new\Local Settings\Temp\ct3311875\CT3311875.xpi a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
E:\Documents and Settings\new\Local Settings\Temp\NativeMessaging\CT3311875.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
E:\Documents and Settings\new\Local Settings\Temp\NativeMessaging\CT3311875\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
E:\Documents and Settings\new\Local Settings\Temp\TestIfExeExist\CT3311875\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
E:\Documents and Settings\new\My Documents\Downloads\epm.exe Win32/OpenCandy potentially unsafe application
E:\PREP\PREP.bat.cmd BAT/HostsChanger.A potentially unsafe application
E:\WINDOWS\Installer\MSI1740.tmp a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
I:\backup314\documents\Downloads\epm.exe Win32/OpenCandy potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\GM\AppData\Roaming\VOPackage\runasu.exe.vir a variant of Win32/VOPackage.V potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\GM\AppData\Roaming\VOPackage\Uninstall.exe.vir Win32/VOPackage.AK potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\MyOSProtect64.dll.vir Win64/Adware.Loadshop.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\MyOSProtect.dll.vir Win32/AdWare.Loadshop.C application cleaned by deleting - quarantined
C:\SWSETUP\APP\Applications\Corel\WinZipBasic\15.0\src\wz15basic.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\nsnDCB1.tmp Win32/AnyProtect.F potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\ICReinstall_nscCB7.tmp a variant of Win32/InstallCore.PK potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\ICReinstall_nspC50B.tmp a variant of Win32/InstallCore.PL potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\ICReinstall_nswDA8.tmp a variant of Win32/InstallCore.PO potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\ICReinstall_nswF76A.tmp a variant of Win32/InstallCore.PO potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nscCB7.tmp a variant of Win32/InstallCore.PK potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nsf83AD.tmp a variant of Win32/InstallCore.PL potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nsnDCB1.tmp Win32/AnyProtect.F potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nspC50B.tmp a variant of Win32/InstallCore.PL potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nswDA8.tmp a variant of Win32/InstallCore.PO potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\nswF76A.tmp a variant of Win32/InstallCore.PO potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\optprosetup.exe multiple threats cleaned by deleting - quarantined
C:\Users\GM\AppData\Local\Temp\4849tmp\cloud_backup_setup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\484Atmp\installer.exe a variant of Win32/TrojanDropper.MsiDrop.A trojan cleaned by deleting - quarantined
C:\Users\GM\AppData\Local\Temp\485Ftmp\superoptimizersetup.exe a variant of Win32/Adware.SpeedingUpMyPC.T.gen application cleaned by deleting - quarantined
C:\Users\GM\AppData\Local\Temp\is-7Q4CJ.tmp\package_commonshare_installer_multilang.exe Win32/AdWare.EoRezo.AW application cleaned by deleting - quarantined
C:\Users\GM\AppData\Local\Temp\is-7Q4CJ.tmp\xml_package_groovorio_installer_multilang.exe Win32/AdWare.EoRezo.AW application cleaned by deleting - quarantined
C:\Users\GM\AppData\Local\Temp\is45637729\1969396_stp\Generic_vo.exe Win32/VOPackage.X potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\is45637729\277549605_stp\Generic_vo.exe Win32/VOPackage.X potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\is45637729\281174261_stp\Generic_vo.exe Win32/VOPackage.X potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\is45637729\281492_stp\Generic_vo.exe Win32/VOPackage.X potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{3A6CE4E7-B131-4860-ACD7-08CCB542DE64}\Default\Cache\f_00017b Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{46782791-7D8E-4D41-9C60-35178DE5B6FB}\Default\Cache\f_000101 Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{5D37C805-F670-4AF5-B475-CF453E960F48}\Default\Cache\f_00010d Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{688C02F7-951A-4266-AFA6-BC013B1240E5}\Default\Cache\f_000150 Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{80CB43EC-FC99-4E55-A600-F171BF12AD08}\Default\Cache\f_00015e Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{9DAF91B4-729A-4E4B-A1BA-0D3DB0F6C8A0}\Default\Cache\f_0001b7 HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\GM\AppData\Local\Temp\{F450B506-FABC-46A8-AC65-AB0CA0C53201}\{C0B8D50D-F5D6-4CF0-AACE-DB3605DDD940}\Default\Cache\f_0000cf Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Roaming\FXSZ JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Roaming\LBQVVVTO JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Roaming\MPAP JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Users\GM\AppData\Roaming\ZJTRLDF JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\Users\GM\Documents\Downloads\epm.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\GM\Downloads\Setup (1).exe a variant of Win32/AdWare.iBryte.BJ application cleaned by deleting - quarantined
C:\Users\GM\Downloads\Setup (2).exe a variant of Win32/AdWare.iBryte.BJ application cleaned by deleting - quarantined
C:\Users\GM\Downloads\Unconfirmed 142920.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 146506.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 16788.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 189653.crdownload Win32/Distromatic.C potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 197433.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 208166.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 208207.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 208666.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 21433.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 232146.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 232960.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 256951.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 2760.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 282257.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 3090.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 31321.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 345354.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 381735.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 395374.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 465320.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 474367.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 474380.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 486207.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 550740.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 55179.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 560941.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 563234.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 571404.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 616656.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 621605.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 623650.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 631212.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 702029.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 720677.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 725734.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 728462.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 764078.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 765848.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 771548.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 773753.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 792121.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 799367.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 803149.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 821676.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 82216.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 862643.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 881403.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 892773.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 913771.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 916721.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 919170.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 922623.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 931414.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 96124.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 968808.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Users\GM\Downloads\Unconfirmed 986548.crdownload Win32/Systweak.K potentially unwanted application deleted - quarantined
C:\Windows\Installer\484f7.msi a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
E:\1026wipe\Documents\Downloads\epm.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
E:\Crack\Activation Blocker.cmd BAT/HostsChanger.A potentially unsafe application deleted - quarantined
E:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3311875\UninstallerUI.exe a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application deleted - quarantined
E:\Documents and Settings\All Users\Application Data\Conduit\Multi\CT3311875\UninstallerUI.exe a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Application Data\Mozilla\Firefox\Profiles\ug7s4s6o.default\extensions\{5fec7248-515c-47be-ab0a-6bc547472dea}\Plugins\npConduitFirefoxPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Conduit\Chrome\CT3311875\CHUninstaller.exe a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Conduit\Chrome\CT3311875\UninstallerUI.exe a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\CRE\blklojfklgnogjaijkibhfjepakiocng.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.23.0.714_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.23.0.714_0\TBHostSupport\TBHostSupport.dll a variant of Win32/Toolbar.Conduit.AA potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.2.507_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.2.507_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.7.519_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.7.519_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.9.505_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blklojfklgnogjaijkibhfjepakiocng\10.26.9.505_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
E:\Documents and Settings\new\Local Settings\Application Data\NativeMessaging\CT3311875\1_0_0_5\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:53 AM

Posted 28 October 2014 - 01:10 PM

WE can repost and run some stronger tools with a deeper look, but that will take a couple days.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ushiugajin

ushiugajin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:53 AM

Posted 28 October 2014 - 02:08 PM

I appreciate the help but time constraints were an issue with this one so I reinstalled windows and moved his documents, pictures etc and it seems fine. I just hate not knowing in case it happens again. 

 

I will continue to educate myself and this site is a great resource. Thanks one and all. 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:53 AM

Posted 29 October 2014 - 08:04 PM

You're welcome.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users