Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2 Weeks with Tech Support no Progress.


  • Please log in to reply
25 replies to this topic

#1 SheaReinke

SheaReinke

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 13 November 2014 - 08:40 PM

I have a win7 machine that is not ..working.. it wont serve internet pages specifically.

 

I can ping stuff and the tray icon says connected with internet access, and the network map looks fine.

 

*Yet* I cannot access web pages. I have spent 2 weeks with At&t and now they are telling me I have to sign up for a year of 'superior' support.

 

I am certain this is one of those things like when your Proxy Server gets wonked but you just gotta turn it back.

 

That has happened to this computer several times prior to the current problem.

 

Can anyone help me solve this riddle. Then I can call At&t back and tell them how the problem is fixed.

 

Its got to be some quirky setting. I'm sure of it.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:43 AM

Posted 13 November 2014 - 09:00 PM

Hello SheaReinke and welcome.

I am moving this to the Am I infected forum,,,

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 xAnti_HerOx

xAnti_HerOx

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:11:43 PM

Posted 13 November 2014 - 09:31 PM

Go ahead and Navigate to your Internet Settings. 

 

(Win + R) to Open Run Box

- Then Open INETCPL.CPL

- Check Connections Tab 

- And Click "LAN Settings"

 

There should be 3 Check Boxes

- Make sure the Proxy Server is Deselected

- And that Automatically Detect Settings is Selected

Then Click Okay and Apply

 

Does it look like the Proxy Still Remains? 

If so the proxy may be embedded elsewhere also. 

 

Make sure the Registry has not been modified to do so I would also take a look here......

 

Sometimes if the computer was infected, malware removal programs wont do very much on the proxy end in the registry.
I have only had a hand full ever go there.But we can go ahead and try to manually check to see if any Registry Keys were set for this.
 

BEFORE doing any registry edit, please back up your registry. If something goes wrong you will be able to restore the registry from the back up.

  • Click here to open the download page for ERUNT
  • Scroll down to the Download ERUNT: section and choose a download server for erunt-setup.exe
  • Save the file to your desktop
  • Run erunt-setup.exe to install the application on your computer
  • Click Next on each screen accepting the defaults, click Install
  • Choose whether or not to run ERUNT at startup (recommended)
  • Untick Show Documentation and click Finish to launch ERUNT
    (it can also be run from Start > Program Files > ERUNT > ERUNT)
  • Click Ok on the dialog box, select the folder for ERUNT to backup to (default recommended)
    (a warning might appear if the folder does not exist, click yes to create it)
  • ERUNT will run and a message will notify that you that the backup is complete
Once we have covered our backing up in case of any accidents.
Go ahead and Open your Run Box Again (Win Key + R ) 
  • Type In : "Regedit" 
Your Registry Editor Will Now Open. You will notice two boxes, one on the left and one on the right. 
On the left side. 
Expand the folders and Navigate to 
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
DELETE Keys marked with *Local , Override, or Loopback
 
Also,You will see Other Keys :
-ProxyEnable - Right Click the Key, Select Modify, and Set Value to 0
-ProxyHTTP - Right Click the Key, Select Modify, and Set Value to 0
 
Then Also Navigate to :
 
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
 
DELETE Keys marked with *Local , Override, or Loopback
 
Also,You will see Other Keys :
-ProxyEnable - Right Click the Key, Select Modify, and Set Value to 0
-ProxyHTTP - Right Click the Key, Select Modify, and Set Value to 0
 
Your Screen Should Look Something Like What is Attached Below
 
ProxyOverride.png
 
Now Check the Internet Settings and See if they are still Locked on the Proxy.
Please note anything you do find. And anything you do not find. As both are just as important. 

4mKMIUp.jpg

 

"The human spirit must prevail over technology". -Albert Einstein 


#4 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 13 November 2014 - 10:01 PM

Wow! That was fast!

I will update tomorrow with the the results of the scans stuffs. I will download the installers to a USB tonight.

 

Note: The proxy server thing is not the case here, but I think it might be related. For about five months now the proxy server thing has been happening occasionally.

I had actually gotten used to it - I would open up the thing remove the check from proxy settings - problem fixed.

Then two weeks ago: Web Pages wouldnt load : I went promptly to reset the proxy server and .. it wasnt set ..

( I have Malwarebytes and CCleaner and run them regularly : As well as Windows Defender AV )



#5 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 14 November 2014 - 06:10 AM

 

Go ahead and Navigate to your Internet Settings. 

 

(Win + R) to Open Run Box

- Then Open INETCPL.CPL

- Check Connections Tab 

- And Click "LAN Settings"

 

There should be 3 Check Boxes

- Make sure the Proxy Server is Deselected

- And that Automatically Detect Settings is Selected

Then Click Okay and Apply

 

Does it look like the Proxy Still Remains? 

If so the proxy may be embedded elsewhere also. 

 

Make sure the Registry has not been modified to do so I would also take a look here......

 

Sometimes if the computer was infected, malware removal programs wont do very much on the proxy end in the registry.
I have only had a hand full ever go there.But we can go ahead and try to manually check to see if any Registry Keys were set for this.
 

BEFORE doing any registry edit, please back up your registry. If something goes wrong you will be able to restore the registry from the back up.

  • Click here to open the download page for ERUNT
  • Scroll down to the Download ERUNT: section and choose a download server for erunt-setup.exe
  • Save the file to your desktop
  • Run erunt-setup.exe to install the application on your computer
  • Click Next on each screen accepting the defaults, click Install
  • Choose whether or not to run ERUNT at startup (recommended)
  • Untick Show Documentation and click Finish to launch ERUNT
    (it can also be run from Start > Program Files > ERUNT > ERUNT)
  • Click Ok on the dialog box, select the folder for ERUNT to backup to (default recommended)
    (a warning might appear if the folder does not exist, click yes to create it)
  • ERUNT will run and a message will notify that you that the backup is complete
Once we have covered our backing up in case of any accidents.
Go ahead and Open your Run Box Again (Win Key + R ) 
  • Type In : "Regedit" 
Your Registry Editor Will Now Open. You will notice two boxes, one on the left and one on the right. 
On the left side. 
Expand the folders and Navigate to 
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
DELETE Keys marked with *Local , Override, or Loopback
 
Also,You will see Other Keys :
-ProxyEnable - Right Click the Key, Select Modify, and Set Value to 0
-ProxyHTTP - Right Click the Key, Select Modify, and Set Value to 0
 
Then Also Navigate to :
 
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
 
DELETE Keys marked with *Local , Override, or Loopback
 
Also,You will see Other Keys :
-ProxyEnable - Right Click the Key, Select Modify, and Set Value to 0
-ProxyHTTP - Right Click the Key, Select Modify, and Set Value to 0
 
Your Screen Should Look Something Like What is Attached Below
 
ProxyOverride.png
 
Now Check the Internet Settings and See if they are still Locked on the Proxy.
Please note anything you do find. And anything you do not find. As both are just as important. 

 

 

I just wanted to touch more on this. All of this is for Internet Explorer only. The part Proxyenable and ProxyHttp1.1 set to value 0 is correct. However, you should also mention to close IE before editing the registry. The ab String ProxyOverride & ProxyServer can be safely deleted. There is no need to edit. Once IE is launched again and proxy settings changed in IE those strings will be rebuilt in the registry again. With malware overriding these values it's best to delete them entirely.

 

As for Firefox these settings can be change by typing about:config in the url field. Then searching for network.proxy Below is a list of default values. Note: Nothing after ; is just blank fields.

 

network.proxy.autoconfig_retry_interval_max;300
network.proxy.autoconfig_retry_interval_min;5
network.proxy.autoconfig_url;
network.proxy.failover_timeout;1800
network.proxy.ftp;
network.proxy.http;
network.proxy.http_port;0
network.proxy.no_proxies_on;localhost, 127.0.0.1
network.proxy.proxy_over_tls;true
network.proxy.share_proxy_settings;false
network.proxy.socks;
network.proxy.socks_port;0
network.proxy.socks_remote_dns;false
network.proxy.socks_version;5
network.proxy.ssl;
network.proxy.ssl_port;0
network.proxy.type;5


Edited by technonymous, 14 November 2014 - 06:12 AM.


#6 xAnti_HerOx

xAnti_HerOx

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:11:43 PM

Posted 14 November 2014 - 03:53 PM

I agree Tech. that is also why I said to 

 

 " DELETE Keys marked with *Local , Override, or Loopback " 

 

not to modify those keys. But thanks. 

Hopefully he can get this issue resolved quickly. 


4mKMIUp.jpg

 

"The human spirit must prevail over technology". -Albert Einstein 


#7 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:43 PM

Posted 14 November 2014 - 05:16 PM

I agree Tech. that is also why I said to 

 

 " DELETE Keys marked with *Local , Override, or Loopback " 

 

not to modify those keys. But thanks. 

Hopefully he can get this issue resolved quickly. 

Yes, you and I know blanking them out fixes the problem, but I just wanted to reiterate and clarify that part because, I could see from a average persons standpoint might not understand what local, loopback means let alone understand what to edit out. It's all good though. :thumbsup2:



#8 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 01:45 PM

ok, that was an interesting weekend, 

 

first, thanks again for responding so quickly!

 

second, sorry for the delay, and!

I will start the processes herein now. assumedly this will take an hour or two. brb. for real this time.



#9 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 19 November 2014 - 02:00 PM

I think immediately going to the regedit option is not a good idea. Even if you manually edit the reg key, if something malicious is controlling that setting, it will just get changed back.

 

Be sure to do the tools FIRST as they will likely eliminate the problem (which is likely why veteran advisor, boopme, suggested that)



#10 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:19 PM

Well, this is definitely helping!

 

ESET error: Unexpected error 2002

 

another ten minutes on the document uploads..wait.. I should have access over there now.. It loaded the eset website.

 

It also successfully downloaded an update for JRT, and deleted some SMUpdd file.



#11 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:23 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Danny (administrator) on 19-11-2014 at 10:46:35
Running from "C:\Users\Danny\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® 82566DM-2 Gigabit Network Connection = Local Area Connection (Connected)
TP-LINK 300Mbps Wireless N Adapter = Wireless Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Anvil
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Intel® 82566DM-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1E-37-3B-0B-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:349d:5f50:5d22:2a76:7e1a:7111(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:306:349d:5f50:5475:7165:f050:4ab9(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::5d22:2a76:7e1a:7111%18(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, November 19, 2014 10:03:45 AM
   Lease Expires . . . . . . . . . . : Thursday, November 20, 2014 10:05:16 AM
   Default Gateway . . . . . . . . . : fe80::8e7f:3bff:fe6a:b360%18
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 268443191
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4F-52-68-00-1E-37-3B-0B-12
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 9:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:246f:136d:3f57:febe(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::246f:136d:3f57:febe%13(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.254
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  192.168.1.254
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging  with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for j|_l:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...00 1e 37 3b 0b 12 ......Intel® 82566DM-2 Gigabit Network Connection
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.65     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.65    276
     192.168.1.65  255.255.255.255         On-link      192.168.1.65    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.65    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.65    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.65    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18    276 ::/0                     fe80::8e7f:3bff:fe6a:b360
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6abd:246f:136d:3f57:febe/128
                                    On-link
 18     28 2602:306:349d:5f50::/64  On-link
 18    276 2602:306:349d:5f50:5475:7165:f050:4ab9/128
                                    On-link
 18    276 2602:306:349d:5f50:5d22:2a76:7e1a:7111/128
                                    On-link
 18    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::246f:136d:3f57:febe/128
                                    On-link
 18    276 fe80::5d22:2a76:7e1a:7111/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 18    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 02 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 03 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 04 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 05 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 06 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 07 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 08 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [File not found] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/19/2014 04:41:17 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (11/14/2014 10:23:39 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (11/10/2014 02:19:12 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (11/05/2014 11:11:21 AM) (Source: MsiInstaller) (User: Anvil)
Description: Product: Synergy (64-bit) -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
 
Error: (11/03/2014 00:34:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x10320
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (11/02/2014 02:32:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: uTorrent.exe, version: 3.4.2.34309, time stamp: 0x542362e2
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x038f0f50
Faulting process id: 0xfd20
Faulting application start time: 0xuTorrent.exe0
Faulting application path: uTorrent.exe1
Faulting module path: uTorrent.exe2
Report Id: uTorrent.exe3
 
Error: (10/27/2014 02:11:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdatem) since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (10/27/2014 02:11:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdate) since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (10/19/2014 03:34:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLSync.exe, version: 15.4.3555.308, time stamp: 0x4f5968e8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x80000003
Fault offset: 0x00013226
Faulting process id: 0x13a8
Faulting application start time: 0xWLSync.exe0
Faulting application path: WLSync.exe1
Faulting module path: WLSync.exe2
Report Id: WLSync.exe3
 
Error: (10/19/2014 03:34:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: MOE.exe, version: 15.4.5727.26, time stamp: 0x4f47830e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x80131623
Fault offset: 0x04440f24
Faulting process id: 0x12c4
Faulting application start time: 0xMOE.exe0
Faulting application path: MOE.exe1
Faulting module path: MOE.exe2
Report Id: MOE.exe3
 
 
System errors:
=============
Error: (11/19/2014 03:18:15 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (11/12/2014 03:00:17 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (11/12/2014 02:12:32 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (11/12/2014 00:53:56 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.187.1501.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (11/12/2014 00:41:47 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (11/11/2014 01:44:45 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.187.1501.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (11/11/2014 01:44:41 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.187.1501.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (11/10/2014 01:44:47 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.187.1501.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (11/10/2014 01:34:45 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (11/05/2014 11:22:46 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
 
Microsoft Office Sessions:
=========================
Error: (11/19/2014 04:41:17 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (11/14/2014 10:23:39 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (11/10/2014 02:19:12 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (11/05/2014 11:11:21 AM) (Source: MsiInstaller)(User: Anvil)
Description: Product: Synergy (64-bit) -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/03/2014 00:34:05 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e1032001cff6226016551eC:\Windows\Explorer.EXEC:\Windows\system32\msvcrt.dllc051d2cd-6398-11e4-a2d5-001e373b0b12
 
Error: (11/02/2014 02:32:20 AM) (Source: Application Error)(User: )
Description: uTorrent.exe3.4.2.34309542362e2unknown0.0.0.000000000c0000005038f0f50fd2001cff622608635cbC:\Users\Shea\AppData\Roaming\uTorrent\uTorrent.exeunknown85e24611-627b-11e4-a2d5-001e373b0b12
 
Error: (10/27/2014 02:11:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdatem) since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (10/27/2014 02:11:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdate) since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (10/19/2014 03:34:21 PM) (Source: Application Error)(User: )
Description: WLSync.exe15.4.3555.3084f5968e8KERNELBASE.dll6.1.7601.1840953159a86800000030001322613a801cfebf526c9fe3bC:\Program Files (x86)\Windows Live\Mesh\WLSync.exeC:\Windows\syswow64\KERNELBASE.dll72f461ea-57e8-11e4-a2a7-001e373b0b12
 
Error: (10/19/2014 03:34:17 PM) (Source: Application Error)(User: )
Description: MOE.exe15.4.5727.264f47830eunknown0.0.0.0000000008013162304440f2412c401cfebf532eb3984C:\Program Files (x86)\Windows Live\Mesh\MOE.exeunknown70efd74e-57e8-11e4-a2a7-001e373b0b12
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-19 03:17:44.374
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-19 03:17:44.327
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 14:59:54.156
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 14:59:54.093
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 14:11:42.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 14:11:42.108
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 12:41:32.956
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-12 12:41:32.894
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 13:34:26.251
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 13:34:26.188
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athrx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.23 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.0.0 - Adobe Systems) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Glary Utilities 5.11 (HKLM-x32\...\Glary Utilities 5) (Version: 5.11.0.23 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HTML-Kit 292 (HKLM-x32\...\HTMLKit_is1) (Version: 1.0 - HTMLKit.com)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Iomega Product Registration (HKLM-x32\...\{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}) (Version: 7.24.0000 - Iomega Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Opera Stable 25.0.1614.50 (HKLM-x32\...\Opera 25.0.1614.50) (Version: 25.0.1614.50 - Opera Software ASA)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
TP-LINK TL-WN951N Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
WinArchiver Virtual Drive (HKLM-x32\...\WinArchiver Virtual Drive) (Version: 2.8 - WinArchiver Computing, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 3797.3 MB
Available physical RAM: 2124.14 MB
Total Pagefile: 7592.78 MB
Available Pagefile: 6004.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.85 MB
 
========================= Partitions: =====================================
 
2 Drive c: (Windows) (Fixed) (Total:148.85 GB) (Free:96.92 GB) NTFS
3 Drive d: (CD216A2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
4 Drive e: (System) (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS
6 Drive g: (HP v150w) (Removable) (Total:59.93 GB) (Free:59.89 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\ANVIL
 
Administrator            Danny                    Guest                    
Shea                     
 
 
**** End of log ****


#12 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:24 PM

10:47:47.0602 0x1254  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
10:49:17.0037 0x1254  ============================================================
10:49:17.0037 0x1254  Current date / time: 2014/11/19 10:49:17.0037
10:49:17.0037 0x1254  SystemInfo:
10:49:17.0037 0x1254  
10:49:17.0037 0x1254  OS Version: 6.1.7601 ServicePack: 1.0
10:49:17.0037 0x1254  Product type: Workstation
10:49:17.0037 0x1254  ComputerName: ANVIL
10:49:17.0037 0x1254  UserName: Danny
10:49:17.0037 0x1254  Windows directory: C:\Windows
10:49:17.0037 0x1254  System windows directory: C:\Windows
10:49:17.0037 0x1254  Running under WOW64
10:49:17.0037 0x1254  Processor architecture: Intel x64
10:49:17.0037 0x1254  Number of processors: 2
10:49:17.0037 0x1254  Page size: 0x1000
10:49:17.0037 0x1254  Boot type: Normal boot
10:49:17.0037 0x1254  ============================================================
10:49:18.0862 0x1254  KLMD registered as C:\Windows\system32\drivers\21453254.sys
10:49:19.0221 0x1254  System UUID: {C14D72DE-9E65-7033-439F-8A03C4C45F26}
10:49:19.0830 0x1254  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:19.0861 0x1254  Drive \Device\Harddisk1\DR1 - Size: 0xEFCBE0000 ( 59.95 Gb ), SectorSize: 0x200, Cylinders: 0x1E91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:49:19.0861 0x1254  ============================================================
10:49:19.0861 0x1254  \Device\Harddisk0\DR0:
10:49:19.0861 0x1254  MBR partitions:
10:49:19.0861 0x1254  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
10:49:19.0861 0x1254  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x129B4800
10:49:19.0861 0x1254  \Device\Harddisk1\DR1:
10:49:19.0861 0x1254  MBR partitions:
10:49:19.0861 0x1254  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x77E5EBF
10:49:19.0861 0x1254  ============================================================
10:49:19.0892 0x1254  C: <-> \Device\Harddisk0\DR0\Partition2
10:49:19.0908 0x1254  E: <-> \Device\Harddisk0\DR0\Partition1
10:49:19.0908 0x1254  ============================================================
10:49:19.0908 0x1254  Initialize success
10:49:19.0908 0x1254  ============================================================
10:49:25.0243 0x044c  ============================================================
10:49:25.0243 0x044c  Scan started
10:49:25.0243 0x044c  Mode: Manual; 
10:49:25.0243 0x044c  ============================================================
10:49:25.0243 0x044c  KSN ping started
10:49:25.0258 0x044c  KSN ping finished: false
10:49:26.0834 0x044c  ================ Scan system memory ========================
10:49:26.0834 0x044c  System memory - ok
10:49:26.0834 0x044c  ================ Scan services =============================
10:49:26.0959 0x044c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:49:26.0974 0x044c  1394ohci - ok
10:49:27.0037 0x044c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:49:27.0037 0x044c  ACPI - ok
10:49:27.0068 0x044c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:49:27.0068 0x044c  AcpiPmi - ok
10:49:27.0193 0x044c  [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
10:49:27.0193 0x044c  AdobeActiveFileMonitor11.0 - ok
10:49:27.0255 0x044c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:49:27.0255 0x044c  AdobeARMservice - ok
10:49:27.0364 0x044c  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:49:27.0380 0x044c  AdobeFlashPlayerUpdateSvc - ok
10:49:27.0442 0x044c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:49:27.0458 0x044c  adp94xx - ok
10:49:27.0489 0x044c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:49:27.0505 0x044c  adpahci - ok
10:49:27.0520 0x044c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:49:27.0520 0x044c  adpu320 - ok
10:49:27.0567 0x044c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:49:27.0567 0x044c  AeLookupSvc - ok
10:49:27.0614 0x044c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:49:27.0630 0x044c  AFD - ok
10:49:27.0661 0x044c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:49:27.0661 0x044c  agp440 - ok
10:49:27.0692 0x044c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:49:27.0692 0x044c  ALG - ok
10:49:27.0708 0x044c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:49:27.0708 0x044c  aliide - ok
10:49:27.0723 0x044c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:49:27.0723 0x044c  amdide - ok
10:49:27.0770 0x044c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:49:27.0770 0x044c  AmdK8 - ok
10:49:27.0770 0x044c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:49:27.0770 0x044c  AmdPPM - ok
10:49:27.0817 0x044c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:49:27.0817 0x044c  amdsata - ok
10:49:27.0848 0x044c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:49:27.0848 0x044c  amdsbs - ok
10:49:27.0864 0x044c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:49:27.0864 0x044c  amdxata - ok
10:49:27.0957 0x044c  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
10:49:27.0957 0x044c  AppHostSvc - ok
10:49:28.0004 0x044c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:49:28.0004 0x044c  AppID - ok
10:49:28.0035 0x044c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:49:28.0035 0x044c  AppIDSvc - ok
10:49:28.0082 0x044c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:49:28.0082 0x044c  Appinfo - ok
10:49:28.0113 0x044c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:49:28.0113 0x044c  arc - ok
10:49:28.0144 0x044c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:49:28.0144 0x044c  arcsas - ok
10:49:28.0254 0x044c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:49:28.0254 0x044c  aspnet_state - ok
10:49:28.0285 0x044c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:49:28.0285 0x044c  AsyncMac - ok
10:49:28.0300 0x044c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:49:28.0300 0x044c  atapi - ok
10:49:28.0378 0x044c  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:49:28.0456 0x044c  athr - ok
10:49:28.0519 0x044c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:49:28.0534 0x044c  AudioEndpointBuilder - ok
10:49:28.0550 0x044c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:49:28.0566 0x044c  AudioSrv - ok
10:49:28.0612 0x044c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:49:28.0612 0x044c  AxInstSV - ok
10:49:28.0659 0x044c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:49:28.0675 0x044c  b06bdrv - ok
10:49:28.0706 0x044c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:49:28.0706 0x044c  b57nd60a - ok
10:49:28.0753 0x044c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:49:28.0768 0x044c  BDESVC - ok
10:49:28.0784 0x044c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:49:28.0784 0x044c  Beep - ok
10:49:28.0846 0x044c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:49:28.0862 0x044c  BFE - ok
10:49:28.0940 0x044c  [ 9BF7ED72685E81BF8763B1585D40C57F, 69C463A4284A4AC8968F3D1690E4F1560486AB7D17A704F705D6A8896915A3B4 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
10:49:28.0940 0x044c  BingDesktopUpdate - ok
10:49:29.0002 0x044c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:49:29.0018 0x044c  BITS - ok
10:49:29.0065 0x044c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:49:29.0065 0x044c  blbdrive - ok
10:49:29.0127 0x044c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:49:29.0127 0x044c  bowser - ok
10:49:29.0143 0x044c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:49:29.0143 0x044c  BrFiltLo - ok
10:49:29.0158 0x044c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:49:29.0158 0x044c  BrFiltUp - ok
10:49:29.0190 0x044c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:49:29.0190 0x044c  Browser - ok
10:49:29.0205 0x044c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:49:29.0205 0x044c  Brserid - ok
10:49:29.0252 0x044c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:49:29.0252 0x044c  BrSerWdm - ok
10:49:29.0268 0x044c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:49:29.0268 0x044c  BrUsbMdm - ok
10:49:29.0268 0x044c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:49:29.0268 0x044c  BrUsbSer - ok
10:49:29.0283 0x044c  BTCFilterService - ok
10:49:29.0299 0x044c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:49:29.0299 0x044c  BTHMODEM - ok
10:49:29.0330 0x044c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:49:29.0346 0x044c  bthserv - ok
10:49:29.0361 0x044c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:49:29.0361 0x044c  cdfs - ok
10:49:29.0424 0x044c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:49:29.0424 0x044c  cdrom - ok
10:49:29.0470 0x044c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:49:29.0470 0x044c  CertPropSvc - ok
10:49:29.0502 0x044c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:49:29.0502 0x044c  circlass - ok
10:49:29.0548 0x044c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:49:29.0564 0x044c  CLFS - ok
10:49:29.0626 0x044c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:49:29.0626 0x044c  clr_optimization_v2.0.50727_32 - ok
10:49:29.0658 0x044c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:49:29.0658 0x044c  clr_optimization_v2.0.50727_64 - ok
10:49:29.0751 0x044c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:49:29.0751 0x044c  clr_optimization_v4.0.30319_32 - ok
10:49:29.0782 0x044c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:49:29.0782 0x044c  clr_optimization_v4.0.30319_64 - ok
10:49:29.0829 0x044c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:49:29.0829 0x044c  CmBatt - ok
10:49:29.0860 0x044c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:49:29.0860 0x044c  cmdide - ok
10:49:29.0907 0x044c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:49:29.0923 0x044c  CNG - ok
10:49:29.0938 0x044c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:49:29.0938 0x044c  Compbatt - ok
10:49:29.0985 0x044c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:49:29.0985 0x044c  CompositeBus - ok
10:49:30.0001 0x044c  COMSysApp - ok
10:49:30.0032 0x044c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:49:30.0032 0x044c  crcdisk - ok
10:49:30.0079 0x044c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:49:30.0079 0x044c  CryptSvc - ok
10:49:30.0141 0x044c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:49:30.0141 0x044c  DcomLaunch - ok
10:49:30.0204 0x044c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:49:30.0204 0x044c  defragsvc - ok
10:49:30.0250 0x044c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:49:30.0250 0x044c  DfsC - ok
10:49:30.0282 0x044c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:49:30.0297 0x044c  Dhcp - ok
10:49:30.0328 0x044c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:49:30.0328 0x044c  discache - ok
10:49:30.0360 0x044c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:49:30.0360 0x044c  Disk - ok
10:49:30.0391 0x044c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:49:30.0406 0x044c  Dnscache - ok
10:49:30.0438 0x044c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:49:30.0453 0x044c  dot3svc - ok
10:49:30.0484 0x044c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:49:30.0484 0x044c  DPS - ok
10:49:30.0531 0x044c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:49:30.0531 0x044c  drmkaud - ok
10:49:30.0578 0x044c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:49:30.0609 0x044c  DXGKrnl - ok
10:49:30.0656 0x044c  [ 416A2007878ED1D6FC5DDDB9E1F6DB3E, 2B8FE69BFCE48CFD25E0B9FEBA0F15EE144F3565B5D208509FCF548DD2CC4EF7 ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
10:49:30.0672 0x044c  e1express - ok
10:49:30.0718 0x044c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:49:30.0718 0x044c  EapHost - ok
10:49:30.0859 0x044c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:49:30.0937 0x044c  ebdrv - ok
10:49:30.0984 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:49:30.0984 0x044c  EFS - ok
10:49:31.0046 0x044c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:49:31.0062 0x044c  ehRecvr - ok
10:49:31.0108 0x044c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:49:31.0108 0x044c  ehSched - ok
10:49:31.0155 0x044c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:49:31.0171 0x044c  elxstor - ok
10:49:31.0202 0x044c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:49:31.0202 0x044c  ErrDev - ok
10:49:31.0264 0x044c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:49:31.0280 0x044c  EventSystem - ok
10:49:31.0327 0x044c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:49:31.0327 0x044c  exfat - ok
10:49:31.0342 0x044c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:49:31.0342 0x044c  fastfat - ok
10:49:31.0420 0x044c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:49:31.0436 0x044c  Fax - ok
10:49:31.0467 0x044c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:49:31.0467 0x044c  fdc - ok
10:49:31.0514 0x044c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:49:31.0514 0x044c  fdPHost - ok
10:49:31.0530 0x044c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:49:31.0530 0x044c  FDResPub - ok
10:49:31.0530 0x044c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:49:31.0530 0x044c  FileInfo - ok
10:49:31.0545 0x044c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:49:31.0545 0x044c  Filetrace - ok
10:49:31.0623 0x044c  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:49:31.0639 0x044c  FLEXnet Licensing Service - ok
10:49:31.0654 0x044c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:49:31.0654 0x044c  flpydisk - ok
10:49:31.0701 0x044c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:49:31.0717 0x044c  FltMgr - ok
10:49:31.0795 0x044c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:49:31.0826 0x044c  FontCache - ok
10:49:31.0873 0x044c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:49:31.0873 0x044c  FontCache3.0.0.0 - ok
10:49:31.0904 0x044c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:49:31.0904 0x044c  FsDepends - ok
10:49:31.0951 0x044c  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
10:49:31.0951 0x044c  fssfltr - ok
10:49:32.0013 0x044c  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:49:32.0044 0x044c  fsssvc - ok
10:49:32.0076 0x044c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:49:32.0076 0x044c  Fs_Rec - ok
10:49:32.0122 0x044c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:49:32.0122 0x044c  fvevol - ok
10:49:32.0154 0x044c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:49:32.0154 0x044c  gagp30kx - ok
10:49:32.0216 0x044c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:49:32.0232 0x044c  gpsvc - ok
10:49:32.0263 0x044c  [ 0636745A40DEA06283D45885C228AF01, 514EF6F912CB9BF552AE109739BC02A2BC46B4784C65BC3C0B03DB6F60BBF380 ] GUBootStartup   C:\Windows\System32\drivers\GUBootStartup.sys
10:49:32.0263 0x044c  GUBootStartup - ok
10:49:32.0294 0x044c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:49:32.0294 0x044c  hcw85cir - ok
10:49:32.0341 0x044c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:49:32.0356 0x044c  HdAudAddService - ok
10:49:32.0388 0x044c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:49:32.0403 0x044c  HDAudBus - ok
10:49:32.0419 0x044c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:49:32.0419 0x044c  HidBatt - ok
10:49:32.0434 0x044c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:49:32.0450 0x044c  HidBth - ok
10:49:32.0466 0x044c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:49:32.0466 0x044c  HidIr - ok
10:49:32.0497 0x044c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:49:32.0497 0x044c  hidserv - ok
10:49:32.0528 0x044c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:49:32.0528 0x044c  HidUsb - ok
10:49:32.0559 0x044c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:49:32.0559 0x044c  hkmsvc - ok
10:49:32.0590 0x044c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:49:32.0606 0x044c  HomeGroupListener - ok
10:49:32.0637 0x044c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:49:32.0653 0x044c  HomeGroupProvider - ok
10:49:32.0700 0x044c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:49:32.0700 0x044c  HpSAMD - ok
10:49:32.0746 0x044c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:49:32.0762 0x044c  HTTP - ok
10:49:32.0809 0x044c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:49:32.0809 0x044c  hwpolicy - ok
10:49:32.0856 0x044c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:49:32.0856 0x044c  i8042prt - ok
10:49:32.0902 0x044c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:49:32.0918 0x044c  iaStorV - ok
10:49:32.0996 0x044c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:49:33.0012 0x044c  idsvc - ok
10:49:33.0027 0x044c  IEEtwCollectorService - ok
10:49:33.0277 0x044c  [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:49:33.0480 0x044c  igfx - ok
10:49:33.0526 0x044c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:49:33.0526 0x044c  iirsp - ok
10:49:33.0589 0x044c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:49:33.0604 0x044c  IKEEXT - ok
10:49:33.0636 0x044c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:49:33.0636 0x044c  intelide - ok
10:49:33.0651 0x044c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:49:33.0667 0x044c  intelppm - ok
10:49:33.0698 0x044c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:49:33.0698 0x044c  IPBusEnum - ok
10:49:33.0745 0x044c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:49:33.0745 0x044c  IpFilterDriver - ok
10:49:33.0807 0x044c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:49:33.0807 0x044c  iphlpsvc - ok
10:49:33.0854 0x044c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:49:33.0854 0x044c  IPMIDRV - ok
10:49:33.0885 0x044c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:49:33.0901 0x044c  IPNAT - ok
10:49:33.0916 0x044c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:49:33.0916 0x044c  IRENUM - ok
10:49:33.0932 0x044c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:49:33.0932 0x044c  isapnp - ok
10:49:33.0963 0x044c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:49:33.0979 0x044c  iScsiPrt - ok
10:49:34.0026 0x044c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:49:34.0026 0x044c  kbdclass - ok
10:49:34.0072 0x044c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:49:34.0072 0x044c  kbdhid - ok
10:49:34.0072 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:49:34.0072 0x044c  KeyIso - ok
10:49:34.0119 0x044c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:49:34.0119 0x044c  KSecDD - ok
10:49:34.0150 0x044c  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:49:34.0150 0x044c  KSecPkg - ok
10:49:34.0197 0x044c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:49:34.0197 0x044c  ksthunk - ok
10:49:34.0244 0x044c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:49:34.0244 0x044c  KtmRm - ok
10:49:34.0291 0x044c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:49:34.0306 0x044c  LanmanServer - ok
10:49:34.0353 0x044c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:49:34.0353 0x044c  LanmanWorkstation - ok
10:49:34.0462 0x044c  [ F8C9AD91C1C8485B08101740C826EAF8, D40E51742FC46DD39EEA1D7BAA10D8F717672A3B3CE1C0138037774BFD49C82E ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
10:49:34.0478 0x044c  LavasoftAdAwareService11 - ok
10:49:34.0525 0x044c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:49:34.0525 0x044c  lltdio - ok
10:49:34.0572 0x044c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:49:34.0572 0x044c  lltdsvc - ok
10:49:34.0587 0x044c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:49:34.0603 0x044c  lmhosts - ok
10:49:34.0634 0x044c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:49:34.0634 0x044c  LSI_FC - ok
10:49:34.0650 0x044c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:49:34.0650 0x044c  LSI_SAS - ok
10:49:34.0665 0x044c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:49:34.0665 0x044c  LSI_SAS2 - ok
10:49:34.0681 0x044c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:49:34.0681 0x044c  LSI_SCSI - ok
10:49:34.0743 0x044c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:49:34.0743 0x044c  luafv - ok
10:49:34.0806 0x044c  [ A832517901EEF41C206D70FCEC89B275, 33D42BFDD88F4BD8B1639CC5105E814FF7167750566F5057555FFED6D5DD7754 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
10:49:34.0806 0x044c  LVRS64 - ok
10:49:34.0993 0x044c  [ 644E919936A8017B5F205E7FE7EDD19F, AE0BE09DF7192B2E8504DA8D65928C59C62635E0C8D08C6A4EB2A15D512E3E52 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
10:49:35.0164 0x044c  LVUVC64 - ok
10:49:35.0211 0x044c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:49:35.0211 0x044c  Mcx2Svc - ok
10:49:35.0242 0x044c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:49:35.0242 0x044c  megasas - ok
10:49:35.0274 0x044c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:49:35.0274 0x044c  MegaSR - ok
10:49:35.0336 0x044c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:49:35.0352 0x044c  MMCSS - ok
10:49:35.0367 0x044c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:49:35.0383 0x044c  Modem - ok
10:49:35.0430 0x044c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:49:35.0430 0x044c  monitor - ok
10:49:35.0445 0x044c  motccgp - ok
10:49:35.0445 0x044c  motccgpfl - ok
10:49:35.0461 0x044c  MotoSwitchService - ok
10:49:35.0461 0x044c  Motousbnet - ok
10:49:35.0461 0x044c  motusbdevice - ok
10:49:35.0492 0x044c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:49:35.0492 0x044c  mouclass - ok
10:49:35.0539 0x044c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:49:35.0539 0x044c  mouhid - ok
10:49:35.0586 0x044c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:49:35.0586 0x044c  mountmgr - ok
10:49:35.0617 0x044c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:49:35.0632 0x044c  MozillaMaintenance - ok
10:49:35.0679 0x044c  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:49:35.0679 0x044c  MpFilter - ok
10:49:35.0726 0x044c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:49:35.0726 0x044c  mpio - ok
10:49:35.0773 0x044c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:49:35.0773 0x044c  mpsdrv - ok
10:49:35.0835 0x044c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:49:35.0866 0x044c  MpsSvc - ok
10:49:35.0898 0x044c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:49:35.0898 0x044c  MRxDAV - ok
10:49:35.0944 0x044c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:49:35.0944 0x044c  mrxsmb - ok
10:49:35.0991 0x044c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:49:36.0007 0x044c  mrxsmb10 - ok
10:49:36.0022 0x044c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:49:36.0038 0x044c  mrxsmb20 - ok
10:49:36.0054 0x044c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:49:36.0069 0x044c  msahci - ok
10:49:36.0085 0x044c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:49:36.0085 0x044c  msdsm - ok
10:49:36.0116 0x044c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:49:36.0132 0x044c  MSDTC - ok
10:49:36.0178 0x044c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:49:36.0178 0x044c  Msfs - ok
10:49:36.0194 0x044c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:49:36.0194 0x044c  mshidkmdf - ok
10:49:36.0225 0x044c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:49:36.0225 0x044c  msisadrv - ok
10:49:36.0272 0x044c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:49:36.0272 0x044c  MSiSCSI - ok
10:49:36.0272 0x044c  msiserver - ok
10:49:36.0319 0x044c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:49:36.0319 0x044c  MSKSSRV - ok
10:49:36.0397 0x044c  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:49:36.0397 0x044c  MsMpSvc - ok
10:49:36.0412 0x044c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:49:36.0412 0x044c  MSPCLOCK - ok
10:49:36.0428 0x044c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:49:36.0428 0x044c  MSPQM - ok
10:49:36.0475 0x044c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:49:36.0475 0x044c  MsRPC - ok
10:49:36.0522 0x044c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:49:36.0522 0x044c  mssmbios - ok
10:49:36.0553 0x044c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:49:36.0553 0x044c  MSTEE - ok
10:49:36.0568 0x044c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:49:36.0568 0x044c  MTConfig - ok
10:49:36.0584 0x044c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:49:36.0584 0x044c  Mup - ok
10:49:36.0646 0x044c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:49:36.0662 0x044c  napagent - ok
10:49:36.0709 0x044c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:49:36.0709 0x044c  NativeWifiP - ok
10:49:36.0787 0x044c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:49:36.0802 0x044c  NDIS - ok
10:49:36.0849 0x044c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:49:36.0849 0x044c  NdisCap - ok
10:49:36.0865 0x044c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:49:36.0865 0x044c  NdisTapi - ok
10:49:36.0927 0x044c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:49:36.0927 0x044c  Ndisuio - ok
10:49:36.0958 0x044c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:49:36.0974 0x044c  NdisWan - ok
10:49:36.0990 0x044c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:49:37.0005 0x044c  NDProxy - ok
10:49:37.0036 0x044c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:49:37.0036 0x044c  NetBIOS - ok
10:49:37.0083 0x044c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:49:37.0083 0x044c  NetBT - ok
10:49:37.0099 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:49:37.0099 0x044c  Netlogon - ok
10:49:37.0146 0x044c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:49:37.0161 0x044c  Netman - ok
10:49:37.0208 0x044c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:37.0208 0x044c  NetMsmqActivator - ok
10:49:37.0208 0x044c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:37.0208 0x044c  NetPipeActivator - ok
10:49:37.0239 0x044c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:49:37.0255 0x044c  netprofm - ok
10:49:37.0270 0x044c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:37.0286 0x044c  NetTcpActivator - ok
10:49:37.0286 0x044c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:37.0286 0x044c  NetTcpPortSharing - ok
10:49:37.0348 0x044c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:49:37.0348 0x044c  nfrd960 - ok
10:49:37.0395 0x044c  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:49:37.0395 0x044c  NisDrv - ok
10:49:37.0458 0x044c  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:49:37.0458 0x044c  NisSrv - ok
10:49:37.0489 0x044c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:49:37.0489 0x044c  NlaSvc - ok
10:49:37.0504 0x044c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:49:37.0504 0x044c  Npfs - ok
10:49:37.0536 0x044c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:49:37.0536 0x044c  nsi - ok
10:49:37.0582 0x044c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:49:37.0582 0x044c  nsiproxy - ok
10:49:37.0660 0x044c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:49:37.0707 0x044c  Ntfs - ok
10:49:37.0723 0x044c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:49:37.0723 0x044c  Null - ok
10:49:37.0754 0x044c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:49:37.0754 0x044c  nvraid - ok
10:49:37.0785 0x044c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:49:37.0801 0x044c  nvstor - ok
10:49:37.0816 0x044c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:49:37.0816 0x044c  nv_agp - ok
10:49:37.0832 0x044c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:49:37.0848 0x044c  ohci1394 - ok
10:49:37.0879 0x044c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:49:37.0894 0x044c  p2pimsvc - ok
10:49:37.0926 0x044c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:49:37.0941 0x044c  p2psvc - ok
10:49:37.0972 0x044c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:49:37.0988 0x044c  Parport - ok
10:49:38.0019 0x044c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:49:38.0019 0x044c  partmgr - ok
10:49:38.0050 0x044c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:49:38.0050 0x044c  PcaSvc - ok
10:49:38.0097 0x044c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:49:38.0097 0x044c  pci - ok
10:49:38.0128 0x044c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:49:38.0128 0x044c  pciide - ok
10:49:38.0160 0x044c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:49:38.0160 0x044c  pcmcia - ok
10:49:38.0175 0x044c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:49:38.0175 0x044c  pcw - ok
10:49:38.0222 0x044c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:49:38.0238 0x044c  PEAUTH - ok
10:49:38.0300 0x044c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:49:38.0300 0x044c  PerfHost - ok
10:49:38.0394 0x044c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:49:38.0425 0x044c  pla - ok
10:49:38.0487 0x044c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:49:38.0503 0x044c  PlugPlay - ok
10:49:38.0534 0x044c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:49:38.0534 0x044c  PNRPAutoReg - ok
10:49:38.0565 0x044c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:49:38.0565 0x044c  PNRPsvc - ok
10:49:38.0612 0x044c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:49:38.0628 0x044c  PolicyAgent - ok
10:49:38.0674 0x044c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:49:38.0674 0x044c  Power - ok
10:49:38.0721 0x044c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:49:38.0721 0x044c  PptpMiniport - ok
10:49:38.0752 0x044c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:49:38.0752 0x044c  Processor - ok
10:49:38.0815 0x044c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:49:38.0830 0x044c  ProfSvc - ok
10:49:38.0830 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:49:38.0830 0x044c  ProtectedStorage - ok
10:49:38.0877 0x044c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:49:38.0893 0x044c  Psched - ok
10:49:38.0924 0x044c  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
10:49:38.0924 0x044c  PxHlpa64 - ok
10:49:39.0002 0x044c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:49:39.0033 0x044c  ql2300 - ok
10:49:39.0080 0x044c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:49:39.0080 0x044c  ql40xx - ok
10:49:39.0111 0x044c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:49:39.0127 0x044c  QWAVE - ok
10:49:39.0142 0x044c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:49:39.0142 0x044c  QWAVEdrv - ok
10:49:39.0158 0x044c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:49:39.0158 0x044c  RasAcd - ok
10:49:39.0205 0x044c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:49:39.0205 0x044c  RasAgileVpn - ok
10:49:39.0220 0x044c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:49:39.0236 0x044c  RasAuto - ok
10:49:39.0267 0x044c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:49:39.0267 0x044c  Rasl2tp - ok
10:49:39.0298 0x044c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:49:39.0314 0x044c  RasMan - ok
10:49:39.0345 0x044c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:49:39.0361 0x044c  RasPppoe - ok
10:49:39.0392 0x044c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:49:39.0392 0x044c  RasSstp - ok
10:49:39.0439 0x044c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:49:39.0439 0x044c  rdbss - ok
10:49:39.0454 0x044c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:49:39.0454 0x044c  rdpbus - ok
10:49:39.0470 0x044c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:49:39.0470 0x044c  RDPCDD - ok
10:49:39.0501 0x044c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:49:39.0501 0x044c  RDPENCDD - ok
10:49:39.0517 0x044c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:49:39.0517 0x044c  RDPREFMP - ok
10:49:39.0579 0x044c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:49:39.0595 0x044c  RdpVideoMiniport - ok
10:49:39.0626 0x044c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:49:39.0626 0x044c  RDPWD - ok
10:49:39.0673 0x044c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:49:39.0688 0x044c  rdyboost - ok
10:49:39.0720 0x044c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:49:39.0720 0x044c  RemoteAccess - ok
10:49:39.0751 0x044c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:49:39.0766 0x044c  RemoteRegistry - ok
10:49:39.0813 0x044c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:49:39.0813 0x044c  RpcEptMapper - ok
10:49:39.0844 0x044c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:49:39.0844 0x044c  RpcLocator - ok
10:49:39.0891 0x044c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:49:39.0907 0x044c  RpcSs - ok
10:49:39.0954 0x044c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:49:39.0954 0x044c  rspndr - ok
10:49:40.0000 0x044c  [ A332DB1DAC07E95667A57AAEEC236C37, A8BDDBD017442F070DA1DDAF45379EDEEC5DD4681169CA348300AF513F89F24B ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
10:49:40.0016 0x044c  RTL8192su - ok
10:49:40.0063 0x044c  [ 9269EF78A780A3161087DF1BEC117DC8, 4DABD74C2918213147B81FC5C26B2140D4FED0D8F741388A14393AD47D293632 ] RTL85n64        C:\Windows\system32\DRIVERS\RTL85n64.sys
10:49:40.0078 0x044c  RTL85n64 - ok
10:49:40.0094 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:49:40.0094 0x044c  SamSs - ok
10:49:40.0125 0x044c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:49:40.0125 0x044c  sbp2port - ok
10:49:40.0156 0x044c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:49:40.0172 0x044c  SCardSvr - ok
10:49:40.0203 0x044c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:49:40.0203 0x044c  scfilter - ok
10:49:40.0266 0x044c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:49:40.0297 0x044c  Schedule - ok
10:49:40.0328 0x044c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:49:40.0328 0x044c  SCPolicySvc - ok
10:49:40.0359 0x044c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:49:40.0359 0x044c  SDRSVC - ok
10:49:40.0406 0x044c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:49:40.0406 0x044c  secdrv - ok
10:49:40.0422 0x044c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:49:40.0422 0x044c  seclogon - ok
10:49:40.0468 0x044c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:49:40.0468 0x044c  SENS - ok
10:49:40.0484 0x044c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:49:40.0484 0x044c  SensrSvc - ok
10:49:40.0500 0x044c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:49:40.0500 0x044c  Serenum - ok
10:49:40.0531 0x044c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:49:40.0531 0x044c  Serial - ok
10:49:40.0562 0x044c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:49:40.0562 0x044c  sermouse - ok
10:49:40.0609 0x044c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:49:40.0609 0x044c  SessionEnv - ok
10:49:40.0624 0x044c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:49:40.0624 0x044c  sffdisk - ok
10:49:40.0640 0x044c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:49:40.0640 0x044c  sffp_mmc - ok
10:49:40.0640 0x044c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:49:40.0640 0x044c  sffp_sd - ok
10:49:40.0671 0x044c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:49:40.0671 0x044c  sfloppy - ok
10:49:40.0718 0x044c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:49:40.0718 0x044c  SharedAccess - ok
10:49:40.0749 0x044c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:49:40.0765 0x044c  ShellHWDetection - ok
10:49:40.0780 0x044c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:49:40.0780 0x044c  SiSRaid2 - ok
10:49:40.0796 0x044c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:49:40.0812 0x044c  SiSRaid4 - ok
10:49:40.0843 0x044c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:49:40.0843 0x044c  Smb - ok
10:49:40.0874 0x044c  SMUpdd - ok
10:49:40.0905 0x044c  [ CA62AE004E98374BF7F082CD765EEA02, A53243F4B9D798802CD6673EA9D7DC245F26A2216172DAD53547B9BC4D5DBA77 ] SNMP            C:\Windows\System32\snmp.exe
10:49:40.0905 0x044c  SNMP - ok
10:49:40.0952 0x044c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:49:40.0968 0x044c  SNMPTRAP - ok
10:49:40.0999 0x044c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:49:40.0999 0x044c  spldr - ok
10:49:41.0046 0x044c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:49:41.0061 0x044c  Spooler - ok
10:49:41.0217 0x044c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:49:41.0295 0x044c  sppsvc - ok
10:49:41.0342 0x044c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:49:41.0342 0x044c  sppuinotify - ok
10:49:41.0389 0x044c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:49:41.0404 0x044c  srv - ok
10:49:41.0436 0x044c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:49:41.0451 0x044c  srv2 - ok
10:49:41.0451 0x044c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:49:41.0467 0x044c  srvnet - ok
10:49:41.0514 0x044c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:49:41.0514 0x044c  SSDPSRV - ok
10:49:41.0529 0x044c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:49:41.0529 0x044c  SstpSvc - ok
10:49:41.0576 0x044c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:49:41.0576 0x044c  stexstor - ok
10:49:41.0638 0x044c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:49:41.0654 0x044c  stisvc - ok
10:49:41.0685 0x044c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:49:41.0685 0x044c  swenum - ok
10:49:41.0748 0x044c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:49:41.0763 0x044c  swprv - ok
10:49:41.0841 0x044c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:49:41.0888 0x044c  SysMain - ok
10:49:41.0919 0x044c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:49:41.0935 0x044c  TabletInputService - ok
10:49:41.0950 0x044c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:49:41.0966 0x044c  TapiSrv - ok
10:49:41.0982 0x044c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:49:41.0997 0x044c  TBS - ok
10:49:42.0106 0x044c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:49:42.0153 0x044c  Tcpip - ok
10:49:42.0216 0x044c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:49:42.0247 0x044c  TCPIP6 - ok
10:49:42.0278 0x044c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:49:42.0294 0x044c  tcpipreg - ok
10:49:42.0309 0x044c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:49:42.0309 0x044c  TDPIPE - ok
10:49:42.0340 0x044c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:49:42.0340 0x044c  TDTCP - ok
10:49:42.0403 0x044c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:49:42.0403 0x044c  tdx - ok
10:49:42.0434 0x044c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:49:42.0434 0x044c  TermDD - ok
10:49:42.0481 0x044c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:49:42.0496 0x044c  TermService - ok
10:49:42.0543 0x044c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:49:42.0543 0x044c  Themes - ok
10:49:42.0574 0x044c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:49:42.0574 0x044c  THREADORDER - ok
10:49:42.0637 0x044c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
10:49:42.0637 0x044c  TPM - ok
10:49:42.0668 0x044c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:49:42.0668 0x044c  TrkWks - ok
10:49:42.0715 0x044c  [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] Trufos          C:\Windows\system32\DRIVERS\Trufos.sys
10:49:42.0730 0x044c  Trufos - ok
10:49:42.0793 0x044c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:49:42.0793 0x044c  TrustedInstaller - ok
10:49:42.0840 0x044c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:49:42.0840 0x044c  tssecsrv - ok
10:49:42.0886 0x044c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:49:42.0886 0x044c  TsUsbFlt - ok
10:49:42.0933 0x044c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:49:42.0949 0x044c  tunnel - ok
10:49:42.0980 0x044c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:49:42.0980 0x044c  uagp35 - ok
10:49:43.0027 0x044c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:49:43.0027 0x044c  udfs - ok
10:49:43.0058 0x044c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:49:43.0058 0x044c  UI0Detect - ok
10:49:43.0089 0x044c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:49:43.0089 0x044c  uliagpkx - ok
10:49:43.0120 0x044c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:49:43.0120 0x044c  umbus - ok
10:49:43.0136 0x044c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:49:43.0136 0x044c  UmPass - ok
10:49:43.0214 0x044c  [ AEBE8F338432F9DE5AE0CAE4D4BAED76, A11DE1BAEF6E0D30B8801C0AEC589F0DA6FEC5E010BD6A18584D96E0AF9243B8 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:49:43.0230 0x044c  UMVPFSrv - ok
10:49:43.0276 0x044c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:49:43.0276 0x044c  upnphost - ok
10:49:43.0308 0x044c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:49:43.0323 0x044c  usbaudio - ok
10:49:43.0339 0x044c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
10:49:43.0339 0x044c  usbccgp - ok
10:49:43.0386 0x044c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:49:43.0386 0x044c  usbcir - ok
10:49:43.0417 0x044c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:49:43.0417 0x044c  usbehci - ok
10:49:43.0448 0x044c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:49:43.0464 0x044c  usbhub - ok
10:49:43.0479 0x044c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:49:43.0479 0x044c  usbohci - ok
10:49:43.0510 0x044c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:49:43.0510 0x044c  usbprint - ok
10:49:43.0542 0x044c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:49:43.0542 0x044c  USBSTOR - ok
10:49:43.0557 0x044c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:49:43.0557 0x044c  usbuhci - ok
10:49:43.0588 0x044c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:49:43.0588 0x044c  usbvideo - ok
10:49:43.0620 0x044c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:49:43.0620 0x044c  UxSms - ok
10:49:43.0635 0x044c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:49:43.0635 0x044c  VaultSvc - ok
10:49:43.0682 0x044c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:49:43.0682 0x044c  vdrvroot - ok
10:49:43.0744 0x044c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:49:43.0760 0x044c  vds - ok
10:49:43.0807 0x044c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:49:43.0807 0x044c  vga - ok
10:49:43.0822 0x044c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:49:43.0822 0x044c  VgaSave - ok
10:49:43.0854 0x044c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:49:43.0854 0x044c  vhdmp - ok
10:49:43.0885 0x044c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:49:43.0885 0x044c  viaide - ok
10:49:43.0900 0x044c  vNICdrv - ok
10:49:43.0916 0x044c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:49:43.0916 0x044c  volmgr - ok
10:49:43.0963 0x044c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:49:43.0978 0x044c  volmgrx - ok
10:49:44.0025 0x044c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:49:44.0025 0x044c  volsnap - ok
10:49:44.0056 0x044c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:49:44.0072 0x044c  vsmraid - ok
10:49:44.0150 0x044c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:49:44.0197 0x044c  VSS - ok
10:49:44.0212 0x044c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:49:44.0212 0x044c  vwifibus - ok
10:49:44.0259 0x044c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:49:44.0259 0x044c  vwififlt - ok
10:49:44.0306 0x044c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:49:44.0306 0x044c  W32Time - ok
10:49:44.0415 0x044c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
10:49:44.0415 0x044c  W3SVC - ok
10:49:44.0446 0x044c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:49:44.0446 0x044c  WacomPen - ok
10:49:44.0509 0x044c  [ 7914A30A3849306FAE9F5DD9C3615F18, 8E36D09630E617EE08EB85801F77D92DFF27C16E224D427F4A0BAF3619C1353C ] WAEMU           C:\Windows\system32\Drivers\waemu.sys
10:49:44.0509 0x044c  WAEMU - ok
10:49:44.0556 0x044c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:49:44.0571 0x044c  WANARP - ok
10:49:44.0571 0x044c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:49:44.0571 0x044c  Wanarpv6 - ok
10:49:44.0618 0x044c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
10:49:44.0634 0x044c  WAS - ok
10:49:44.0712 0x044c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:49:44.0743 0x044c  WatAdminSvc - ok
10:49:44.0821 0x044c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:49:44.0852 0x044c  wbengine - ok
10:49:44.0899 0x044c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:49:44.0914 0x044c  WbioSrvc - ok
10:49:44.0946 0x044c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:49:44.0961 0x044c  wcncsvc - ok
10:49:44.0977 0x044c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:49:44.0977 0x044c  WcsPlugInService - ok
10:49:45.0008 0x044c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:49:45.0008 0x044c  Wd - ok
10:49:45.0070 0x044c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:49:45.0086 0x044c  Wdf01000 - ok
10:49:45.0148 0x044c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:49:45.0148 0x044c  WdiServiceHost - ok
10:49:45.0148 0x044c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:49:45.0164 0x044c  WdiSystemHost - ok
10:49:45.0195 0x044c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:49:45.0211 0x044c  WebClient - ok
10:49:45.0226 0x044c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:49:45.0226 0x044c  Wecsvc - ok
10:49:45.0258 0x044c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:49:45.0258 0x044c  wercplsupport - ok
10:49:45.0289 0x044c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:49:45.0289 0x044c  WerSvc - ok
10:49:45.0336 0x044c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:49:45.0336 0x044c  WfpLwf - ok
10:49:45.0351 0x044c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:49:45.0351 0x044c  WIMMount - ok
10:49:45.0429 0x044c  [ B3807A0DE248DD0DA77A1F6BAAC851FB, 92EC03530D5853839965F555C51D274C3D0F92C1620186E9033850E2E174656B ] WinArchiver Service C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe
10:49:45.0429 0x044c  WinArchiver Service - ok
10:49:45.0476 0x044c  WinDefend - ok
10:49:45.0476 0x044c  WinHttpAutoProxySvc - ok
10:49:45.0554 0x044c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:49:45.0554 0x044c  Winmgmt - ok
10:49:45.0648 0x044c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:49:45.0710 0x044c  WinRM - ok
10:49:45.0772 0x044c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:49:45.0772 0x044c  WinUsb - ok
10:49:45.0835 0x044c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:49:45.0850 0x044c  Wlansvc - ok
10:49:45.0913 0x044c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:49:45.0913 0x044c  wlcrasvc - ok
10:49:46.0038 0x044c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:49:46.0084 0x044c  wlidsvc - ok
10:49:46.0116 0x044c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:49:46.0116 0x044c  WmiAcpi - ok
10:49:46.0147 0x044c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:49:46.0162 0x044c  wmiApSrv - ok
10:49:46.0194 0x044c  WMPNetworkSvc - ok
10:49:46.0225 0x044c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:49:46.0225 0x044c  WPCSvc - ok
10:49:46.0256 0x044c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:49:46.0272 0x044c  WPDBusEnum - ok
10:49:46.0303 0x044c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:49:46.0303 0x044c  ws2ifsl - ok
10:49:46.0318 0x044c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:49:46.0334 0x044c  wscsvc - ok
10:49:46.0334 0x044c  WSearch - ok
10:49:46.0443 0x044c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:49:46.0506 0x044c  wuauserv - ok
10:49:46.0552 0x044c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:49:46.0552 0x044c  WudfPf - ok
10:49:46.0584 0x044c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:49:46.0599 0x044c  WUDFRd - ok
10:49:46.0615 0x044c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:49:46.0615 0x044c  wudfsvc - ok
10:49:46.0646 0x044c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:49:46.0662 0x044c  WwanSvc - ok
10:49:46.0677 0x044c  ================ Scan global ===============================
10:49:46.0724 0x044c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:49:46.0755 0x044c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:49:46.0771 0x044c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:49:46.0818 0x044c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:49:46.0849 0x044c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:49:46.0864 0x044c  [ Global ] - ok
10:49:46.0864 0x044c  ================ Scan MBR ==================================
10:49:46.0864 0x044c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:49:47.0020 0x044c  \Device\Harddisk0\DR0 - ok
10:49:47.0020 0x044c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:49:47.0036 0x044c  \Device\Harddisk1\DR1 - ok
10:49:47.0036 0x044c  ================ Scan VBR ==================================
10:49:47.0036 0x044c  [ 29D630A0C2D7FCFC830B4B17BEA5F352 ] \Device\Harddisk0\DR0\Partition1
10:49:47.0036 0x044c  \Device\Harddisk0\DR0\Partition1 - ok
10:49:47.0036 0x044c  [ 5778825C946737D62FE8A939380C1176 ] \Device\Harddisk0\DR0\Partition2
10:49:47.0036 0x044c  \Device\Harddisk0\DR0\Partition2 - ok
10:49:47.0036 0x044c  [ 431C8C439F86D70AE5C30AA9BA0C5FE6 ] \Device\Harddisk1\DR1\Partition1
10:49:47.0036 0x044c  \Device\Harddisk1\DR1\Partition1 - ok
10:49:47.0036 0x044c  ================ Scan generic autorun ======================
10:49:47.0083 0x044c  [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
10:49:47.0083 0x044c  IgfxTray - ok
10:49:47.0114 0x044c  [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
10:49:47.0114 0x044c  HotKeysCmds - ok
10:49:47.0130 0x044c  [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
10:49:47.0145 0x044c  Persistence - ok
10:49:47.0239 0x044c  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:49:47.0270 0x044c  MSC - ok
10:49:47.0379 0x044c  [ 6DCFADDA4F2A6D3396D13F0554D672E8, 5BF61DB1B2BED27A286865C4564B6827D57C753A4E401C59D38B1279D84C6152 ] C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
10:49:47.0395 0x044c  fssui - ok
10:49:47.0535 0x044c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:49:47.0551 0x044c  AdobeAAMUpdater-1.0 - ok
10:49:47.0676 0x044c  [ 30EE672AD2C53BFB7DD4BE6993B07C71, 5FB6B5B71AFF14E22460C4C6CA75830736222B74D200E413E05F0CACDE2C44CF ] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
10:49:47.0722 0x044c  BingDesktop - ok
10:49:47.0800 0x044c  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:49:47.0816 0x044c  Adobe ARM - ok
10:49:47.0894 0x044c  [ D1A7A7D193A0DDBF31F53610DBA05CAC, 9A122D90081C7AE4A58D409BF6FB128AC828E31E50476590F6850F42AA93CB0C ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
10:49:47.0910 0x044c  Ad-Aware Browsing Protection - ok
10:49:48.0003 0x044c  [ 35FD33EAE23AF69715EE3231A9F15B82, C7351F3537F4B938E4E8A8A8DD59039298F9B09678A4BC09B2A362DC4B25E2C0 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
10:49:48.0003 0x044c  Adobe Acrobat Speed Launcher - ok
10:49:48.0066 0x044c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:48.0097 0x044c  Sidebar - ok
10:49:48.0128 0x044c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:48.0128 0x044c  mctadmin - ok
10:49:48.0159 0x044c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:48.0190 0x044c  Sidebar - ok
10:49:48.0190 0x044c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:48.0190 0x044c  mctadmin - ok
10:49:48.0331 0x044c  [ 0DF3D43C5FE1495BEB3B6739379EF2B9, 44393AF83BC77C61E025FEF7143563018346F94CEAEE4FAEF9A8240AD0AB7F1F ] C:\Users\Shea\AppData\Roaming\uTorrent\uTorrent.exe
10:49:48.0362 0x044c  uTorrent - ok
10:49:48.0409 0x044c  [ 2B4CA1BB68298F178B934F469E278370, 63C29FCD9159BD250B6C6620C1ECFAD1AE70A71B80E1A67D6D9C54B47DA91410 ] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
10:49:48.0409 0x044c  GUDelayStartup - ok
10:49:48.0424 0x044c  [ A42F7EB6143777340CFCF82BAF577B8B, 0F4618217FB4348BCB3AD41E1914EF06EDD880CB575FE06907316D10E01383B6 ] C:\Program Files (x86)\Glary Utilities 5\memdefrag.exe
10:49:48.0440 0x044c  Glary Memory Optimizer - ok
10:49:48.0487 0x044c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:48.0502 0x044c  Sidebar - ok
10:49:48.0534 0x044c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:48.0534 0x044c  mctadmin - ok
10:49:48.0565 0x044c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:48.0580 0x044c  Sidebar - ok
10:49:48.0596 0x044c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:48.0596 0x044c  mctadmin - ok
10:49:48.0612 0x044c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:49:48.0643 0x044c  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareSecurityCenter.exe ( 11.4.6792.0 ), 0x40010 ( disabled : outofdate )
10:49:48.0643 0x044c  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareSecurityCenter.exe ( 11.4.6792.0 ), 0x40010 ( disabled )
10:49:48.0658 0x044c  Win FW state via NFP2: disabled
10:49:48.0658 0x044c  ============================================================
10:49:48.0658 0x044c  Scan finished
10:49:48.0658 0x044c  ============================================================
10:49:48.0674 0x0f20  Detected object count: 0
10:49:48.0674 0x0f20  Actual detected object count: 0


#13 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:27 PM

# AdwCleaner v4.101 - Report created 19/11/2014 at 10:51:47
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danny - ANVIL
# Running from : C:\Users\Danny\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : SMUpdd
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\searchplugins\bingp.xml
File Found : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Found : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Found : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\Toolbar Cleaner
Folder Found : C:\Program Files (x86)\YouTube Accelerator
Folder Found : C:\SearchProtect
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Danny\AppData\LocalLow\adawaretb
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\Public\Documents\Goobzo
Folder Found : C:\Users\Shea\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Shea\AppData\Local\CrashRpt
Folder Found : C:\Users\Shea\AppData\Local\torch
Folder Found : C:\Users\Shea\AppData\LocalLow\adawaretb
Folder Found : C:\Users\Shea\AppData\LocalLow\Goobzo
Folder Found : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\Extensions\qjmlrssi@lcjbhzapv.net
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\adawaretb
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
 
-\\ Google Chrome v36.0.1985.125
 
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
 
-\\ Opera v25.0.1614.50
 
 
*************************
 
AdwCleaner[R0].txt - [5524 octets] - [19/11/2014 10:51:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5584 octets] ##########

# AdwCleaner v4.101 - Report created 19/11/2014 at 10:55:52
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danny - ANVIL
# Running from : C:\Users\Danny\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : SMUpdd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Danny\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Shea\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Shea\AppData\Local\torch
Folder Deleted : C:\Users\Shea\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Shea\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Shea\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\Extensions\qjmlrssi@lcjbhzapv.net
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
File Deleted : C:\END
File Deleted : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\searchplugins\bingp.xml
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\adawaretb
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
 
-\\ Google Chrome v36.0.1985.125
 
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
 
-\\ Opera v25.0.1614.50
 
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [5680 octets] - [19/11/2014 10:51:47]
AdwCleaner[S0].txt - [6285 octets] - [19/11/2014 10:55:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6345 octets] ##########


#14 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:30 PM

# AdwCleaner v4.101 - Report created 19/11/2014 at 10:55:52
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danny - ANVIL
# Running from : C:\Users\Danny\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : SMUpdd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Danny\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Shea\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Shea\AppData\Local\torch
Folder Deleted : C:\Users\Shea\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Shea\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Shea\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\Extensions\qjmlrssi@lcjbhzapv.net
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmakeoenkoiakakapdkljkgeochnjlnp
File Deleted : C:\END
File Deleted : C:\Users\Shea\AppData\Roaming\Mozilla\Firefox\Profiles\2q13fd1m.default\searchplugins\bingp.xml
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Shea\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\adawaretb
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
 
-\\ Google Chrome v36.0.1985.125
 
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
 
-\\ Opera v25.0.1614.50
 
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Shea\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [5680 octets] - [19/11/2014 10:51:47]
AdwCleaner[S0].txt - [6285 octets] - [19/11/2014 10:55:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6345 octets] ##########


#15 SheaReinke

SheaReinke
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:43 PM

Posted 19 November 2014 - 02:31 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Danny on Wed 11/19/2014 at 11:01:40.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ad-aware browsing protection
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\Users\Danny\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{26FC6292-F435-4C85-B384-488C09C2CF8B}
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{48646B27-5100-4505-B12D-2E5B0138E35C}
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{7719939E-82F0-4E74-B763-9AFF19309DDA}
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{8F0C62F2-04A4-4317-AF97-14FD85E219A3}
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{DCE6A870-FC28-40E8-8E3F-474EBBAF7209}
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{DD936217-3C6F-4CA3-9634-7DE2D4DAED7C}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/19/2014 at 11:05:29.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users