Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malicious sites blocked


  • This topic is locked This topic is locked
16 replies to this topic

#1 Needsomehelp567

Needsomehelp567

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 24 November 2014 - 04:05 AM

Hi,

After instaling malwarebytes pro, it keeps popping up saying a malicious site has been blocked coming from windows/system32/svchost.exe

Any help would be appreciated. I am using windows 7. It is trying to connect to an IP associated with babyslutsnil.com and after reading this is associated with cryptolocker so I am a bit worried.

I have webroot secure and malwarebytes pro, I have run full scans with both etc.

Thanks


Edited by Needsomehelp567, 24 November 2014 - 06:16 AM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 24 November 2014 - 07:39 PM

Welcome aboard p22002758.gif

 

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 26 November 2014 - 04:34 AM

Hi there, thank you for your response.

I ran that and it found nothing here is the log:

 

09:30:41.0964 0x1a40  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
09:30:56.0557 0x1a40  ============================================================
09:30:56.0557 0x1a40  Current date / time: 2014/11/26 09:30:56.0557
09:30:56.0557 0x1a40  SystemInfo:
09:30:56.0557 0x1a40  
09:30:56.0557 0x1a40  OS Version: 6.1.7601 ServicePack: 1.0
09:30:56.0557 0x1a40  Product type: Workstation
09:30:56.0557 0x1a40  ComputerName: DAN-LAPTOP2
09:30:56.0557 0x1a40  UserName: Dan
09:30:56.0557 0x1a40  Windows directory: C:\Windows
09:30:56.0557 0x1a40  System windows directory: C:\Windows
09:30:56.0557 0x1a40  Running under WOW64
09:30:56.0557 0x1a40  Processor architecture: Intel x64
09:30:56.0557 0x1a40  Number of processors: 8
09:30:56.0557 0x1a40  Page size: 0x1000
09:30:56.0557 0x1a40  Boot type: Normal boot
09:30:56.0557 0x1a40  ============================================================
09:30:59.0262 0x1a40  KLMD registered as C:\Windows\system32\drivers\89012657.sys
09:30:59.0497 0x1a40  System UUID: {0749F962-1226-79EC-1DE2-2985EC245CEF}
09:30:59.0938 0x1a40  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:30:59.0943 0x1a40  ============================================================
09:30:59.0943 0x1a40  \Device\Harddisk0\DR0:
09:30:59.0943 0x1a40  MBR partitions:
09:30:59.0943 0x1a40  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBB8800, BlocksNum 0x73B4D800
09:30:59.0943 0x1a40  ============================================================
09:30:59.0971 0x1a40  C: <-> \Device\Harddisk0\DR0\Partition1
09:30:59.0971 0x1a40  ============================================================
09:30:59.0971 0x1a40  Initialize success
09:30:59.0971 0x1a40  ============================================================
09:31:04.0847 0x1b80  ============================================================
09:31:04.0847 0x1b80  Scan started
09:31:04.0847 0x1b80  Mode: Manual;
09:31:04.0847 0x1b80  ============================================================
09:31:04.0847 0x1b80  KSN ping started
09:31:07.0621 0x1b80  KSN ping finished: true
09:31:08.0829 0x1b80  ================ Scan system memory ========================
09:31:08.0829 0x1b80  System memory - ok
09:31:08.0829 0x1b80  ================ Scan services =============================
09:31:08.0942 0x1b80  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:31:08.0946 0x1b80  1394ohci - ok
09:31:08.0971 0x1b80  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:31:08.0977 0x1b80  ACPI - ok
09:31:08.0994 0x1b80  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:31:08.0995 0x1b80  AcpiPmi - ok
09:31:09.0081 0x1b80  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:31:09.0082 0x1b80  AdobeARMservice - ok
09:31:09.0159 0x1b80  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:31:09.0162 0x1b80  AdobeFlashPlayerUpdateSvc - ok
09:31:09.0192 0x1b80  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:31:09.0200 0x1b80  adp94xx - ok
09:31:09.0228 0x1b80  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:31:09.0234 0x1b80  adpahci - ok
09:31:09.0250 0x1b80  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:31:09.0253 0x1b80  adpu320 - ok
09:31:09.0283 0x1b80  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:31:09.0284 0x1b80  AeLookupSvc - ok
09:31:09.0314 0x1b80  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
09:31:09.0322 0x1b80  AFD - ok
09:31:09.0345 0x1b80  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:31:09.0347 0x1b80  agp440 - ok
09:31:09.0362 0x1b80  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:31:09.0364 0x1b80  ALG - ok
09:31:09.0387 0x1b80  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:31:09.0388 0x1b80  aliide - ok
09:31:09.0401 0x1b80  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:31:09.0402 0x1b80  amdide - ok
09:31:09.0414 0x1b80  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:31:09.0416 0x1b80  AmdK8 - ok
09:31:09.0432 0x1b80  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:31:09.0433 0x1b80  AmdPPM - ok
09:31:09.0450 0x1b80  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:31:09.0453 0x1b80  amdsata - ok
09:31:09.0468 0x1b80  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:31:09.0472 0x1b80  amdsbs - ok
09:31:09.0479 0x1b80  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:31:09.0480 0x1b80  amdxata - ok
09:31:09.0498 0x1b80  [ D86564B66FB10C73C13F40F7D8E40FE6, 5D31327759436446AC63A385B2BD1A4759D180A855941AE42245C5769724FBED ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
09:31:09.0500 0x1b80  AMPPAL - ok
09:31:09.0513 0x1b80  [ D86564B66FB10C73C13F40F7D8E40FE6, 5D31327759436446AC63A385B2BD1A4759D180A855941AE42245C5769724FBED ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
09:31:09.0515 0x1b80  AMPPALP - ok
09:31:09.0566 0x1b80  [ 9BE647AB104153BD0053EB4A48F50B31, 06BE3CA2C3F0D675DC3802BE8D12511495553EA1FB8118427998F5D2EDA550C7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
09:31:09.0575 0x1b80  AMPPALR3 - ok
09:31:09.0604 0x1b80  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
09:31:09.0606 0x1b80  AppID - ok
09:31:09.0630 0x1b80  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:31:09.0631 0x1b80  AppIDSvc - ok
09:31:09.0651 0x1b80  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:31:09.0652 0x1b80  Appinfo - ok
09:31:09.0711 0x1b80  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:31:09.0712 0x1b80  Apple Mobile Device - ok
09:31:09.0739 0x1b80  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
09:31:09.0741 0x1b80  arc - ok
09:31:09.0762 0x1b80  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:31:09.0764 0x1b80  arcsas - ok
09:31:09.0832 0x1b80  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:31:09.0833 0x1b80  aspnet_state - ok
09:31:09.0845 0x1b80  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:31:09.0846 0x1b80  AsyncMac - ok
09:31:09.0868 0x1b80  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:31:09.0869 0x1b80  atapi - ok
09:31:09.0914 0x1b80  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:31:09.0923 0x1b80  AudioEndpointBuilder - ok
09:31:09.0948 0x1b80  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:31:09.0957 0x1b80  AudioSrv - ok
09:31:09.0988 0x1b80  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:31:09.0990 0x1b80  AxInstSV - ok
09:31:10.0009 0x1b80  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:31:10.0018 0x1b80  b06bdrv - ok
09:31:10.0040 0x1b80  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:31:10.0046 0x1b80  b57nd60a - ok
09:31:10.0050 0x1b80  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:31:10.0052 0x1b80  BDESVC - ok
09:31:10.0060 0x1b80  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:31:10.0060 0x1b80  Beep - ok
09:31:10.0090 0x1b80  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:31:10.0100 0x1b80  BFE - ok
09:31:10.0139 0x1b80  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:31:10.0151 0x1b80  BITS - ok
09:31:10.0182 0x1b80  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:31:10.0184 0x1b80  blbdrive - ok
09:31:10.0260 0x1b80  [ 59C7088BDCD238E3ABDA30A37A0D2537, A6A95855490D0791E0DA71A6E91D3092340DD05BE8EEF1A5642E0C3D6BE4D385 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
09:31:10.0274 0x1b80  Bluetooth Device Monitor - ok
09:31:10.0324 0x1b80  [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
09:31:10.0341 0x1b80  Bluetooth Media Service - ok
09:31:10.0371 0x1b80  [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
09:31:10.0386 0x1b80  Bluetooth OBEX Service - ok
09:31:10.0439 0x1b80  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:31:10.0445 0x1b80  Bonjour Service - ok
09:31:10.0462 0x1b80  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:31:10.0464 0x1b80  bowser - ok
09:31:10.0472 0x1b80  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:31:10.0473 0x1b80  BrFiltLo - ok
09:31:10.0499 0x1b80  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:31:10.0500 0x1b80  BrFiltUp - ok
09:31:10.0528 0x1b80  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:31:10.0530 0x1b80  Browser - ok
09:31:10.0544 0x1b80  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:31:10.0550 0x1b80  Brserid - ok
09:31:10.0557 0x1b80  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:31:10.0558 0x1b80  BrSerWdm - ok
09:31:10.0570 0x1b80  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:31:10.0571 0x1b80  BrUsbMdm - ok
09:31:10.0574 0x1b80  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:31:10.0574 0x1b80  BrUsbSer - ok
09:31:10.0591 0x1b80  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
09:31:10.0592 0x1b80  BthEnum - ok
09:31:10.0600 0x1b80  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:31:10.0602 0x1b80  BTHMODEM - ok
09:31:10.0616 0x1b80  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:31:10.0618 0x1b80  BthPan - ok
09:31:10.0639 0x1b80  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:31:10.0648 0x1b80  BTHPORT - ok
09:31:10.0667 0x1b80  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:31:10.0668 0x1b80  bthserv - ok
09:31:10.0701 0x1b80  [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
09:31:10.0703 0x1b80  BTHSSecurityMgr - ok
09:31:10.0710 0x1b80  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:31:10.0712 0x1b80  BTHUSB - ok
09:31:10.0760 0x1b80  [ BD64048EE0186D7988943327D677AC84, 436910AEDDBAED02A8E71BA0A96EBDE1906B20AA29F02BE2B20946898B4B0C27 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
09:31:10.0762 0x1b80  btmaudio - ok
09:31:10.0787 0x1b80  [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
09:31:10.0790 0x1b80  btmaux - ok
09:31:10.0832 0x1b80  [ 00C8888A6E77AC48EB9945C601A1568F, CC834C85888B87FF4B18CF58242E6152D4AAE20CAB2ECBEFBCBAFCA2581BE01E ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
09:31:10.0866 0x1b80  btmhsf - ok
09:31:10.0878 0x1b80  [ DD5A9EC7A078EE42CC0685CCB185D80B, 2A3E8EBA5EA0BD9F97B09BEE50CA4681780ADAF89A190839D436F6159FA8C582 ] btmlehid        C:\Windows\system32\drivers\btmlehid.sys
09:31:10.0880 0x1b80  btmlehid - ok
09:31:10.0898 0x1b80  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:31:10.0901 0x1b80  cdfs - ok
09:31:10.0920 0x1b80  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:31:10.0923 0x1b80  cdrom - ok
09:31:10.0948 0x1b80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:31:10.0950 0x1b80  CertPropSvc - ok
09:31:10.0966 0x1b80  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:31:10.0967 0x1b80  circlass - ok
09:31:10.0986 0x1b80  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:31:10.0992 0x1b80  CLFS - ok
09:31:11.0038 0x1b80  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:31:11.0039 0x1b80  clr_optimization_v2.0.50727_32 - ok
09:31:11.0087 0x1b80  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:31:11.0089 0x1b80  clr_optimization_v2.0.50727_64 - ok
09:31:11.0139 0x1b80  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:31:11.0141 0x1b80  clr_optimization_v4.0.30319_32 - ok
09:31:11.0168 0x1b80  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:31:11.0170 0x1b80  clr_optimization_v4.0.30319_64 - ok
09:31:11.0181 0x1b80  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:31:11.0182 0x1b80  CmBatt - ok
09:31:11.0188 0x1b80  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:31:11.0189 0x1b80  cmdide - ok
09:31:11.0233 0x1b80  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:31:11.0240 0x1b80  CNG - ok
09:31:11.0256 0x1b80  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:31:11.0257 0x1b80  Compbatt - ok
09:31:11.0273 0x1b80  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:31:11.0274 0x1b80  CompositeBus - ok
09:31:11.0276 0x1b80  COMSysApp - ok
09:31:11.0338 0x1b80  [ 3A1D0473D1349D5BDE2CDA0945A5DDF7, 51E2156CE2DFB1E861990BC84A10B42865D86511CB100ECAE9354DAAC1F2B5F4 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:31:11.0344 0x1b80  cphs - ok
09:31:11.0350 0x1b80  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:31:11.0351 0x1b80  crcdisk - ok
09:31:11.0378 0x1b80  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:31:11.0381 0x1b80  CryptSvc - ok
09:31:11.0414 0x1b80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:31:11.0422 0x1b80  DcomLaunch - ok
09:31:11.0441 0x1b80  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:31:11.0447 0x1b80  defragsvc - ok
09:31:11.0478 0x1b80  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:31:11.0481 0x1b80  DfsC - ok
09:31:11.0520 0x1b80  [ E0FB647661B59632E3987D40D6F75281, D999CE7FDC788A217E128F059A05216BACD2FD26207362469C55D477C6E0A3EE ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:31:11.0522 0x1b80  dg_ssudbus - ok
09:31:11.0540 0x1b80  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:31:11.0545 0x1b80  Dhcp - ok
09:31:11.0615 0x1b80  [ 2A312D761AE650B1BF1296733E872AAC, A05BB3B3BF2DA68599E593BB4367774A74141DE327092C77BCDA3C0F36C8D6AD ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
09:31:11.0619 0x1b80  DirMngr - ok
09:31:11.0626 0x1b80  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:31:11.0627 0x1b80  discache - ok
09:31:11.0653 0x1b80  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
09:31:11.0654 0x1b80  Disk - ok
09:31:11.0669 0x1b80  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:31:11.0672 0x1b80  Dnscache - ok
09:31:11.0687 0x1b80  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:31:11.0691 0x1b80  dot3svc - ok
09:31:11.0699 0x1b80  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:31:11.0701 0x1b80  DPS - ok
09:31:11.0724 0x1b80  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:31:11.0724 0x1b80  drmkaud - ok
09:31:11.0776 0x1b80  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:31:11.0788 0x1b80  DXGKrnl - ok
09:31:11.0821 0x1b80  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:31:11.0823 0x1b80  EapHost - ok
09:31:11.0912 0x1b80  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:31:11.0992 0x1b80  ebdrv - ok
09:31:12.0033 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
09:31:12.0035 0x1b80  EFS - ok
09:31:12.0087 0x1b80  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:31:12.0106 0x1b80  ehRecvr - ok
09:31:12.0128 0x1b80  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:31:12.0131 0x1b80  ehSched - ok
09:31:12.0157 0x1b80  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:31:12.0166 0x1b80  elxstor - ok
09:31:12.0169 0x1b80  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:31:12.0169 0x1b80  ErrDev - ok
09:31:12.0227 0x1b80  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:31:12.0233 0x1b80  EventSystem - ok
09:31:12.0302 0x1b80  [ 00B132F23AA25DEF2060D490B0AB70EF, AAE3BA09C2201EA27D3DB761B3D3E8A3EE80A14B451B743F4DF1281D87166857 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:31:12.0311 0x1b80  EvtEng - ok
09:31:12.0348 0x1b80  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:31:12.0352 0x1b80  exfat - ok
09:31:12.0403 0x1b80  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] fa6789c5        C:\Windows\system32\rundll32.exe
09:31:12.0406 0x1b80  fa6789c5 - ok
09:31:12.0431 0x1b80  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:31:12.0436 0x1b80  fastfat - ok
09:31:12.0471 0x1b80  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:31:12.0490 0x1b80  Fax - ok
09:31:12.0508 0x1b80  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
09:31:12.0509 0x1b80  fdc - ok
09:31:12.0523 0x1b80  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:31:12.0523 0x1b80  fdPHost - ok
09:31:12.0530 0x1b80  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:31:12.0531 0x1b80  FDResPub - ok
09:31:12.0546 0x1b80  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:31:12.0548 0x1b80  FileInfo - ok
09:31:12.0559 0x1b80  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:31:12.0560 0x1b80  Filetrace - ok
09:31:12.0604 0x0a7c  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
09:31:12.0735 0x1b80  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
09:31:12.0786 0x1b80  FlexNet Licensing Service 64 - ok
09:31:12.0819 0x1b80  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:31:12.0859 0x1b80  flpydisk - ok
09:31:12.0888 0x1b80  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:31:12.0894 0x1b80  FltMgr - ok
09:31:12.0932 0x1b80  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:31:12.0948 0x1b80  FontCache - ok
09:31:12.0990 0x1b80  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:31:12.0991 0x1b80  FontCache3.0.0.0 - ok
09:31:13.0000 0x1b80  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:31:13.0002 0x1b80  FsDepends - ok
09:31:13.0024 0x1b80  [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
09:31:13.0026 0x1b80  fssfltr - ok
09:31:13.0102 0x1b80  [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:31:13.0136 0x1b80  fsssvc - ok
09:31:13.0153 0x1b80  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:31:13.0154 0x1b80  Fs_Rec - ok
09:31:13.0172 0x1b80  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:31:13.0176 0x1b80  fvevol - ok
09:31:13.0189 0x1b80  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:31:13.0191 0x1b80  gagp30kx - ok
09:31:13.0229 0x1b80  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:31:13.0230 0x1b80  GEARAspiWDM - ok
09:31:13.0270 0x1b80  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:31:13.0281 0x1b80  gpsvc - ok
09:31:13.0318 0x1b80  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
09:31:13.0318 0x1b80  hamachi - ok
09:31:13.0422 0x1b80  [ 72BE101788DD12A08ABF63AF801BE3B7, 9AFE6AB040C239E26B820520470DEDA449F47AAC70C295DC69F90BF8A2CBA69A ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
09:31:13.0479 0x1b80  Hamachi2Svc - ok
09:31:13.0510 0x1b80  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:31:13.0511 0x1b80  hcw85cir - ok
09:31:13.0522 0x1b80  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:31:13.0529 0x1b80  HdAudAddService - ok
09:31:13.0545 0x1b80  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:31:13.0547 0x1b80  HDAudBus - ok
09:31:13.0550 0x1b80  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:31:13.0551 0x1b80  HidBatt - ok
09:31:13.0555 0x1b80  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:31:13.0557 0x1b80  HidBth - ok
09:31:13.0560 0x1b80  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:31:13.0561 0x1b80  HidIr - ok
09:31:13.0590 0x1b80  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:31:13.0591 0x1b80  hidserv - ok
09:31:13.0618 0x1b80  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:31:13.0619 0x1b80  HidUsb - ok
09:31:13.0636 0x1b80  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:31:13.0638 0x1b80  hkmsvc - ok
09:31:13.0660 0x1b80  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:31:13.0664 0x1b80  HomeGroupListener - ok
09:31:13.0683 0x1b80  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:31:13.0686 0x1b80  HomeGroupProvider - ok
09:31:13.0707 0x1b80  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:31:13.0709 0x1b80  HpSAMD - ok
09:31:13.0735 0x1b80  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:31:13.0755 0x1b80  HTTP - ok
09:31:13.0770 0x1b80  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:31:13.0770 0x1b80  hwpolicy - ok
09:31:13.0784 0x1b80  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:31:13.0786 0x1b80  i8042prt - ok
09:31:13.0812 0x1b80  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
09:31:13.0820 0x1b80  iaStorA - ok
09:31:13.0873 0x1b80  [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:31:13.0873 0x1b80  IAStorDataMgrSvc - ok
09:31:13.0885 0x1b80  [ 05E24E2CA39C0D2FAADE8FC603345A7D, 01C519CABD3B1F003AAD1B6F1CE79C1A49408DFC2CE5A8008A7BD0A1266D783C ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
09:31:13.0886 0x1b80  iaStorF - ok
09:31:13.0911 0x1b80  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:31:13.0919 0x1b80  iaStorV - ok
09:31:13.0947 0x1b80  [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
09:31:13.0949 0x1b80  ibtfltcoex - ok
09:31:14.0036 0x1b80  [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:31:14.0067 0x1b80  IconMan_R - ok
09:31:14.0122 0x1b80  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:31:14.0144 0x1b80  idsvc - ok
09:31:14.0170 0x1b80  IEEtwCollectorService - ok
09:31:14.0281 0x1b80  [ E54E5F3FC3728D1168898080A01A51E5, 1AEDFDB747410ED163D5C6F87CDE136834A367DF194A978214FBA158F0CC141A ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:31:14.0417 0x1b80  igfx - ok
09:31:14.0439 0x1b80  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:31:14.0440 0x1b80  iirsp - ok
09:31:14.0483 0x1b80  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:31:14.0494 0x1b80  IKEEXT - ok
09:31:14.0517 0x1b80  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:31:14.0523 0x1b80  IntcDAud - ok
09:31:14.0569 0x1b80  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:31:14.0588 0x1b80  Intel® Capability Licensing Service Interface - ok
09:31:14.0620 0x1b80  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:31:14.0642 0x1b80  Intel® Capability Licensing Service TCP IP Interface - ok
09:31:14.0678 0x1b80  [ 8CAB422BDC0F8A1046F595E964CE2F14, F2FBECCBAF9BF2C92FD4EA1234A08CA98D52B2F0D18E65B43FC08D4A605FE4CD ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
09:31:14.0680 0x1b80  Intel® ME Service - ok
09:31:14.0689 0x1b80  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:31:14.0690 0x1b80  intelide - ok
09:31:14.0705 0x1b80  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:31:14.0707 0x1b80  intelppm - ok
09:31:14.0732 0x1b80  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:31:14.0735 0x1b80  IPBusEnum - ok
09:31:14.0744 0x1b80  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:31:14.0746 0x1b80  IpFilterDriver - ok
09:31:14.0775 0x1b80  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:31:14.0785 0x1b80  iphlpsvc - ok
09:31:14.0789 0x1b80  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:31:14.0790 0x1b80  IPMIDRV - ok
09:31:14.0795 0x1b80  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:31:14.0797 0x1b80  IPNAT - ok
09:31:14.0842 0x1b80  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:31:14.0851 0x1b80  iPod Service - ok
09:31:14.0873 0x1b80  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:31:14.0874 0x1b80  IRENUM - ok
09:31:14.0897 0x1b80  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:31:14.0898 0x1b80  isapnp - ok
09:31:14.0911 0x1b80  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:31:14.0916 0x1b80  iScsiPrt - ok
09:31:14.0927 0x1b80  [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
09:31:14.0928 0x1b80  iusb3hcs - ok
09:31:14.0947 0x1b80  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
09:31:14.0952 0x1b80  iusb3hub - ok
09:31:14.0995 0x1b80  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:31:15.0005 0x1b80  iusb3xhc - ok
09:31:15.0027 0x1b80  [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
09:31:15.0029 0x1b80  jhi_service - ok
09:31:15.0046 0x1b80  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:31:15.0046 0x1b80  kbdclass - ok
09:31:15.0070 0x1b80  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:31:15.0071 0x1b80  kbdhid - ok
09:31:15.0078 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
09:31:15.0079 0x1b80  KeyIso - ok
09:31:15.0108 0x1b80  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:31:15.0110 0x1b80  KSecDD - ok
09:31:15.0136 0x1b80  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:31:15.0139 0x1b80  KSecPkg - ok
09:31:15.0154 0x1b80  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:31:15.0155 0x1b80  ksthunk - ok
09:31:15.0184 0x1b80  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:31:15.0191 0x1b80  KtmRm - ok
09:31:15.0237 0x1b80  [ 4C0641D4DCDE9A84B9DB537277C2ADF8, 34278BA143042005337AA841432FD7D96B337203E2350657551E30FB67695E86 ] kx1avs          C:\Windows\system32\Drivers\kx1avs.sys
09:31:15.0244 0x1b80  kx1avs - ok
09:31:15.0274 0x1b80  [ DF95DF5C8238B5A8C411538A2C834955, BE08799EDAB1ABA4C552E4B34D514CCFBBE1ED69DF5FD065D1664F46EA00BBB8 ] kx1usb_svc      C:\Windows\system32\Drivers\kx1usb.sys
09:31:15.0275 0x1b80  kx1usb_svc - ok
09:31:15.0311 0x1b80  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:31:15.0315 0x1b80  LanmanServer - ok
09:31:15.0327 0x1b80  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:31:15.0330 0x1b80  LanmanWorkstation - ok
09:31:15.0346 0x1b80  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:31:15.0348 0x1b80  lltdio - ok
09:31:15.0380 0x1b80  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:31:15.0386 0x1b80  lltdsvc - ok
09:31:15.0402 0x1b80  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:31:15.0403 0x1b80  lmhosts - ok
09:31:15.0445 0x1b80  [ 687DBC3FCBB7C60192EF048066336F5C, 335E80F3B8F4A313840AB61D64A9C2E17C712A0DF38FE00DC252E3483AC03DA8 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
09:31:15.0451 0x1b80  LMIGuardianSvc - ok
09:31:15.0478 0x1b80  [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:31:15.0483 0x1b80  LMS - ok
09:31:15.0504 0x1b80  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:31:15.0507 0x1b80  LSI_FC - ok
09:31:15.0530 0x1b80  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:31:15.0533 0x1b80  LSI_SAS - ok
09:31:15.0536 0x1b80  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:31:15.0538 0x1b80  LSI_SAS2 - ok
09:31:15.0556 0x1b80  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:31:15.0559 0x1b80  LSI_SCSI - ok
09:31:15.0571 0x1b80  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:31:15.0573 0x1b80  luafv - ok
09:31:15.0621 0x1b80  [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:31:15.0622 0x1b80  MBAMProtector - ok
09:31:15.0720 0x1b80  [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
09:31:15.0765 0x1b80  MBAMScheduler - ok
09:31:15.0815 0x1b80  [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
09:31:15.0837 0x1b80  MBAMService - ok
09:31:15.0864 0x1b80  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:31:15.0866 0x1b80  MBAMSwissArmy - ok
09:31:15.0901 0x1b80  [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:31:15.0903 0x1b80  MBAMWebAccessControl - ok
09:31:15.0953 0x1b80  [ A956C19131F965917064F4B5D097F6C7, F8F3ED682B0B1482197364CCE545F97A3B0EA21DF4E87606FDAAFC9CC8A4979E ] McNeelUpdate    c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
09:31:15.0955 0x1b80  McNeelUpdate - ok
09:31:15.0974 0x1b80  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:31:15.0976 0x1b80  Mcx2Svc - ok
09:31:15.0996 0x1b80  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:31:15.0998 0x1b80  megasas - ok
09:31:16.0017 0x1b80  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:31:16.0022 0x1b80  MegaSR - ok
09:31:16.0038 0x1b80  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:31:16.0039 0x1b80  MEIx64 - ok
09:31:16.0056 0x1b80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:31:16.0057 0x1b80  MMCSS - ok
09:31:16.0069 0x1b80  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:31:16.0070 0x1b80  Modem - ok
09:31:16.0079 0x1b80  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:31:16.0079 0x1b80  monitor - ok
09:31:16.0089 0x1b80  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:31:16.0090 0x1b80  mouclass - ok
09:31:16.0097 0x1b80  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:31:16.0098 0x1b80  mouhid - ok
09:31:16.0113 0x1b80  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:31:16.0115 0x1b80  mountmgr - ok
09:31:16.0192 0x1b80  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:31:16.0195 0x1b80  MozillaMaintenance - ok
09:31:16.0209 0x1b80  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:31:16.0212 0x1b80  mpio - ok
09:31:16.0229 0x1b80  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:31:16.0231 0x1b80  mpsdrv - ok
09:31:16.0261 0x1b80  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:31:16.0272 0x1b80  MpsSvc - ok
09:31:16.0334 0x1b80  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:31:16.0337 0x1b80  MRxDAV - ok
09:31:16.0352 0x1b80  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:31:16.0355 0x1b80  mrxsmb - ok
09:31:16.0373 0x1b80  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:31:16.0378 0x1b80  mrxsmb10 - ok
09:31:16.0394 0x1b80  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:31:16.0397 0x1b80  mrxsmb20 - ok
09:31:16.0405 0x1b80  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:31:16.0406 0x1b80  msahci - ok
09:31:16.0411 0x1b80  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:31:16.0414 0x1b80  msdsm - ok
09:31:16.0428 0x1b80  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:31:16.0431 0x1b80  MSDTC - ok
09:31:16.0441 0x1b80  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:31:16.0442 0x1b80  Msfs - ok
09:31:16.0449 0x1b80  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:31:16.0450 0x1b80  mshidkmdf - ok
09:31:16.0457 0x1b80  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:31:16.0457 0x1b80  msisadrv - ok
09:31:16.0482 0x1b80  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:31:16.0485 0x1b80  MSiSCSI - ok
09:31:16.0487 0x1b80  msiserver - ok
09:31:16.0501 0x1b80  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:31:16.0502 0x1b80  MSKSSRV - ok
09:31:16.0517 0x1b80  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:31:16.0517 0x1b80  MSPCLOCK - ok
09:31:16.0525 0x1b80  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:31:16.0526 0x1b80  MSPQM - ok
09:31:16.0549 0x1b80  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:31:16.0556 0x1b80  MsRPC - ok
09:31:16.0569 0x1b80  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:31:16.0570 0x1b80  mssmbios - ok
09:31:16.0579 0x1b80  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:31:16.0580 0x1b80  MSTEE - ok
09:31:16.0586 0x1b80  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:31:16.0587 0x1b80  MTConfig - ok
09:31:16.0599 0x1b80  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:31:16.0601 0x1b80  Mup - ok
09:31:16.0620 0x1b80  [ 74E1E62819D33F176821ADC9AFF8A3E7, 99E5C85E8A49ECBBBB5D9ABCA43BC7C756126F29A3B73E74D61F9644EF19FC8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:31:16.0625 0x1b80  MyWiFiDHCPDNS - ok
09:31:16.0651 0x1b80  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:31:16.0658 0x1b80  napagent - ok
09:31:16.0686 0x1b80  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:31:16.0691 0x1b80  NativeWifiP - ok
09:31:16.0723 0x1b80  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:31:16.0747 0x1b80  NDIS - ok
09:31:16.0758 0x1b80  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:31:16.0760 0x1b80  NdisCap - ok
09:31:16.0770 0x1b80  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:31:16.0771 0x1b80  NdisTapi - ok
09:31:16.0780 0x1b80  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:31:16.0782 0x1b80  Ndisuio - ok
09:31:16.0792 0x1b80  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:31:16.0795 0x1b80  NdisWan - ok
09:31:16.0802 0x1b80  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:31:16.0803 0x1b80  NDProxy - ok
09:31:16.0817 0x1b80  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:31:16.0819 0x1b80  NetBIOS - ok
09:31:16.0835 0x1b80  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:31:16.0839 0x1b80  NetBT - ok
09:31:16.0849 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
09:31:16.0850 0x1b80  Netlogon - ok
09:31:16.0883 0x1b80  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:31:16.0888 0x1b80  Netman - ok
09:31:16.0940 0x1b80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:16.0944 0x1b80  NetMsmqActivator - ok
09:31:16.0948 0x1b80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:16.0950 0x1b80  NetPipeActivator - ok
09:31:16.0972 0x1b80  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:31:16.0979 0x1b80  netprofm - ok
09:31:16.0996 0x1b80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:16.0998 0x1b80  NetTcpActivator - ok
09:31:17.0002 0x1b80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:31:17.0004 0x1b80  NetTcpPortSharing - ok
09:31:17.0269 0x1b80  [ D39BFDCB570E9019831901AB1B8B4443, 6A8E3761F211AE3C36F8BFE8247AE068B039B2CF5AE36607E6629873B0E4FFE3 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
09:31:17.0527 0x1b80  NETwNs64 - ok
09:31:17.0583 0x1b80  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:31:17.0584 0x1b80  nfrd960 - ok
09:31:17.0782 0x1b80  [ 04034CC1C96566C67F4C9250E4A4D179, 18478B725E9A279F3EAD56AF850EA089A2D691AC51BA46CFA09A0F5447896E2F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
09:31:17.0928 0x1b80  NIHardwareService - ok
09:31:17.0958 0x1b80  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:31:17.0962 0x1b80  NlaSvc - ok
09:31:17.0972 0x1b80  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:31:17.0973 0x1b80  Npfs - ok
09:31:17.0977 0x1b80  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:31:17.0979 0x1b80  nsi - ok
09:31:17.0991 0x1b80  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:31:17.0992 0x1b80  nsiproxy - ok
09:31:18.0040 0x1b80  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:31:18.0086 0x1b80  Ntfs - ok
09:31:18.0102 0x1b80  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:31:18.0103 0x1b80  Null - ok
09:31:18.0408 0x1b80  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:31:18.0570 0x1b80  nvlddmkm - ok
09:31:18.0698 0x1b80  [ C50CD479FD1BB886244E2663DFFBCF6A, CCFB60425E56A12C097EC05A9E5549B4F4A10379818ABC64945487C16F882E3D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:31:18.0718 0x1b80  NvNetworkService - ok
09:31:18.0732 0x1b80  [ C045199456CE8B823AD85CB9507DEA3C, 9C070B7463AB22D1AFC116E89C690FD552ED68D138F9DD3BA9FAD9BB652DC940 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
09:31:18.0733 0x1b80  nvpciflt - ok
09:31:18.0759 0x1b80  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:31:18.0762 0x1b80  nvraid - ok
09:31:18.0767 0x1b80  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:31:18.0770 0x1b80  nvstor - ok
09:31:18.0868 0x1b80  [ AD7A2F3AF147B2CF302EBF7C1E01E027, B8DAAE7FE4B13C9CA3F1DEE7C98F5CA49D4D1678C82C51D6801210838319BAE5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:31:18.0868 0x1b80  NvStreamKms - ok
09:31:19.0002 0x1b80  NvStreamSvc - ok
09:31:19.0044 0x1b80  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:31:19.0057 0x1b80  nvsvc - ok
09:31:19.0089 0x1b80  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:31:19.0090 0x1b80  nvvad_WaveExtensible - ok
09:31:19.0108 0x1b80  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:31:19.0110 0x1b80  nv_agp - ok
09:31:19.0199 0x1b80  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:31:19.0207 0x1b80  odserv - ok
09:31:19.0215 0x1b80  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:31:19.0217 0x1b80  ohci1394 - ok
09:31:19.0246 0x1b80  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:31:19.0250 0x1b80  ose - ok
09:31:19.0276 0x1b80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:31:19.0281 0x1b80  p2pimsvc - ok
09:31:19.0301 0x1b80  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:31:19.0307 0x1b80  p2psvc - ok
09:31:19.0325 0x1b80  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
09:31:19.0327 0x1b80  Parport - ok
09:31:19.0340 0x1b80  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:31:19.0342 0x1b80  partmgr - ok
09:31:19.0378 0x1b80  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:31:19.0381 0x1b80  PcaSvc - ok
09:31:19.0399 0x1b80  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:31:19.0403 0x1b80  pci - ok
09:31:19.0418 0x1b80  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:31:19.0419 0x1b80  pciide - ok
09:31:19.0425 0x1b80  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:31:19.0430 0x1b80  pcmcia - ok
09:31:19.0438 0x1b80  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:31:19.0440 0x1b80  pcw - ok
09:31:19.0488 0x1b80  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:31:19.0507 0x1b80  PEAUTH - ok
09:31:19.0560 0x1b80  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:31:19.0562 0x1b80  PerfHost - ok
09:31:19.0614 0x1b80  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:31:19.0658 0x1b80  pla - ok
09:31:19.0689 0x1b80  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:31:19.0695 0x1b80  PlugPlay - ok
09:31:19.0728 0x1b80  [ 205E1B699FD3F2F9B036EEA2EC30C620, 9D5C8009BC3F6F76438FC82C3DAAA3E9CC87F74CDE841A0ADD9EF00E98DB6890 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
09:31:19.0730 0x1b80  PnkBstrA - ok
09:31:19.0748 0x1b80  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:31:19.0750 0x1b80  PNRPAutoReg - ok
09:31:19.0785 0x1b80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:31:19.0790 0x1b80  PNRPsvc - ok
09:31:19.0818 0x1b80  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:31:19.0827 0x1b80  PolicyAgent - ok
09:31:19.0839 0x1b80  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:31:19.0842 0x1b80  Power - ok
09:31:19.0877 0x1b80  [ E48B35EECA228FED2F5A532B1036CA63, 6261AA64F6CC68C1E01D737EB4EBF57477599AF28CC4E9B824EA0A1852B6CD76 ] PowerBiosServer C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
09:31:19.0878 0x1b80  PowerBiosServer - ok
09:31:19.0905 0x1b80  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:31:19.0907 0x1b80  PptpMiniport - ok
09:31:19.0920 0x1b80  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
09:31:19.0922 0x1b80  Processor - ok
09:31:19.0950 0x1b80  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:31:19.0953 0x1b80  ProfSvc - ok
09:31:19.0959 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:31:19.0961 0x1b80  ProtectedStorage - ok
09:31:19.0977 0x1b80  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:31:19.0979 0x1b80  Psched - ok
09:31:20.0033 0x1b80  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:31:20.0067 0x1b80  ql2300 - ok
09:31:20.0081 0x1b80  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:31:20.0084 0x1b80  ql40xx - ok
09:31:20.0109 0x1b80  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:31:20.0114 0x1b80  QWAVE - ok
09:31:20.0129 0x1b80  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:31:20.0130 0x1b80  QWAVEdrv - ok
09:31:20.0144 0x1b80  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:31:20.0145 0x1b80  RasAcd - ok
09:31:20.0170 0x1b80  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:31:20.0172 0x1b80  RasAgileVpn - ok
09:31:20.0198 0x1b80  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:31:20.0201 0x1b80  RasAuto - ok
09:31:20.0213 0x1b80  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:31:20.0216 0x1b80  Rasl2tp - ok
09:31:20.0229 0x1b80  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:31:20.0236 0x1b80  RasMan - ok
09:31:20.0280 0x1b80  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:31:20.0282 0x1b80  RasPppoe - ok
09:31:20.0293 0x1b80  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:31:20.0295 0x1b80  RasSstp - ok
09:31:20.0312 0x1b80  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:31:20.0317 0x1b80  rdbss - ok
09:31:20.0324 0x1b80  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:31:20.0325 0x1b80  rdpbus - ok
09:31:20.0376 0x1b80  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:31:20.0376 0x1b80  RDPCDD - ok
09:31:20.0387 0x1b80  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:31:20.0387 0x1b80  RDPENCDD - ok
09:31:20.0400 0x1b80  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:31:20.0401 0x1b80  RDPREFMP - ok
09:31:20.0421 0x1b80  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:31:20.0422 0x1b80  RdpVideoMiniport - ok
09:31:20.0454 0x1b80  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:31:20.0458 0x1b80  RDPWD - ok
09:31:20.0476 0x1b80  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:31:20.0480 0x1b80  rdyboost - ok
09:31:20.0517 0x1b80  [ 5A118234A2251D6CFB8A11DFE7AC4B4A, C79AEAA4D35C10F3C0F5F75E525FE8FB839F43C5EA0D83AE2D5FAB8FEB8F6ECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:31:20.0520 0x1b80  RegSrvc - ok
09:31:20.0546 0x1b80  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:31:20.0549 0x1b80  RemoteAccess - ok
09:31:20.0566 0x1b80  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:31:20.0570 0x1b80  RemoteRegistry - ok
09:31:20.0591 0x1b80  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:31:20.0595 0x1b80  RFCOMM - ok
09:31:20.0604 0x1b80  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:31:20.0606 0x1b80  RpcEptMapper - ok
09:31:20.0629 0x1b80  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:31:20.0630 0x1b80  RpcLocator - ok
09:31:20.0646 0x1b80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:31:20.0653 0x1b80  RpcSs - ok
09:31:20.0680 0x1b80  [ 1D10F803697CA4B4C05AAA81C8034536, 328A3A58AE4FF0120392B3BE563A4CA433768518B940D294306C76C815D900A7 ] RSBASTOR        C:\Windows\system32\DRIVERS\RtsBaStor.sys
09:31:20.0684 0x1b80  RSBASTOR - ok
09:31:20.0705 0x1b80  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:31:20.0707 0x1b80  rspndr - ok
09:31:20.0737 0x1b80  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:31:20.0748 0x1b80  RTL8167 - ok
09:31:20.0756 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
09:31:20.0758 0x1b80  SamSs - ok
09:31:20.0767 0x1b80  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:31:20.0769 0x1b80  sbp2port - ok
09:31:20.0794 0x1b80  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:31:20.0798 0x1b80  SCardSvr - ok
09:31:20.0817 0x1b80  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:31:20.0818 0x1b80  scfilter - ok
09:31:20.0849 0x1b80  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:31:20.0864 0x1b80  Schedule - ok
09:31:20.0879 0x1b80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:31:20.0880 0x1b80  SCPolicySvc - ok
09:31:20.0891 0x1b80  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:31:20.0894 0x1b80  SDRSVC - ok
09:31:20.0901 0x1b80  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:31:20.0902 0x1b80  secdrv - ok
09:31:20.0918 0x1b80  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:31:20.0920 0x1b80  seclogon - ok
09:31:20.0936 0x1b80  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:31:20.0938 0x1b80  SENS - ok
09:31:20.0942 0x1b80  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:31:20.0943 0x1b80  SensrSvc - ok
09:31:20.0958 0x1b80  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:31:20.0959 0x1b80  Serenum - ok
09:31:20.0988 0x1b80  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
09:31:20.0990 0x1b80  Serial - ok
09:31:20.0992 0x1b80  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:31:20.0993 0x1b80  sermouse - ok
09:31:21.0023 0x1b80  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:31:21.0026 0x1b80  SessionEnv - ok
09:31:21.0029 0x1b80  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:31:21.0030 0x1b80  sffdisk - ok
09:31:21.0032 0x1b80  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:31:21.0032 0x1b80  sffp_mmc - ok
09:31:21.0035 0x1b80  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:31:21.0036 0x1b80  sffp_sd - ok
09:31:21.0039 0x1b80  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:31:21.0040 0x1b80  sfloppy - ok
09:31:21.0074 0x1b80  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:31:21.0081 0x1b80  SharedAccess - ok
09:31:21.0107 0x1b80  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:31:21.0113 0x1b80  ShellHWDetection - ok
09:31:21.0130 0x1b80  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:31:21.0132 0x1b80  SiSRaid2 - ok
09:31:21.0136 0x1b80  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:31:21.0138 0x1b80  SiSRaid4 - ok
09:31:21.0155 0x1b80  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:31:21.0157 0x1b80  Smb - ok
09:31:21.0160 0x1b80  [ 3F5228A4A2D915FF167C20B484493848, C282F9AF1480E8D16FEBF2BD5E670AE98A01707D4C81F7ABC6E0A9593A37AAAE ] SmbDrv          C:\Windows\system32\drivers\Smb_driver_AMDASF.sys
09:31:21.0161 0x1b80  SmbDrv - ok
09:31:21.0175 0x1b80  [ 5CDEF3A06AEA1B510F3F4B09340247D5, 5B57381BAD738E05BBBFC4B95F67611D879B31E248FE96104D0333A655AF9F13 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
09:31:21.0176 0x1b80  SmbDrvI - ok
09:31:21.0195 0x1b80  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:31:21.0197 0x1b80  SNMPTRAP - ok
09:31:21.0202 0x1b80  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:31:21.0203 0x1b80  spldr - ok
09:31:21.0227 0x1b80  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:31:21.0236 0x1b80  Spooler - ok
09:31:21.0326 0x1b80  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:31:21.0374 0x1b80  sppsvc - ok
09:31:21.0400 0x1b80  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:31:21.0402 0x1b80  sppuinotify - ok
09:31:21.0445 0x1b80  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:31:21.0453 0x1b80  srv - ok
09:31:21.0469 0x1b80  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:31:21.0476 0x1b80  srv2 - ok
09:31:21.0494 0x1b80  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:31:21.0498 0x1b80  srvnet - ok
09:31:21.0513 0x1b80  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:31:21.0516 0x1b80  SSDPSRV - ok
09:31:21.0544 0x1b80  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:31:21.0546 0x1b80  SstpSvc - ok
09:31:21.0591 0x1b80  [ 6A87E01028D7594BD58EB47DABD8CEAE, 2D0B1E9CD01FB90B92F4D8C0AF878BBDD3D9F978E11C06D3C6E06B39F352B58B ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:31:21.0595 0x1b80  ssudmdm - ok
09:31:21.0661 0x1b80  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:31:21.0683 0x1b80  Steam Client Service - ok
09:31:21.0702 0x1b80  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:31:21.0703 0x1b80  stexstor - ok
09:31:21.0747 0x1b80  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:31:21.0755 0x1b80  stisvc - ok
09:31:21.0776 0x1b80  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:31:21.0776 0x1b80  swenum - ok
09:31:21.0806 0x1b80  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:31:21.0813 0x1b80  swprv - ok
09:31:21.0831 0x1b80  [ 95FFE1C1C55B2E9CE45CCC7CFE25D2C3, 4F3F8A41A68076609FB5F334D8EC77423325C665FBE70404BB89371B5A3E1F22 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:31:21.0837 0x1b80  SynTP - ok
09:31:21.0881 0x1b80  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:31:21.0904 0x1b80  SysMain - ok
09:31:21.0956 0x1b80  [ 8D3F6CEBDAECDE77DD2A0899AECDE41E, 3C69B0BA4D82638BE408A559D6B704B5A7F862D65DBD63C07A1AF9C8F02C5E54 ] ta6avs          C:\Windows\system32\Drivers\ta6avs.sys
09:31:21.0963 0x1b80  ta6avs - ok
09:31:21.0999 0x1b80  [ EE529EEE0D020DE5F6155B76FD5E500B, 24E16D9D60C556F560AFF69351918BB5FC09C92E81A1EF65F190246CB73B5B7C ] ta6usb_svc      C:\Windows\system32\Drivers\ta6usb.sys
09:31:22.0002 0x1b80  ta6usb_svc - ok
09:31:22.0020 0x1b80  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:31:22.0023 0x1b80  TabletInputService - ok
09:31:22.0044 0x1b80  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:31:22.0051 0x1b80  TapiSrv - ok
09:31:22.0058 0x1b80  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:31:22.0060 0x1b80  TBS - ok
09:31:22.0122 0x1b80  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:31:22.0168 0x1b80  Tcpip - ok
09:31:22.0245 0x1b80  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:31:22.0270 0x1b80  TCPIP6 - ok
09:31:22.0319 0x1b80  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:31:22.0321 0x1b80  tcpipreg - ok
09:31:22.0328 0x1b80  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:31:22.0329 0x1b80  TDPIPE - ok
09:31:22.0341 0x1b80  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:31:22.0342 0x1b80  TDTCP - ok
09:31:22.0356 0x1b80  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:31:22.0359 0x1b80  tdx - ok
09:31:22.0371 0x1b80  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:31:22.0373 0x1b80  TermDD - ok
09:31:22.0375 0x1b80  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
09:31:22.0376 0x1b80  terminpt - ok
09:31:22.0425 0x1b80  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:31:22.0435 0x1b80  TermService - ok
09:31:22.0498 0x1b80  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:31:22.0500 0x1b80  Themes - ok
09:31:22.0520 0x1b80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:31:22.0522 0x1b80  THREADORDER - ok
09:31:22.0535 0x1b80  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:31:22.0538 0x1b80  TrkWks - ok
09:31:22.0591 0x1b80  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:31:22.0594 0x1b80  TrustedInstaller - ok
09:31:22.0615 0x1b80  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:31:22.0616 0x1b80  tssecsrv - ok
09:31:22.0650 0x1b80  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:31:22.0652 0x1b80  TsUsbFlt - ok
09:31:22.0676 0x1b80  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:31:22.0677 0x1b80  TsUsbGD - ok
09:31:22.0692 0x1b80  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:31:22.0695 0x1b80  tunnel - ok
09:31:22.0698 0x1b80  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:31:22.0700 0x1b80  uagp35 - ok
09:31:22.0722 0x1b80  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:31:22.0729 0x1b80  udfs - ok
09:31:22.0757 0x1b80  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:31:22.0759 0x1b80  UI0Detect - ok
09:31:22.0762 0x1b80  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:31:22.0764 0x1b80  uliagpkx - ok
09:31:22.0767 0x1b80  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:31:22.0768 0x1b80  umbus - ok
09:31:22.0781 0x1b80  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:31:22.0782 0x1b80  UmPass - ok
09:31:22.0803 0x1b80  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:31:22.0808 0x1b80  upnphost - ok
09:31:22.0847 0x1b80  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:31:22.0849 0x1b80  USBAAPL64 - ok
09:31:22.0881 0x1b80  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:31:22.0883 0x1b80  usbaudio - ok
09:31:22.0895 0x1b80  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:31:22.0897 0x1b80  usbccgp - ok
09:31:22.0918 0x1b80  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:31:22.0946 0x1b80  usbcir - ok
09:31:23.0035 0x1b80  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:31:23.0086 0x1b80  usbehci - ok
09:31:23.0158 0x1b80  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:31:23.0201 0x1b80  usbhub - ok
09:31:23.0220 0x1b80  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:31:23.0221 0x1b80  usbohci - ok
09:31:23.0240 0x1b80  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:31:23.0241 0x1b80  usbprint - ok
09:31:23.0270 0x1b80  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:31:23.0271 0x1b80  usbscan - ok
09:31:23.0283 0x1b80  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:31:23.0285 0x1b80  USBSTOR - ok
09:31:23.0288 0x1b80  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:31:23.0290 0x1b80  usbuhci - ok
09:31:23.0341 0x1b80  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:31:23.0345 0x1b80  usbvideo - ok
09:31:23.0369 0x1b80  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:31:23.0370 0x1b80  UxSms - ok
09:31:23.0380 0x1b80  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
09:31:23.0381 0x1b80  VaultSvc - ok
09:31:23.0403 0x1b80  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:31:23.0404 0x1b80  vdrvroot - ok
09:31:23.0421 0x1b80  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:31:23.0431 0x1b80  vds - ok
09:31:23.0444 0x1b80  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:31:23.0445 0x1b80  vga - ok
09:31:23.0452 0x1b80  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:31:23.0453 0x1b80  VgaSave - ok
09:31:23.0470 0x1b80  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:31:23.0475 0x1b80  vhdmp - ok
09:31:23.0543 0x1b80  [ 42A250AD5C414DA73A70866D5A4FBC53, 317453571B3D5C0CFAFA5824E9A939B19C5A86F0E1D7D1422C098F64A6262353 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
09:31:23.0571 0x1b80  VIAHdAudAddService - ok
09:31:23.0580 0x1b80  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:31:23.0580 0x1b80  viaide - ok
09:31:23.0596 0x1b80  [ 6B34F3220E4AE5D77BD42CEA94EB3892, 6BBED3FBD52935B0ECEA3A9B5B0A4B44214636840AE1EBB65AE1089B3F0C0500 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
09:31:23.0598 0x1b80  VIAKaraokeService - ok
09:31:23.0611 0x1b80  [ 754C8BF43F0DD4B54865F174A62761E9, 921597FE5154939314DACA57361C5A03A622B9AA61D51A45A09995A6D1A923A7 ] VMfilt          C:\Windows\system32\drivers\VMfilt64.sys
09:31:23.0612 0x1b80  VMfilt - ok
09:31:23.0630 0x1b80  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:31:23.0632 0x1b80  volmgr - ok
09:31:23.0646 0x1b80  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:31:23.0652 0x1b80  volmgrx - ok
09:31:23.0675 0x1b80  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:31:23.0680 0x1b80  volsnap - ok
09:31:23.0699 0x1b80  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:31:23.0703 0x1b80  vsmraid - ok
09:31:23.0766 0x1b80  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:31:23.0786 0x1b80  VSS - ok
09:31:23.0802 0x1b80  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:31:23.0803 0x1b80  vwifibus - ok
09:31:23.0811 0x1b80  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:31:23.0813 0x1b80  vwififlt - ok
09:31:23.0825 0x1b80  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:31:23.0826 0x1b80  vwifimp - ok
09:31:23.0846 0x1b80  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:31:23.0851 0x1b80  W32Time - ok
09:31:23.0865 0x1b80  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:31:23.0866 0x1b80  WacomPen - ok
09:31:23.0882 0x1b80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:31:23.0884 0x1b80  WANARP - ok
09:31:23.0887 0x1b80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:31:23.0889 0x1b80  Wanarpv6 - ok
09:31:23.0941 0x1b80  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:31:23.0975 0x1b80  WatAdminSvc - ok
09:31:24.0027 0x1b80  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:31:24.0068 0x1b80  wbengine - ok
09:31:24.0090 0x1b80  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:31:24.0095 0x1b80  WbioSrvc - ok
09:31:24.0112 0x1b80  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:31:24.0120 0x1b80  wcncsvc - ok
09:31:24.0126 0x1b80  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:31:24.0129 0x1b80  WcsPlugInService - ok
09:31:24.0155 0x1b80  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:31:24.0156 0x1b80  Wd - ok
09:31:24.0187 0x1b80  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:31:24.0206 0x1b80  Wdf01000 - ok
09:31:24.0240 0x1b80  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:31:24.0243 0x1b80  WdiServiceHost - ok
09:31:24.0246 0x1b80  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:31:24.0248 0x1b80  WdiSystemHost - ok
09:31:24.0282 0x1b80  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:31:24.0287 0x1b80  WebClient - ok
09:31:24.0316 0x1b80  [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:31:24.0321 0x1b80  Wecsvc - ok
09:31:24.0334 0x1b80  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:31:24.0336 0x1b80  wercplsupport - ok
09:31:24.0349 0x1b80  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:31:24.0352 0x1b80  WerSvc - ok
09:31:24.0367 0x1b80  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:31:24.0367 0x1b80  WfpLwf - ok
09:31:24.0380 0x1b80  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:31:24.0381 0x1b80  WIMMount - ok
09:31:24.0388 0x1b80  WinDefend - ok
09:31:24.0397 0x1b80  WinHttpAutoProxySvc - ok
09:31:24.0452 0x1b80  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:31:24.0455 0x1b80  Winmgmt - ok
09:31:24.0513 0x1b80  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:31:24.0602 0x1b80  WinRM - ok
09:31:24.0647 0x1b80  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:31:24.0648 0x1b80  WinUsb - ok
09:31:24.0689 0x1b80  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:31:24.0702 0x1b80  Wlansvc - ok
09:31:24.0803 0x1b80  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:31:24.0833 0x1b80  wlidsvc - ok
09:31:24.0882 0x1b80  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:31:24.0882 0x1b80  WmiAcpi - ok
09:31:24.0934 0x1b80  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:31:24.0938 0x1b80  wmiApSrv - ok
09:31:24.0964 0x1b80  WMPNetworkSvc - ok
09:31:24.0980 0x1b80  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:31:24.0982 0x1b80  WPCSvc - ok
09:31:24.0998 0x1b80  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:31:25.0001 0x1b80  WPDBusEnum - ok
09:31:25.0049 0x1b80  [ 35B188FB11AD382442E347AB8B691203, E8ADFCD515F963F84E7330F4C342C5D5C35FB33B633685A4426959FF00764758 ] WRkrn           C:\Windows\system32\drivers\WRkrn.sys
09:31:25.0051 0x1b80  WRkrn - ok
09:31:25.0113 0x1b80  [ B7F6E45606D867342A9690CE7D9A0DC9, 6D6850F6DC6AC64E685BE8BDDED2CD23BF61781042F745DEBC972B6BADF88BCA ] WRSVC           C:\Program Files\rOOpPrgr\uJahBaZO.exe
09:31:25.0124 0x1b80  WRSVC - ok
09:31:25.0148 0x1b80  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:31:25.0149 0x1b80  ws2ifsl - ok
09:31:25.0179 0x1b80  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:31:25.0182 0x1b80  wscsvc - ok
09:31:25.0184 0x1b80  WSearch - ok
09:31:25.0278 0x1b80  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:31:25.0314 0x1b80  wuauserv - ok
09:31:25.0326 0x1b80  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:31:25.0328 0x1b80  WudfPf - ok
09:31:25.0349 0x1b80  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:31:25.0354 0x1b80  WUDFRd - ok
09:31:25.0392 0x1b80  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:31:25.0395 0x1b80  wudfsvc - ok
09:31:25.0424 0x1b80  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:31:25.0430 0x1b80  WwanSvc - ok
09:31:25.0455 0x0a7c  Object send P2P result: true
09:31:25.0571 0x1b80  [ A923222A8437E6C419AFC1A3BE32FF47, ED1132AE3548AC54D838F93B36A591F3EDB34A980409ED220077871DA5630E9A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:31:25.0618 0x1b80  ZeroConfigService - ok
09:31:25.0642 0x1b80  ================ Scan global ===============================
09:31:25.0689 0x1b80  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:31:25.0702 0x1b80  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:31:25.0725 0x1b80  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:31:25.0739 0x1b80  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:31:25.0769 0x1b80  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:31:25.0774 0x1b80  [ Global ] - ok
09:31:25.0775 0x1b80  ================ Scan MBR ==================================
09:31:25.0787 0x1b80  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:31:25.0934 0x1b80  \Device\Harddisk0\DR0 - ok
09:31:25.0934 0x1b80  ================ Scan VBR ==================================
09:31:25.0936 0x1b80  [ B568D966C284F68311CE1D86177C9264 ] \Device\Harddisk0\DR0\Partition1
09:31:25.0994 0x1b80  \Device\Harddisk0\DR0\Partition1 - ok
09:31:25.0994 0x1b80  ================ Scan generic autorun ======================
09:31:26.0153 0x1b80  [ 14F828373091DCF2BF02579F5BB7A415, 4161D5E774ECE2B372D3C3F34CF99037AE3A52151D8ABD164F2C7E4EBD010187 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
09:31:26.0224 0x1b80  HDAudDeck - ok
09:31:26.0275 0x1b80  [ D94BCD3B86F5220BEFC277B395EEE845, 61D3DE5621CE855F8EA5BF2308D0DFFB3B517BF7187AEE1FEF6785C5880E7D49 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
09:31:26.0277 0x1b80  IAStorIcon - ok
09:31:26.0319 0x1b80  [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
09:31:26.0321 0x1b80  BLEServicesCtrl - ok
09:31:26.0323 0x1b80  BTMTrayAgent - ok
09:31:26.0323 0x1b80  SynTPEnh - ok
09:31:26.0343 0x1b80  [ 9D322C16DD782FA716C7D3A3A2CF92CF, 20E33B77175F083A59D08B2A8ACB8D021CFDA7FF40D003EAF629E47E645A5211 ] C:\Windows\system32\igfxtray.exe
09:31:26.0346 0x1b80  IgfxTray - ok
09:31:26.0379 0x1b80  [ CE2B5C7CC51B20A44892AEFA61C2D48B, 8594AD02785A051801808951B03C2E8B83997B97E1F21A092E085001BCC9F149 ] C:\Windows\system32\hkcmd.exe
09:31:26.0385 0x1b80  HotKeysCmds - ok
09:31:26.0405 0x1b80  [ 7B16B5DA48F1A37A239C98D53046DBE2, 5B05A35E3788851527F828D8240FBBDC91761C916B2B6CA12213AEC64E40274D ] C:\Windows\system32\igfxpers.exe
09:31:26.0411 0x1b80  Persistence - ok
09:31:26.0514 0x1b80  [ 5EA707336336DDFADE5FD3726CEA1523, 6136D88012140B3A43C7DC6CD0CBDB867BC6BA62D718269B73ED9F1B340F6768 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:31:26.0542 0x1b80  NvBackend - ok
09:31:26.0561 0x1b80  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:31:26.0562 0x1b80  ShadowPlay - ok
09:31:26.0606 0x1b80  [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
09:31:26.0610 0x1b80  USB3MON - ok
09:31:26.0640 0x1b80  [ B7F6E45606D867342A9690CE7D9A0DC9, 6D6850F6DC6AC64E685BE8BDDED2CD23BF61781042F745DEBC972B6BADF88BCA ] C:\Program Files\rOOpPrgr\uJahBaZO.exe
09:31:26.0650 0x1b80  WRSVC - ok
09:31:26.0688 0x1b80  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:31:26.0689 0x1b80  APSDaemon - ok
09:31:26.0736 0x1b80  [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
09:31:26.0738 0x1b80  iTunesHelper - ok
09:31:26.0807 0x1b80  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:31:26.0819 0x1b80  Adobe ARM - ok
09:31:26.0907 0x1b80  [ A0251ED3ABBA7ACC84416738C8282ACA, 67240ED2BD24D557003AD7062E314F6CDC63BA95EB99A38AB7606432605DDE84 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
09:31:26.0911 0x1b80  KiesTrayAgent - ok
09:31:26.0955 0x1b80  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
09:31:26.0961 0x1b80  QuickTime Task - ok
09:31:27.0012 0x1b80  [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
09:31:27.0017 0x1b80  IJNetworkScannerSelectorEX - ok
09:31:27.0165 0x1b80  [ CFEDDB638643C9B4DDD1570EB17D7C16, 8EA72FAD24BA0DE4E207773CAADF6BAE7055C6B27E3E3D1B8B74EE726872054A ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
09:31:27.0212 0x1b80  LogMeIn Hamachi Ui - ok
09:31:27.0269 0x1b80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:31:27.0302 0x1b80  Sidebar - ok
09:31:27.0316 0x1b80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:31:27.0318 0x1b80  mctadmin - ok
09:31:27.0340 0x1b80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:31:27.0355 0x1b80  Sidebar - ok
09:31:27.0360 0x1b80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:31:27.0362 0x1b80  mctadmin - ok
09:31:27.0457 0x1b80  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe
09:31:27.0458 0x1b80  Google Update - ok
09:31:27.0459 0x1b80  KiesAirMessage - ok
09:31:27.0527 0x1b80  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Dan\AppData\Local\Facebook\Update\FacebookUpdate.exe
09:31:27.0529 0x1b80  Facebook Update - ok
09:31:27.0684 0x1b80  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Dan\AppData\Local\Akamai\netsession_win.exe
09:31:27.0746 0x1b80  Akamai NetSession Interface - ok
09:31:27.0750 0x1b80  Waiting for KSN requests completion. In queue: 210
09:31:28.0750 0x1b80  Waiting for KSN requests completion. In queue: 155
09:31:29.0750 0x1b80  Waiting for KSN requests completion. In queue: 48
09:31:30.0750 0x1b80  Waiting for KSN requests completion. In queue: 27
09:31:31.0750 0x1b80  Waiting for KSN requests completion. In queue: 27
09:31:32.0769 0x1b80  AV detected via SS2: Webroot SecureAnywhere, C:\Program Files\rOOpPrgr\uJahBaZO.exe ( 8.0.5.111 ), 0x41000 ( enabled : updated )
09:31:32.0773 0x1b80  Win FW state via NFP2: enabled
09:31:35.0458 0x1b80  ============================================================
09:31:35.0458 0x1b80  Scan finished
09:31:35.0458 0x1b80  ============================================================
09:31:35.0464 0x1e80  Detected object count: 0
09:31:35.0464 0x1e80  Actual detected object count: 0
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 26 November 2014 - 08:28 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 27 November 2014 - 05:24 AM

Security check log:

 

 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Webroot SecureAnywhere   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 2.0.3.1025  
 Java 7 Update 55  
 Java version 32-bit out of Date!
 Adobe Flash Player 15.0.0.239  
 Adobe Reader XI  
 Mozilla Firefox (33.1)
 Google Chrome 38.0.2125.104 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
 

 

FBar Log:

 

Farbar Service Scanner Version: 21-07-2014
Ran by Dan (administrator) on 27-11-2014 at 08:36:53
Running from "C:\Users\Dan\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

MiniToolBox Log:

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Dan (administrator) on 27-11-2014 at 08:38:34
Running from "C:\Users\Dan\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/27/2014 08:05:43 AM) (Source: MsiInstaller) (User: Dan-Laptop2)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Dan\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (11/27/2014 08:05:06 AM) (Source: MsiInstaller) (User: Dan-Laptop2)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Dan\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (11/27/2014 08:04:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2014 08:07:37 PM) (Source: MsiInstaller) (User: Dan-Laptop2)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Dan\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (11/26/2014 08:07:04 PM) (Source: MsiInstaller) (User: Dan-Laptop2)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Dan\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (11/26/2014 05:58:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5990

Error: (11/26/2014 05:58:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5990

Error: (11/26/2014 05:58:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/26/2014 05:58:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992

Error: (11/26/2014 05:58:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4992


System errors:
=============
Error: (11/27/2014 08:03:59 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VideoCnv service to connect.

Error: (11/26/2014 07:05:25 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5CE9A9D3-D1EF-4FE2-B532-4DE524A6A5F6}.
The backup browser is stopping.

Error: (11/26/2014 08:52:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VideoCnv service to connect.

Error: (11/25/2014 06:20:49 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5CE9A9D3-D1EF-4FE2-B532-4DE524A6A5F6}.
The backup browser is stopping.

Error: (11/25/2014 08:04:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.189.620.0).

Error: (11/25/2014 07:53:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VideoCnv service to connect.

Error: (11/24/2014 11:34:10 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5CE9A9D3-D1EF-4FE2-B532-4DE524A6A5F6}.
The backup browser is stopping.

Error: (11/24/2014 10:13:09 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VideoCnv service to connect.

Error: (11/24/2014 08:41:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VideoCnv service to connect.

Error: (11/23/2014 09:26:14 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.3.
The computer with the IP address 192.168.0.9 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================


=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
BatchPhoto (HKLM-x32\...\{7520C973-8BEB-48A7-84CC-B171F63B597B}) (Version: 4.0.1 - Bits&Coffee)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version:  - BisonCam)
Bitcoin Armory (HKLM-x32\...\Bitcoin Armory) (Version: 0.92.3.0 - Armory Technologies Inc.)
Bitcoin Core (64-bit) (HKCU\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG3500 series User Registration (HKLM-x32\...\Canon MG3500 series User Registration) (Version:  - ?Canon Inc.)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.0.31.1111 - Foxit Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis 2 (HKLM-x32\...\Steam App 99830) (Version:  - Crytek Studios)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.76 - IGC)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
Hotkey 7.0027 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 7.0027 - NoteBook)
Hotkey 7.0027 (x32 Version: 7.0027 - NoteBook) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.6.1.0536 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0352 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software Driver (Version: 15.06.1000.0167 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kingo Android ROOT version 1.1.8.1835 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.1.8.1835 - Kingosoft Technology Ltd.)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.266 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.266 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MPC-HC 1.7.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.5 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.5.6.1344 - Native Instruments)
Native Instruments Controller Editor (Version: 1.5.6.1344 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.3.1177 - Native Instruments)
Native Instruments Service Center (Version: 2.4.3.1177 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.3.144 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.3.144 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 (Version: 3.0.1.648 - Native Instruments) Hidden
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27035 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{B292A64C-7D4E-4350-B4F0-F2FF0C9B3581}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{F6C3D076-3696-4139-8409-D3030BF1B38C}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{E42CF82B-C897-4E9D-B8C4-DE63FF0A28D7}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{06E2D312-B485-4914-904B-A3A940BC6750}) (Version: 5.9.40617.14345 - Robert McNeel & Associates)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Warhammer 40,000: Dawn of War – Dark Crusade (HKLM-x32\...\Steam App 4580) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)
WebCam Installer (HKLM-x32\...\InstallShield_{2A14D7BC-1876-4B38-830B-18856C27F550}) (Version: 4.041 - WebCam)
WebCam Installer (x32 Version: 4.041 - WebCam) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.5.111 - Webroot)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

========================= Devices: ================================

Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter
Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 12208.04 MB
Available physical RAM: 8884.76 MB
Total Pagefile: 24414.26 MB
Available Pagefile: 20998.88 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.65 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:925.65 GB) (Free:497.04 GB) NTFS

========================= Users: ========================================

User accounts for \\DAN-LAPTOP2

Administrator            Dan                      Guest                    

========================= Restore Points ==================================

19-11-2014 17:30:56 Windows Update
20-11-2014 09:40:04 Removed Autodesk 360
20-11-2014 09:41:32 Removed Autodesk App Manager.
20-11-2014 09:49:22 Removed Autodesk AutoCAD Performance Feedback Tool Version 1.2.2
20-11-2014 09:50:16 Removed Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit
20-11-2014 09:51:59 Removed Autodesk Material Library 2015.
20-11-2014 09:54:00 Removed Autodesk Material Library Base Resolution Image Library 2015.
20-11-2014 09:54:55 Removed Autodesk Featured Apps.
20-11-2014 10:01:02 Removed SketchUp Import.
24-11-2014 12:33:15 Installed Java 7 Update 71
25-11-2014 08:01:02 Windows Update

**** End of log ****
 

 

Mbam pro threat scan log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27/11/2014
Scan Time: 08:39:42
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.27.04
Rootkit Database: v2014.11.22.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 375765
Time Elapsed: 40 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Malwarebytes anitrootkit:

 

It asked me at the start something about possible rootkit activity in appinit.dll's i pressed yes but im not sure this was right sorry?

 

Log:

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.11.18.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
Dan :: DAN-LAPTOP2 [administrator]

27/11/2014 09:37:37
mbar-log-2014-11-27 (09-37-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 373977
Time elapsed: 36 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

Other log:

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17420

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 12801056768, free: 9217986560

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17420

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 12801056768, free: 9214590976

Initializing...
======================
This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.
Initializing...
======================
------------ Kernel report ------------
     11/27/2014 09:37:30
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStorA.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\drivers\WRkrn.sys
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\TDI.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iaStorF.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Netwsw00.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsBaStor.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\AMPPAL.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\hamachi.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\system32\drivers\VMfilt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ws2_32.dll
\Windows\System32\msctf.dll
\Windows\System32\shell32.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ole32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\nsi.dll
\Windows\System32\sechost.dll
\Windows\System32\psapi.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800c356790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xfffffa800a8d39c0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800c356790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800c3562c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800c356790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800aa2ac50, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa800a8d39c0, DeviceName: \Device\00000070\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9A8B8E5D

Partition information:

    Partition 0 type is Other (0x27)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 12288000
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 12290048  Numsec = 1941231616

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 

RKill Log:

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/27/2014 10:22:46 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 11/27/2014 10:23:24 AM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 27 November 2014 - 12:02 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 27 November 2014 - 02:32 PM

Adwcleaner log:

# AdwCleaner v4.102 - Report created 27/11/2014 at 17:24:59
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dan - DAN-LAPTOP2
# Running from : C:\Users\Dan\Desktop\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ef8b941fd936a6c4
Folder Deleted : C:\Program Files (x86)\VideoCnv
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Myfree Codec

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 en-US)


-\\ Google Chrome v

[C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [2148 octets] - [27/11/2014 17:14:04]
AdwCleaner[S0].txt - [2053 octets] - [27/11/2014 17:24:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2113 octets] ##########


Junkremover log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Dan on 27/11/2014 at 17:30:06.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ FireFox

Emptied folder: C:\Users\Dan\AppData\Roaming\mozilla\firefox\profiles\7o79mxrc.default\minidumps [153 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/11/2014 at 17:32:28.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Last virus scan found no items so no log



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 27 November 2014 - 04:56 PM

How is computer doing?

 

Update your Java version here: http://www.java.com/en/download/manual.jsp
Alternate download: http://www.filehippo.com/search?q=java

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 27 November 2014 - 05:03 PM

Hi, much better thank you, no pop ups from ip's from mbam and no random processes in my task manager. I have updated java what next?



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 27 November 2014 - 05:27 PM

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly ((you need to redownload these tools since they were removed by DelFix))

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 27 November 2014 - 05:50 PM

Hi, I cant thank you enough for this, happy thanksgiving and ill send you a little donation for your troubles :)



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 27 November 2014 - 09:25 PM

You're very welcome p22002759.gif

 

...and thank you :)


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 28 November 2014 - 05:28 AM

Hi, MBam just blocked a site from svchost.exe ... should i run the junkware cleaner etc again?



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:24 AM

Posted 28 November 2014 - 08:32 PM

I think we need to employ more advanced tools.

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 Needsomehelp567

Needsomehelp567
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 29 November 2014 - 03:51 AM

Hi, thanks again for your help. I have started a post in the other section (http://www.bleepingcomputer.com/forums/t/558018/mbam-blocking-connections-from-svchostexe/)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users