Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't find/remove adware fetcher/installer


  • Please log in to reply
24 replies to this topic

#1 i_am_jim

i_am_jim

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 November 2014 - 12:53 PM

I have a computer that I cannot remove the root cause of adware.  While disconnected from the Internet, using Malwarebytes Emsisoft and Hitman Pro, I can remove all adware, but the minute I reconnect to the Internet something fetches and installs new adware so these programs are not getting the cause of the root problem.

 

This repeats.

How do I find and remove the thing that's endlessly fetching and installing new adware?
 


Edited by hamluis, 27 November 2014 - 02:45 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 27 November 2014 - 01:26 PM

Use the programs below that have good success at finding and removing adware and malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars...especially Yahoo.

You may see Google Tool Bar being offered.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Hold down Control and click on this link to open ESET OnlineScan in a new window.

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 27 November 2014 - 01:27 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 November 2014 - 03:28 PM

I ran CCleaner and it completed without error.

 

Log for AdwCleaner:

 

# AdwCleaner v4.102 - Report created 27/11/2014 at 13:24:44
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - RED
# Running from : E:\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files\Video Converter

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17148


-\\ Mozilla Firefox v30.0 (en-US)


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [2345 octets] - [27/11/2014 13:24:44]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [2405 octets] ##########

 

 

JRT Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by SYSTEM on Thu 11/27/2014 at 14:01:24.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-02747EB8.pf



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/27/2014 at 14:04:25.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

I didn't run ESET because it requires being connected to the Internet and I try not to do that because whatever it is imports adware and installs it requiring I go throught the entire cleaning process again.

 

Oh yes, I didn't let AdwCleaner remove C:\Program Files\Video Converter because it's a program I have been using for 3  years.


Edited by i_am_jim, 27 November 2014 - 03:32 PM.


#4 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 November 2014 - 03:36 PM

Perhaps I should mention, each time I connect a Flashdrive to the infected computer is corrupts it such that I must reformat it on a properly working computer.  I'm afraid to let the computer "fix" it for fear that might be a method of propogating the malware. 


Edited by i_am_jim, 27 November 2014 - 03:37 PM.


#5 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 27 November 2014 - 04:00 PM

The log you posted says you didn't delete any of what AdwCleaner found. You need to make sure the items are deleted.

Except for the one you want to keep.

 

Eset needs to be run. It has a good track record of finding malware and adware.

 

You can scan for rootkits.

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#6 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 November 2014 - 05:03 PM

15:45:45.0013 0x071c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
15:45:49.0037 0x071c  ============================================================
15:45:49.0037 0x071c  Current date / time: 2014/11/27 15:45:49.0037
15:45:49.0037 0x071c  SystemInfo:
15:45:49.0037 0x071c  
15:45:49.0037 0x071c  OS Version: 6.1.7601 ServicePack: 1.0
15:45:49.0037 0x071c  Product type: Workstation
15:45:49.0037 0x071c  ComputerName: ***
15:45:49.0037 0x071c  UserName: ****
15:45:49.0037 0x071c  Windows directory: C:\Windows
15:45:49.0037 0x071c  System windows directory: C:\Windows
15:45:49.0037 0x071c  Running under WOW64
15:45:49.0037 0x071c  Processor architecture: Intel x64
15:45:49.0037 0x071c  Number of processors: 2
15:45:49.0037 0x071c  Page size: 0x1000
15:45:49.0037 0x071c  Boot type: Normal boot
15:45:49.0037 0x071c  ============================================================
15:45:49.0786 0x071c  KLMD registered as C:\Windows\system32\drivers\87630877.sys
15:45:50.0114 0x071c  System UUID: {07E4328E-79E2-C68A-AA5E-F25B354344E6}
15:45:50.0535 0x071c  Drive \Device\Harddisk0\DR0 - Size: 0x74707FDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:45:50.0535 0x071c  Drive \Device\Harddisk1\DR5 - Size: 0xEEE00000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:45:50.0535 0x071c  ============================================================
15:45:50.0535 0x071c  \Device\Harddisk0\DR0:
15:45:50.0535 0x071c  MBR partitions:
15:45:50.0535 0x071c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A383FB0
15:45:50.0535 0x071c  \Device\Harddisk1\DR5:
15:45:50.0551 0x071c  MBR partitions:
15:45:50.0551 0x071c  \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0x775080
15:45:50.0551 0x071c  ============================================================
15:45:50.0644 0x071c  C: <-> \Device\Harddisk0\DR0\Partition1
15:45:50.0644 0x071c  ============================================================
15:45:50.0644 0x071c  Initialize success
15:45:50.0644 0x071c  ============================================================
15:45:57.0430 0x090c  ============================================================
15:45:57.0430 0x090c  Scan started
15:45:57.0430 0x090c  Mode: Manual;
15:45:57.0430 0x090c  ============================================================
15:45:57.0430 0x090c  KSN ping started
15:45:57.0477 0x090c  KSN ping finished: false
15:45:58.0117 0x090c  ================ Scan system memory ========================
15:45:58.0117 0x090c  System memory - ok
15:45:58.0117 0x090c  ================ Scan services =============================
15:45:58.0304 0x090c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
15:45:58.0304 0x090c  1394ohci - ok
15:45:58.0397 0x090c  [ 5F7804CDDFEB100B5A35DC5FE2BF39FB, 970AD6430E7688D5D9508F022D22ECD95B5F32137EB5F6CC4831AC709227E78B ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
15:45:58.0429 0x090c  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
15:45:58.0460 0x090c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:45:58.0460 0x090c  ACPI - ok
15:45:58.0491 0x090c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:45:58.0491 0x090c  AcpiPmi - ok
15:45:58.0538 0x090c  [ D44BCAF639E4E45307C2BC80715273D5, 1E1CDE13C39D835447096CBEC104A2EDDCE15D94288DB3FBB02421B8B8307989 ] adfs            C:\Windows\system32\drivers\adfs.sys
15:45:58.0538 0x090c  adfs - ok
15:45:58.0616 0x090c  [ 3FD8DC2C9735C2AA70155102CFB93EDA, 92C066ECF295C757EB51DC42336329950A1920865051ABF47A6CFF8CC96E152E ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
15:45:58.0616 0x090c  AdobeActiveFileMonitor7.0 - ok
15:45:58.0663 0x090c  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:45:58.0663 0x090c  AdobeARMservice - ok
15:45:58.0819 0x090c  [ EA856F4A46320389D1899B2CAA7BF40F, C6ED82398481093B5EDF0D89D165AD1534139274239401414E0D59DBBA175686 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:45:58.0819 0x090c  AdobeFlashPlayerUpdateSvc - ok
15:45:58.0881 0x090c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:45:58.0897 0x090c  adp94xx - ok
15:45:58.0912 0x090c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:45:58.0928 0x090c  adpahci - ok
15:45:58.0943 0x090c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:45:58.0943 0x090c  adpu320 - ok
15:45:58.0975 0x090c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:45:58.0975 0x090c  AeLookupSvc - ok
15:45:59.0021 0x090c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:45:59.0037 0x090c  AFD - ok
15:45:59.0068 0x090c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:45:59.0068 0x090c  agp440 - ok
15:45:59.0084 0x090c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:45:59.0084 0x090c  ALG - ok
15:45:59.0115 0x090c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:45:59.0115 0x090c  aliide - ok
15:45:59.0318 0x090c  ALSysIO - ok
15:45:59.0365 0x090c  [ 770E25A0DF8785B8E3DCF3E6A7982973, B3B0C74055A83799BC7D61E215365552F1CBAC89DF45D9C4AE478D2DA1A988CB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:45:59.0365 0x090c  AMD External Events Utility - ok
15:45:59.0427 0x090c  AMD FUEL Service - ok
15:45:59.0443 0x090c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:45:59.0443 0x090c  amdide - ok
15:45:59.0474 0x090c  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
15:45:59.0474 0x090c  amdiox64 - ok
15:45:59.0521 0x090c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:45:59.0521 0x090c  AmdK8 - ok
15:45:59.0755 0x090c  [ 9FFAFA1EEAB3509735ED649296BB9224, CA42B6C9942550B8EE1F3B79F9C2F2603F753CC55FEC46FAF393EA88B004960F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:45:59.0926 0x090c  amdkmdag - ok
15:45:59.0973 0x090c  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:45:59.0989 0x090c  amdkmdap - ok
15:46:00.0004 0x090c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:46:00.0004 0x090c  AmdPPM - ok
15:46:00.0051 0x090c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:46:00.0051 0x090c  amdsata - ok
15:46:00.0098 0x090c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:46:00.0098 0x090c  amdsbs - ok
15:46:00.0113 0x090c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:46:00.0113 0x090c  amdxata - ok
15:46:00.0207 0x090c  [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:46:00.0238 0x090c  AntiVirSchedulerService - ok
15:46:00.0285 0x090c  [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:46:00.0285 0x090c  AntiVirService - ok
15:46:00.0347 0x090c  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
15:46:00.0347 0x090c  AppID - ok
15:46:00.0363 0x090c  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:46:00.0363 0x090c  AppIDSvc - ok
15:46:00.0379 0x090c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:46:00.0379 0x090c  Appinfo - ok
15:46:00.0410 0x090c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:46:00.0410 0x090c  arc - ok
15:46:00.0425 0x090c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:46:00.0441 0x090c  arcsas - ok
15:46:00.0519 0x090c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:46:00.0519 0x090c  aspnet_state - ok
15:46:00.0550 0x090c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:00.0550 0x090c  AsyncMac - ok
15:46:00.0581 0x090c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:46:00.0581 0x090c  atapi - ok
15:46:00.0769 0x090c  [ 9FFAFA1EEAB3509735ED649296BB9224, CA42B6C9942550B8EE1F3B79F9C2F2603F753CC55FEC46FAF393EA88B004960F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:46:00.0893 0x090c  atikmdag - ok
15:46:00.0925 0x090c  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
15:46:00.0925 0x090c  AtiPcie - ok
15:46:01.0003 0x090c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:01.0034 0x090c  AudioEndpointBuilder - ok
15:46:01.0081 0x090c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:46:01.0096 0x090c  AudioSrv - ok
15:46:01.0143 0x090c  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:46:01.0143 0x090c  avgntflt - ok
15:46:01.0174 0x090c  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:46:01.0190 0x090c  avipbb - ok
15:46:01.0205 0x090c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:46:01.0205 0x090c  avkmgr - ok
15:46:01.0237 0x090c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:46:01.0237 0x090c  AxInstSV - ok
15:46:01.0283 0x090c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:46:01.0299 0x090c  b06bdrv - ok
15:46:01.0315 0x090c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:01.0330 0x090c  b57nd60a - ok
15:46:01.0361 0x090c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:46:01.0361 0x090c  BDESVC - ok
15:46:01.0377 0x090c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:46:01.0393 0x090c  Beep - ok
15:46:01.0455 0x090c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:46:01.0471 0x090c  BFE - ok
15:46:01.0502 0x090c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:46:01.0517 0x090c  BITS - ok
15:46:01.0549 0x090c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:01.0549 0x090c  blbdrive - ok
15:46:01.0627 0x090c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:01.0642 0x090c  Bonjour Service - ok
15:46:01.0673 0x090c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:46:01.0673 0x090c  bowser - ok
15:46:01.0705 0x090c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:46:01.0705 0x090c  BrFiltLo - ok
15:46:01.0720 0x090c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:46:01.0720 0x090c  BrFiltUp - ok
15:46:01.0751 0x090c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:46:01.0751 0x090c  Browser - ok
15:46:01.0783 0x090c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:46:01.0783 0x090c  Brserid - ok
15:46:01.0814 0x090c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:01.0814 0x090c  BrSerWdm - ok
15:46:01.0814 0x090c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:01.0814 0x090c  BrUsbMdm - ok
15:46:01.0829 0x090c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:01.0829 0x090c  BrUsbSer - ok
15:46:01.0845 0x090c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:46:01.0845 0x090c  BTHMODEM - ok
15:46:01.0876 0x090c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:46:01.0876 0x090c  bthserv - ok
15:46:01.0892 0x090c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:46:01.0892 0x090c  cdfs - ok
15:46:01.0939 0x090c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:46:01.0939 0x090c  cdrom - ok
15:46:01.0970 0x090c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:46:01.0970 0x090c  CertPropSvc - ok
15:46:01.0985 0x090c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:46:01.0985 0x090c  circlass - ok
15:46:02.0017 0x090c  cleanhlp - ok
15:46:02.0063 0x090c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:46:02.0095 0x090c  CLFS - ok
15:46:02.0173 0x090c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:02.0173 0x090c  clr_optimization_v2.0.50727_32 - ok
15:46:02.0219 0x090c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:02.0219 0x090c  clr_optimization_v2.0.50727_64 - ok
15:46:02.0266 0x090c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:02.0266 0x090c  clr_optimization_v4.0.30319_32 - ok
15:46:02.0282 0x090c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:02.0282 0x090c  clr_optimization_v4.0.30319_64 - ok
15:46:02.0297 0x090c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:02.0297 0x090c  CmBatt - ok
15:46:02.0329 0x090c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:46:02.0329 0x090c  cmdide - ok
15:46:02.0391 0x090c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:46:02.0407 0x090c  CNG - ok
15:46:02.0438 0x090c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:46:02.0438 0x090c  Compbatt - ok
15:46:02.0453 0x090c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:46:02.0453 0x090c  CompositeBus - ok
15:46:02.0469 0x090c  COMSysApp - ok
15:46:02.0485 0x090c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:46:02.0485 0x090c  crcdisk - ok
15:46:02.0547 0x090c  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:46:02.0547 0x090c  CryptSvc - ok
15:46:02.0594 0x090c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:46:02.0609 0x090c  DcomLaunch - ok
15:46:02.0625 0x090c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:46:02.0641 0x090c  defragsvc - ok
15:46:02.0656 0x090c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:46:02.0672 0x090c  DfsC - ok
15:46:02.0703 0x090c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:46:02.0703 0x090c  Dhcp - ok
15:46:02.0734 0x090c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:46:02.0734 0x090c  discache - ok
15:46:02.0765 0x090c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:46:02.0765 0x090c  Disk - ok
15:46:02.0797 0x090c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:46:02.0812 0x090c  Dnscache - ok
15:46:02.0843 0x090c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:46:02.0843 0x090c  dot3svc - ok
15:46:02.0875 0x090c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:46:02.0890 0x090c  DPS - ok
15:46:02.0937 0x090c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:46:02.0937 0x090c  drmkaud - ok
15:46:02.0984 0x090c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:46:02.0999 0x090c  DXGKrnl - ok
15:46:03.0031 0x090c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:46:03.0031 0x090c  EapHost - ok
15:46:03.0187 0x090c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:46:03.0280 0x090c  ebdrv - ok
15:46:03.0311 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:46:03.0327 0x090c  EFS - ok
15:46:03.0358 0x090c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:46:03.0374 0x090c  elxstor - ok
15:46:03.0389 0x090c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:46:03.0389 0x090c  ErrDev - ok
15:46:03.0421 0x090c  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
15:46:03.0421 0x090c  etdrv - ok
15:46:03.0467 0x090c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:46:03.0467 0x090c  EventSystem - ok
15:46:03.0499 0x090c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:46:03.0499 0x090c  exfat - ok
15:46:03.0530 0x090c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:46:03.0530 0x090c  fastfat - ok
15:46:03.0577 0x090c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:46:03.0592 0x090c  Fax - ok
15:46:03.0608 0x090c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:46:03.0608 0x090c  fdc - ok
15:46:03.0623 0x090c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:46:03.0623 0x090c  fdPHost - ok
15:46:03.0639 0x090c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:46:03.0639 0x090c  FDResPub - ok
15:46:03.0655 0x090c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:46:03.0655 0x090c  FileInfo - ok
15:46:03.0670 0x090c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:46:03.0670 0x090c  Filetrace - ok
15:46:03.0717 0x090c  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:46:03.0733 0x090c  FLEXnet Licensing Service - ok
15:46:03.0826 0x090c  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:46:03.0889 0x090c  FLEXnet Licensing Service 64 - ok
15:46:03.0904 0x090c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:03.0904 0x090c  flpydisk - ok
15:46:03.0935 0x090c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:46:03.0935 0x090c  FltMgr - ok
15:46:04.0013 0x090c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:46:04.0045 0x090c  FontCache - ok
15:46:04.0076 0x090c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:04.0076 0x090c  FontCache3.0.0.0 - ok
15:46:04.0107 0x090c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:46:04.0107 0x090c  FsDepends - ok
15:46:04.0138 0x090c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:46:04.0138 0x090c  Fs_Rec - ok
15:46:04.0169 0x090c  [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
15:46:04.0169 0x090c  FTDIBUS - ok
15:46:04.0185 0x090c  [ 24237091348D1EFB5635A1CF9649E311, 23C66EEC336770E035825EEBABEB02258FFB1436A5CC0E26C267C470EA5B0D07 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
15:46:04.0185 0x090c  FTSER2K - ok
15:46:04.0216 0x090c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:46:04.0232 0x090c  fvevol - ok
15:46:04.0247 0x090c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:46:04.0247 0x090c  gagp30kx - ok
15:46:04.0263 0x090c  gdrv - ok
15:46:04.0294 0x090c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:46:04.0310 0x090c  gpsvc - ok
15:46:04.0341 0x090c  [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
15:46:04.0341 0x090c  grmnusb - ok
15:46:04.0419 0x090c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:04.0435 0x090c  gupdate - ok
15:46:04.0450 0x090c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:04.0466 0x090c  gupdatem - ok
15:46:04.0513 0x090c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:46:04.0513 0x090c  gusvc - ok
15:46:04.0544 0x090c  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
15:46:04.0544 0x090c  GVTDrv64 - ok
15:46:04.0575 0x090c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:46:04.0575 0x090c  hcw85cir - ok
15:46:04.0622 0x090c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:46:04.0637 0x090c  HdAudAddService - ok
15:46:04.0653 0x090c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:46:04.0669 0x090c  HDAudBus - ok
15:46:04.0684 0x090c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:46:04.0684 0x090c  HidBatt - ok
15:46:04.0700 0x090c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:46:04.0700 0x090c  HidBth - ok
15:46:04.0715 0x090c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:46:04.0715 0x090c  HidIr - ok
15:46:04.0747 0x090c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:46:04.0747 0x090c  hidserv - ok
15:46:04.0778 0x090c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:46:04.0778 0x090c  HidUsb - ok
15:46:04.0809 0x090c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:46:04.0809 0x090c  hkmsvc - ok
15:46:04.0840 0x090c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:46:04.0856 0x090c  HomeGroupListener - ok
15:46:04.0871 0x090c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:46:04.0871 0x090c  HomeGroupProvider - ok
15:46:04.0918 0x090c  [ 15F37D0102A81BA8DB007C68483C1F91, BBDBC492D0D9A3F1598FAF71D0634D69C3FCC6B7497A0184AECEF9EBD7260845 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys
15:46:04.0918 0x090c  hotcore3 - ok
15:46:04.0949 0x090c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:46:04.0949 0x090c  HpSAMD - ok
15:46:04.0996 0x090c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:46:05.0012 0x090c  HTTP - ok
15:46:05.0027 0x090c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:46:05.0027 0x090c  hwpolicy - ok
15:46:05.0074 0x090c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:46:05.0074 0x090c  i8042prt - ok
15:46:05.0121 0x090c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:46:05.0152 0x090c  iaStorV - ok
15:46:05.0199 0x090c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:46:05.0199 0x090c  IDriverT - ok
15:46:05.0277 0x090c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:46:05.0293 0x090c  idsvc - ok
15:46:05.0324 0x090c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:46:05.0324 0x090c  iirsp - ok
15:46:05.0371 0x090c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:46:05.0386 0x090c  IKEEXT - ok
15:46:05.0480 0x090c  [ E76FDFFF07F8A2FA81FF250DDA0F6BBA, 7CE8E2FDB87E401AFD36FB820794FC5F1F83C38E7CCD35EC5A975B20E6389693 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:46:05.0527 0x090c  IntcAzAudAddService - ok
15:46:05.0558 0x090c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:46:05.0558 0x090c  intelide - ok
15:46:05.0573 0x090c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:46:05.0589 0x090c  intelppm - ok
15:46:05.0667 0x090c  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:46:05.0667 0x090c  IntuitUpdateServiceV4 - ok
15:46:05.0698 0x090c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:46:05.0714 0x090c  IPBusEnum - ok
15:46:05.0745 0x090c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:46:05.0745 0x090c  IpFilterDriver - ok
15:46:05.0776 0x090c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:46:05.0807 0x090c  iphlpsvc - ok
15:46:05.0823 0x090c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:46:05.0823 0x090c  IPMIDRV - ok
15:46:05.0854 0x090c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:46:05.0854 0x090c  IPNAT - ok
15:46:05.0870 0x090c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:46:05.0870 0x090c  IRENUM - ok
15:46:05.0901 0x090c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:46:05.0901 0x090c  isapnp - ok
15:46:05.0932 0x090c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:46:05.0948 0x090c  iScsiPrt - ok
15:46:05.0963 0x090c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:46:05.0963 0x090c  kbdclass - ok
15:46:05.0995 0x090c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:46:05.0995 0x090c  kbdhid - ok
15:46:06.0010 0x090c  [ 6697304E206DD06E8F1507703D774AAD, 876D49B9C0DC401D08557944935FF8FDB61256247DC88C12F7E3172C2326063E ] kc02us_bus      C:\Windows\system32\DRIVERS\kc02us_bus64.sys
15:46:06.0010 0x090c  kc02us_bus - ok
15:46:06.0041 0x090c  [ 4BBE72CFBF03FA5F796652B775246F9D, 43DE1BFA71755CB955E00E57AACC31978198CA92DB460ED92B17D6D880F31B77 ] kc02us_mdm      C:\Windows\system32\DRIVERS\kc02us_mdm64.sys
15:46:06.0041 0x090c  kc02us_mdm - ok
15:46:06.0057 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:46:06.0057 0x090c  KeyIso - ok
15:46:06.0088 0x090c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:46:06.0104 0x090c  KSecDD - ok
15:46:06.0151 0x090c  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:46:06.0166 0x090c  KSecPkg - ok
15:46:06.0182 0x090c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:46:06.0197 0x090c  ksthunk - ok
15:46:06.0229 0x090c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:46:06.0244 0x090c  KtmRm - ok
15:46:06.0275 0x090c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:46:06.0291 0x090c  LanmanServer - ok
15:46:06.0322 0x090c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:46:06.0322 0x090c  LanmanWorkstation - ok
15:46:06.0353 0x090c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:46:06.0353 0x090c  lltdio - ok
15:46:06.0385 0x090c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:46:06.0400 0x090c  lltdsvc - ok
15:46:06.0416 0x090c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:46:06.0416 0x090c  lmhosts - ok
15:46:06.0478 0x090c  [ 450C65471411C8D7CF1E2A886BC73F42, 251D6560147545EC3217A4E430A85107E85C74983CDF62E90E42E0D0AB067408 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
15:46:06.0494 0x090c  LMIGuardianSvc - ok
15:46:06.0509 0x090c  [ 0317335B15FF3BDA8E10197E3434CFC0, C331978E63757DFE56C0D8DD7D943D651834218508304241F9BE8503BB00BEE9 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
15:46:06.0509 0x090c  LMIInfo - ok
15:46:06.0525 0x090c  [ A2544AF343A3C45B92DC8BED8F5E0FB5, 2EF629959C2B5AF05164939345CA524B6ECDCAD0044F0DC1D2AC15FA8F3EE936 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
15:46:06.0525 0x090c  LMIMaint - ok
15:46:06.0541 0x090c  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
15:46:06.0541 0x090c  lmimirr - ok
15:46:06.0541 0x090c  LMIRfsClientNP - ok
15:46:06.0572 0x090c  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
15:46:06.0572 0x090c  LMIRfsDriver - ok
15:46:06.0603 0x090c  [ 5AAA4186E0558546AF5FAA8EADCA5E35, D4D0A16DFEAB8C41CDEAE258A1D33F79D05A6FA59A47FBAAFF10BDED1CA92E11 ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
15:46:06.0603 0x090c  LogMeIn - ok
15:46:06.0634 0x090c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:46:06.0634 0x090c  LSI_FC - ok
15:46:06.0665 0x090c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:46:06.0665 0x090c  LSI_SAS - ok
15:46:06.0681 0x090c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:46:06.0681 0x090c  LSI_SAS2 - ok
15:46:06.0712 0x090c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:46:06.0712 0x090c  LSI_SCSI - ok
15:46:06.0743 0x090c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:46:06.0743 0x090c  luafv - ok
15:46:06.0868 0x090c  [ CE6E5146039D248FEB991FBC9E2B6A7B, 4F995D56AF651EB75E3FFC2E5B1551AB9447E81C4376101594D5A763A5ECC4E9 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
15:46:06.0899 0x090c  lvpopf64 - ok
15:46:06.0931 0x090c  [ 6D5EA90F86F9B28CD44AF6BA9BE03BF9, 6A92EF21EB7543389649900BAB241A846DFE9CADF785D7352052C003AA717E5F ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
15:46:06.0946 0x090c  LVUSBS64 - ok
15:46:07.0071 0x090c  [ EB12688842EDE30C843A123FA6855858, 24DD1E4F32CA08EF2263100A3C65BF8D904BB0FFC55025519C477E7BAA31E064 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
15:46:07.0165 0x090c  LVUVC64 - ok
15:46:07.0227 0x090c  [ 269DB9146B448DC7F76826375B89DB07, 922B67FCB6D22240890E660075FA39C5932D5B7552A2D0B96F68C328DC275390 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
15:46:07.0227 0x090c  mbamchameleon - ok
15:46:07.0243 0x090c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:46:07.0243 0x090c  megasas - ok
15:46:07.0274 0x090c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:46:07.0289 0x090c  MegaSR - ok
15:46:07.0336 0x090c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:46:07.0352 0x090c  Microsoft Office Groove Audit Service - ok
15:46:07.0399 0x090c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:46:07.0399 0x090c  MMCSS - ok
15:46:07.0414 0x090c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:46:07.0414 0x090c  Modem - ok
15:46:07.0445 0x090c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:46:07.0445 0x090c  monitor - ok
15:46:07.0477 0x090c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:46:07.0477 0x090c  mouclass - ok
15:46:07.0508 0x090c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:46:07.0508 0x090c  mouhid - ok
15:46:07.0539 0x090c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:46:07.0539 0x090c  mountmgr - ok
15:46:07.0586 0x090c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:46:07.0586 0x090c  MozillaMaintenance - ok
15:46:07.0601 0x090c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:46:07.0617 0x090c  mpio - ok
15:46:07.0648 0x090c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:46:07.0648 0x090c  mpsdrv - ok
15:46:07.0695 0x090c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:46:07.0711 0x090c  MpsSvc - ok
15:46:07.0742 0x090c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:46:07.0742 0x090c  MRxDAV - ok
15:46:07.0773 0x090c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:46:07.0773 0x090c  mrxsmb - ok
15:46:07.0804 0x090c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:46:07.0804 0x090c  mrxsmb10 - ok
15:46:07.0820 0x090c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:46:07.0835 0x090c  mrxsmb20 - ok
15:46:07.0867 0x090c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:46:07.0867 0x090c  msahci - ok
15:46:07.0882 0x090c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:46:07.0882 0x090c  msdsm - ok
15:46:07.0913 0x090c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:46:07.0913 0x090c  MSDTC - ok
15:46:07.0945 0x090c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:46:07.0945 0x090c  Msfs - ok
15:46:07.0960 0x090c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:46:07.0960 0x090c  mshidkmdf - ok
15:46:07.0976 0x090c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:46:07.0976 0x090c  msisadrv - ok
15:46:08.0007 0x090c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:46:08.0007 0x090c  MSiSCSI - ok
15:46:08.0023 0x090c  msiserver - ok
15:46:08.0038 0x090c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:46:08.0038 0x090c  MSKSSRV - ok
15:46:08.0054 0x090c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:46:08.0054 0x090c  MSPCLOCK - ok
15:46:08.0069 0x090c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:46:08.0069 0x090c  MSPQM - ok
15:46:08.0101 0x090c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:46:08.0116 0x090c  MsRPC - ok
15:46:08.0132 0x090c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:46:08.0147 0x090c  mssmbios - ok
15:46:08.0147 0x090c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:46:08.0147 0x090c  MSTEE - ok
15:46:08.0163 0x090c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:46:08.0163 0x090c  MTConfig - ok
15:46:08.0179 0x090c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:46:08.0179 0x090c  Mup - ok
15:46:08.0210 0x090c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:46:08.0225 0x090c  napagent - ok
15:46:08.0257 0x090c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:46:08.0272 0x090c  NativeWifiP - ok
15:46:08.0319 0x090c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:46:08.0335 0x090c  NDIS - ok
15:46:08.0366 0x090c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:46:08.0366 0x090c  NdisCap - ok
15:46:08.0381 0x090c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:46:08.0381 0x090c  NdisTapi - ok
15:46:08.0413 0x090c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:46:08.0413 0x090c  Ndisuio - ok
15:46:08.0444 0x090c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:46:08.0444 0x090c  NdisWan - ok
15:46:08.0459 0x090c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:46:08.0459 0x090c  NDProxy - ok
15:46:08.0475 0x090c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:46:08.0475 0x090c  NetBIOS - ok
15:46:08.0491 0x090c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:46:08.0506 0x090c  NetBT - ok
15:46:08.0506 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:46:08.0522 0x090c  Netlogon - ok
15:46:08.0537 0x090c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:46:08.0553 0x090c  Netman - ok
15:46:08.0584 0x090c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:08.0584 0x090c  NetMsmqActivator - ok
15:46:08.0615 0x090c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:08.0631 0x090c  NetPipeActivator - ok
15:46:08.0678 0x090c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:46:08.0678 0x090c  netprofm - ok
15:46:08.0693 0x090c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:08.0693 0x090c  NetTcpActivator - ok
15:46:08.0709 0x090c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:08.0709 0x090c  NetTcpPortSharing - ok
15:46:08.0740 0x090c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:46:08.0740 0x090c  nfrd960 - ok
15:46:08.0787 0x090c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:46:08.0787 0x090c  NlaSvc - ok
15:46:08.0803 0x090c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:46:08.0818 0x090c  Npfs - ok
15:46:08.0834 0x090c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:46:08.0834 0x090c  nsi - ok
15:46:08.0849 0x090c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:46:08.0849 0x090c  nsiproxy - ok
15:46:08.0927 0x090c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:46:08.0990 0x090c  Ntfs - ok
15:46:09.0005 0x090c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:46:09.0005 0x090c  Null - ok
15:46:09.0037 0x090c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:46:09.0037 0x090c  nvraid - ok
15:46:09.0052 0x090c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:46:09.0068 0x090c  nvstor - ok
15:46:09.0099 0x090c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:46:09.0099 0x090c  nv_agp - ok
15:46:09.0161 0x090c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:46:09.0177 0x090c  odserv - ok
15:46:09.0193 0x090c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:46:09.0193 0x090c  ohci1394 - ok
15:46:09.0239 0x090c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:46:09.0239 0x090c  ose - ok
15:46:09.0302 0x090c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:46:09.0317 0x090c  p2pimsvc - ok
15:46:09.0349 0x090c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:46:09.0364 0x090c  p2psvc - ok
15:46:09.0395 0x090c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:46:09.0395 0x090c  Parport - ok
15:46:09.0427 0x090c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:46:09.0427 0x090c  partmgr - ok
15:46:09.0473 0x090c  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:46:09.0473 0x090c  PcaSvc - ok
15:46:09.0505 0x090c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:46:09.0505 0x090c  pci - ok
15:46:09.0536 0x090c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:46:09.0536 0x090c  pciide - ok
15:46:09.0551 0x090c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:46:09.0567 0x090c  pcmcia - ok
15:46:09.0583 0x090c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:46:09.0583 0x090c  pcw - ok
15:46:09.0614 0x090c  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:46:09.0629 0x090c  PEAUTH - ok
15:46:09.0692 0x090c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:46:09.0692 0x090c  PerfHost - ok
15:46:09.0754 0x090c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:46:09.0785 0x090c  pla - ok
15:46:09.0832 0x090c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:46:09.0832 0x090c  PlugPlay - ok
15:46:09.0848 0x090c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:46:09.0848 0x090c  PNRPAutoReg - ok
15:46:09.0879 0x090c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:46:09.0879 0x090c  PNRPsvc - ok
15:46:09.0910 0x090c  [ B8D8EC78B0F9ED8E220506181274F3D3, D920277EE66AAAB6D66BF328DD5A40DDD8382BF4F331EAB398069EDB842FF18E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
15:46:09.0910 0x090c  Point64 - ok
15:46:09.0941 0x090c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:46:09.0941 0x090c  PolicyAgent - ok
15:46:09.0988 0x090c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:46:09.0988 0x090c  Power - ok
15:46:10.0019 0x090c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:46:10.0019 0x090c  PptpMiniport - ok
15:46:10.0051 0x090c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:46:10.0051 0x090c  Processor - ok
15:46:10.0082 0x090c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:46:10.0097 0x090c  ProfSvc - ok
15:46:10.0129 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:46:10.0129 0x090c  ProtectedStorage - ok
15:46:10.0160 0x090c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:46:10.0160 0x090c  Psched - ok
15:46:10.0191 0x090c  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:46:10.0191 0x090c  PxHlpa64 - ok
15:46:10.0253 0x090c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:46:10.0285 0x090c  ql2300 - ok
15:46:10.0331 0x090c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:46:10.0331 0x090c  ql40xx - ok
15:46:10.0363 0x090c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:46:10.0363 0x090c  QWAVE - ok
15:46:10.0378 0x090c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:46:10.0378 0x090c  QWAVEdrv - ok
15:46:10.0394 0x090c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:46:10.0394 0x090c  RasAcd - ok
15:46:10.0425 0x090c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:46:10.0425 0x090c  RasAgileVpn - ok
15:46:10.0441 0x090c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:46:10.0441 0x090c  RasAuto - ok
15:46:10.0472 0x090c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:46:10.0487 0x090c  Rasl2tp - ok
15:46:10.0503 0x090c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:46:10.0519 0x090c  RasMan - ok
15:46:10.0534 0x090c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:46:10.0534 0x090c  RasPppoe - ok
15:46:10.0550 0x090c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:46:10.0550 0x090c  RasSstp - ok
15:46:10.0581 0x090c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:46:10.0581 0x090c  rdbss - ok
15:46:10.0597 0x090c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:46:10.0597 0x090c  rdpbus - ok
15:46:10.0612 0x090c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:46:10.0612 0x090c  RDPCDD - ok
15:46:10.0628 0x090c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:46:10.0628 0x090c  RDPENCDD - ok
15:46:10.0643 0x090c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:46:10.0643 0x090c  RDPREFMP - ok
15:46:10.0721 0x090c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:46:10.0721 0x090c  RdpVideoMiniport - ok
15:46:10.0768 0x090c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:46:10.0784 0x090c  RDPWD - ok
15:46:10.0831 0x090c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:46:10.0846 0x090c  rdyboost - ok
15:46:10.0893 0x090c  [ B2D01290C0E0465ACA54C2088E947823, 6FB6E6CFAF3F2F948B753A0CFF6F9058BF3ED0E421204EE58848F0DFD694A747 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:46:10.0893 0x090c  RealNetworks Downloader Resolver Service - ok
15:46:10.0924 0x090c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:46:10.0940 0x090c  RemoteAccess - ok
15:46:10.0955 0x090c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:46:10.0971 0x090c  RemoteRegistry - ok
15:46:10.0987 0x090c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:46:11.0002 0x090c  ROOTMODEM - ok
15:46:11.0018 0x090c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:46:11.0033 0x090c  RpcEptMapper - ok
15:46:11.0033 0x090c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:46:11.0033 0x090c  RpcLocator - ok
15:46:11.0080 0x090c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:46:11.0096 0x090c  RpcSs - ok
15:46:11.0111 0x090c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:46:11.0111 0x090c  rspndr - ok
15:46:11.0143 0x090c  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:46:11.0143 0x090c  RTHDMIAzAudService - ok
15:46:11.0189 0x090c  [ 0039DE6A0A1293889A3F21ECC473263D, 43B5049BFF9CFB5AF8E842E8B6C10B848B9636CFC15B3464E296CF3B717AC8AA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:46:11.0189 0x090c  RTL8167 - ok
15:46:11.0205 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:46:11.0221 0x090c  SamSs - ok
15:46:11.0252 0x090c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:46:11.0252 0x090c  sbp2port - ok
15:46:11.0283 0x090c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:46:11.0283 0x090c  SCardSvr - ok
15:46:11.0314 0x090c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:46:11.0314 0x090c  scfilter - ok
15:46:11.0361 0x090c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:46:11.0377 0x090c  Schedule - ok
15:46:11.0408 0x090c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:46:11.0408 0x090c  SCPolicySvc - ok
15:46:11.0439 0x090c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:46:11.0439 0x090c  SDRSVC - ok
15:46:11.0611 0x090c  [ 11D94599270AA1603F75CB5ACBBD266F, 950746109BD7AA5BCF2F4320F40CFD268B34CB3DBE6073616B75A5254FE00469 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:46:11.0657 0x090c  SDScannerService - ok
15:46:11.0751 0x090c  [ D91D8344E73283999777083BF17D54E2, 018F500DD49A192617E57998A2E9833C5C9EB72A2B186AF25B5CB91329B1E267 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:46:11.0798 0x090c  SDUpdateService - ok
15:46:11.0813 0x090c  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:46:11.0829 0x090c  SDWSCService - ok
15:46:11.0845 0x090c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:46:11.0860 0x090c  secdrv - ok
15:46:11.0891 0x090c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:46:11.0891 0x090c  seclogon - ok
15:46:11.0907 0x090c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:46:11.0923 0x090c  SENS - ok
15:46:11.0938 0x090c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:46:11.0938 0x090c  SensrSvc - ok
15:46:11.0969 0x090c  [ 9F6490423AC3271E84A90A0DD9D30A3B, 7F8559B06A2E8FC35F71A099F320A87BB90FC9783133C19F49046F06ECBC9605 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
15:46:11.0969 0x090c  Ser2pl - ok
15:46:12.0001 0x090c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:46:12.0001 0x090c  Serenum - ok
15:46:12.0001 0x090c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:46:12.0016 0x090c  Serial - ok
15:46:12.0032 0x090c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:46:12.0032 0x090c  sermouse - ok
15:46:12.0063 0x090c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:46:12.0063 0x090c  SessionEnv - ok
15:46:12.0094 0x090c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:46:12.0094 0x090c  sffdisk - ok
15:46:12.0110 0x090c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:46:12.0110 0x090c  sffp_mmc - ok
15:46:12.0125 0x090c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:46:12.0125 0x090c  sffp_sd - ok
15:46:12.0141 0x090c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:46:12.0141 0x090c  sfloppy - ok
15:46:12.0188 0x090c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:46:12.0188 0x090c  SharedAccess - ok
15:46:12.0219 0x090c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:46:12.0235 0x090c  ShellHWDetection - ok
15:46:12.0250 0x090c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:46:12.0250 0x090c  SiSRaid2 - ok
15:46:12.0266 0x090c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:46:12.0266 0x090c  SiSRaid4 - ok
15:46:12.0344 0x090c  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:46:12.0359 0x090c  SkypeUpdate - ok
15:46:12.0391 0x090c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:46:12.0406 0x090c  Smb - ok
15:46:12.0437 0x090c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:46:12.0437 0x090c  SNMPTRAP - ok
15:46:12.0453 0x090c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:46:12.0453 0x090c  spldr - ok
15:46:12.0500 0x090c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:46:12.0515 0x090c  Spooler - ok
15:46:12.0640 0x090c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:46:12.0734 0x090c  sppsvc - ok
15:46:12.0749 0x090c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:46:12.0749 0x090c  sppuinotify - ok
15:46:12.0796 0x090c  [ B9413B99DBB704E0F5824775A1118CC7, 75AAA548705764ECFB7A0C96E691AF80DBB824DC2BA8D356D8D157E6768F14C9 ] Spyder2         C:\Windows\system32\DRIVERS\Spyder2.sys
15:46:12.0796 0x090c  Spyder2 - ok
15:46:12.0843 0x090c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:46:12.0843 0x090c  srv - ok
15:46:12.0874 0x090c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:46:12.0890 0x090c  srv2 - ok
15:46:12.0905 0x090c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:46:12.0905 0x090c  srvnet - ok
15:46:12.0937 0x090c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:46:12.0952 0x090c  SSDPSRV - ok
15:46:12.0952 0x090c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:46:12.0968 0x090c  SstpSvc - ok
15:46:12.0983 0x090c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:46:12.0983 0x090c  stexstor - ok
15:46:13.0015 0x090c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:46:13.0030 0x090c  stisvc - ok
15:46:13.0061 0x090c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:46:13.0061 0x090c  swenum - ok
15:46:13.0093 0x090c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:46:13.0108 0x090c  swprv - ok
15:46:13.0171 0x090c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:46:13.0217 0x090c  SysMain - ok
15:46:13.0233 0x090c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:46:13.0233 0x090c  TabletInputService - ok
15:46:13.0249 0x090c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:46:13.0264 0x090c  TapiSrv - ok
15:46:13.0280 0x090c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:46:13.0280 0x090c  TBS - ok
15:46:13.0420 0x090c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:46:13.0467 0x090c  Tcpip - ok
15:46:13.0529 0x090c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:46:13.0576 0x090c  TCPIP6 - ok
15:46:13.0607 0x090c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:46:13.0607 0x090c  tcpipreg - ok
15:46:13.0623 0x090c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:46:13.0623 0x090c  TDPIPE - ok
15:46:13.0654 0x090c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:46:13.0654 0x090c  TDTCP - ok
15:46:13.0685 0x090c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:46:13.0685 0x090c  tdx - ok
15:46:13.0717 0x090c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:46:13.0717 0x090c  TermDD - ok
15:46:13.0779 0x090c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:46:13.0795 0x090c  TermService - ok
15:46:13.0810 0x090c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:46:13.0810 0x090c  Themes - ok
15:46:13.0841 0x090c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:46:13.0841 0x090c  THREADORDER - ok
15:46:13.0857 0x090c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:46:13.0857 0x090c  TrkWks - ok
15:46:13.0904 0x090c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:46:13.0919 0x090c  TrustedInstaller - ok
15:46:13.0966 0x090c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:46:13.0966 0x090c  tssecsrv - ok
15:46:13.0997 0x090c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:46:14.0013 0x090c  TsUsbFlt - ok
15:46:14.0044 0x090c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:46:14.0060 0x090c  tunnel - ok
15:46:14.0091 0x090c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:46:14.0091 0x090c  uagp35 - ok
15:46:14.0122 0x090c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:46:14.0138 0x090c  udfs - ok
15:46:14.0169 0x090c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:46:14.0169 0x090c  UI0Detect - ok
15:46:14.0200 0x090c  [ EF07F8743762F327D5326F2E3392E816, B55F66E83445B2BBFE98115C407D450872F2FB88028E059AF5CE9297DC513467 ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys
15:46:14.0200 0x090c  UimBus - ok
15:46:14.0231 0x090c  [ E97A8698A87586029F0CE950AEA506C1, C5F27C59EC01DACDDF8D039B73E124F4D52281E76EF1A3623A781FF505E5DFB3 ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys
15:46:14.0247 0x090c  Uim_IM - ok
15:46:14.0263 0x090c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:46:14.0263 0x090c  uliagpkx - ok
15:46:14.0294 0x090c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:46:14.0294 0x090c  umbus - ok
15:46:14.0309 0x090c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:46:14.0325 0x090c  UmPass - ok
15:46:14.0419 0x090c  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:46:14.0419 0x090c  UnlockerDriver5 - ok
15:46:14.0465 0x090c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:46:14.0497 0x090c  upnphost - ok
15:46:14.0528 0x090c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:46:14.0528 0x090c  USBAAPL64 - ok
15:46:14.0575 0x090c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:46:14.0575 0x090c  usbaudio - ok
15:46:14.0606 0x090c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:46:14.0606 0x090c  usbccgp - ok
15:46:14.0637 0x090c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:46:14.0637 0x090c  usbcir - ok
15:46:14.0668 0x090c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:46:14.0668 0x090c  usbehci - ok
15:46:14.0684 0x090c  [ 6648C6D7323A2CE0C4776C36CEFBCB14, 31DB869351BF3673284721B0D37FC1FC5D858829C7B19B563E3A9C3082D14631 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:46:14.0699 0x090c  usbfilter - ok
15:46:14.0731 0x090c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:46:14.0731 0x090c  usbhub - ok
15:46:14.0762 0x090c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:46:14.0762 0x090c  usbohci - ok
15:46:14.0793 0x090c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:46:14.0793 0x090c  usbprint - ok
15:46:14.0824 0x090c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:46:14.0824 0x090c  usbscan - ok
15:46:14.0855 0x090c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:46:14.0855 0x090c  USBSTOR - ok
15:46:14.0871 0x090c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:46:14.0871 0x090c  usbuhci - ok
15:46:14.0902 0x090c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:46:14.0902 0x090c  usbvideo - ok
15:46:14.0933 0x090c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:46:14.0933 0x090c  UxSms - ok
15:46:14.0949 0x090c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:46:14.0949 0x090c  VaultSvc - ok
15:46:14.0980 0x090c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:46:14.0980 0x090c  vdrvroot - ok
15:46:15.0043 0x090c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:46:15.0043 0x090c  vds - ok
15:46:15.0074 0x090c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:46:15.0074 0x090c  vga - ok
15:46:15.0089 0x090c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:46:15.0089 0x090c  VgaSave - ok
15:46:15.0121 0x090c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:46:15.0121 0x090c  vhdmp - ok
15:46:15.0152 0x090c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:46:15.0152 0x090c  viaide - ok
15:46:15.0214 0x090c  [ DE96EF88C1EB0CE2FE68BEC3DF1BCAAA, 4CE64B2EDFE8332F5ABDB8AD8D697947B449E93D7BF0092154C2497BDF6E42EE ] VMUVC           C:\Windows\system32\Drivers\VMUVC.sys
15:46:15.0230 0x090c  VMUVC - ok
15:46:15.0261 0x090c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:46:15.0261 0x090c  volmgr - ok
15:46:15.0308 0x090c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:46:15.0308 0x090c  volmgrx - ok
15:46:15.0339 0x090c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:46:15.0339 0x090c  volsnap - ok
15:46:15.0370 0x090c  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
15:46:15.0370 0x090c  vpcbus - ok
15:46:15.0401 0x090c  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:46:15.0401 0x090c  vpcnfltr - ok
15:46:15.0417 0x090c  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
15:46:15.0417 0x090c  vpcusb - ok
15:46:15.0464 0x090c  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
15:46:15.0479 0x090c  vpcvmm - ok
15:46:15.0511 0x090c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:46:15.0526 0x090c  vsmraid - ok
15:46:15.0573 0x090c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:46:15.0604 0x090c  VSS - ok
15:46:15.0635 0x090c  [ 9D9FE9E24F03AD87324245F516BEDAE5, 0C9E9A8FFF8A2F29433DD6A17B8DA284E134F300F928BF45F5713E97E283D33B ] vvftUVC         C:\Windows\system32\drivers\vvftUVC.sys
15:46:15.0651 0x090c  vvftUVC - ok
15:46:15.0667 0x090c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:46:15.0667 0x090c  vwifibus - ok
15:46:15.0698 0x090c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:46:15.0713 0x090c  W32Time - ok
15:46:15.0729 0x090c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:46:15.0729 0x090c  WacomPen - ok
15:46:15.0760 0x090c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:46:15.0760 0x090c  WANARP - ok
15:46:15.0776 0x090c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:46:15.0776 0x090c  Wanarpv6 - ok
15:46:15.0854 0x090c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:46:15.0869 0x090c  WatAdminSvc - ok
15:46:15.0947 0x090c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:46:15.0979 0x090c  wbengine - ok
15:46:15.0994 0x090c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:46:16.0010 0x090c  WbioSrvc - ok
15:46:16.0041 0x090c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:46:16.0057 0x090c  wcncsvc - ok
15:46:16.0057 0x090c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:46:16.0072 0x090c  WcsPlugInService - ok
15:46:16.0103 0x090c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:46:16.0103 0x090c  Wd - ok
15:46:16.0135 0x090c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:46:16.0150 0x090c  Wdf01000 - ok
15:46:16.0181 0x090c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:46:16.0181 0x090c  WdiServiceHost - ok
15:46:16.0181 0x090c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:46:16.0197 0x090c  WdiSystemHost - ok
15:46:16.0213 0x090c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:46:16.0213 0x090c  WebClient - ok
15:46:16.0228 0x090c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:46:16.0244 0x090c  Wecsvc - ok
15:46:16.0259 0x090c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:46:16.0259 0x090c  wercplsupport - ok
15:46:16.0275 0x090c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:46:16.0291 0x090c  WerSvc - ok
15:46:16.0291 0x090c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:46:16.0291 0x090c  WfpLwf - ok
15:46:16.0322 0x090c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:46:16.0322 0x090c  WIMMount - ok
15:46:16.0353 0x090c  WinHttpAutoProxySvc - ok
15:46:16.0415 0x090c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:46:16.0431 0x090c  Winmgmt - ok
15:46:16.0540 0x090c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:46:16.0587 0x090c  WinRM - ok
15:46:16.0634 0x090c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:46:16.0634 0x090c  WinUsb - ok
15:46:16.0696 0x090c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:46:16.0712 0x090c  Wlansvc - ok
15:46:16.0727 0x090c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:46:16.0727 0x090c  WmiAcpi - ok
15:46:16.0759 0x090c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:46:16.0774 0x090c  wmiApSrv - ok
15:46:16.0774 0x090c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:46:16.0790 0x090c  WPCSvc - ok
15:46:16.0805 0x090c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:46:16.0805 0x090c  WPDBusEnum - ok
15:46:16.0837 0x090c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:46:16.0837 0x090c  ws2ifsl - ok
15:46:16.0837 0x090c  WSearch - ok
15:46:16.0930 0x090c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:46:16.0993 0x090c  wuauserv - ok
15:46:17.0024 0x090c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:46:17.0024 0x090c  WudfPf - ok
15:46:17.0055 0x090c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:17.0055 0x090c  WUDFRd - ok
15:46:17.0071 0x090c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:46:17.0086 0x090c  wudfsvc - ok
15:46:17.0102 0x090c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:46:17.0117 0x090c  WwanSvc - ok
15:46:17.0133 0x090c  ================ Scan global ===============================
15:46:17.0149 0x090c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:46:17.0180 0x090c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:17.0195 0x090c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:17.0227 0x090c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:46:17.0258 0x090c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:46:17.0258 0x090c  [ Global ] - ok
15:46:17.0258 0x090c  ================ Scan MBR ==================================
15:46:17.0273 0x090c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:46:17.0882 0x090c  \Device\Harddisk0\DR0 - ok
15:46:17.0882 0x090c  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR5
15:46:17.0882 0x090c  \Device\Harddisk1\DR5 - ok
15:46:17.0882 0x090c  ================ Scan VBR ==================================
15:46:17.0897 0x090c  [ B053CF6DEB82B543CC0F3AE391D85586 ] \Device\Harddisk0\DR0\Partition1
15:46:17.0960 0x090c  \Device\Harddisk0\DR0\Partition1 - ok
15:46:17.0960 0x090c  [ 7B091F5AFC07C8EA34CB10BBF86D8FCF ] \Device\Harddisk1\DR5\Partition1
15:46:17.0975 0x090c  \Device\Harddisk1\DR5\Partition1 - ok
15:46:17.0975 0x090c  ================ Scan generic autorun ======================
15:46:18.0038 0x090c  [ ACA142E3E26D1780A283A7BC0F8C1146, A459998290271D5ACE51D623C6E88FBA226D88D1C0FA905535F6203046D8330B ] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
15:46:18.0069 0x090c  WinPatrol - ok
15:46:18.0100 0x090c  [ 223A96BAC91792E1A954BFEB49FBE02C, 56582B1E48EB9AAE8C3AA0BCFB3B8DCBBA6AE26138BBE801DA2404A527DF5636 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
15:46:18.0116 0x090c  LogMeIn GUI - ok
15:46:18.0209 0x090c  [ DC2755EB981280C312E7BE5EE8CF5D62, 4E52976235B1D2E756235F988709D84E9D83D60927138376BDE1405902997997 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
15:46:18.0256 0x090c  IntelliPoint - ok
15:46:18.0303 0x090c  [ B564816DFDF049D256D519827DA08DD8, B0FDD843D0214A6CA5AE65E8232E6993FBE3A161B57CEB0F03FCA2166B060D3C ] C:\PROGRA~1\Eraser\Eraser.exe
15:46:18.0319 0x090c  Eraser - ok
15:46:18.0662 0x090c  [ C377850E1A064788BDCF81AA484E6F50, 261BEBEBCDDB19F307EF7ABD23DC4E3048872025C806777942B66D1C03C6D085 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:46:18.0911 0x090c  RtHDVCpl - ok
15:46:19.0005 0x090c  [ DB29633B71298F68EEB4B232F3829086, A057E7607BA4E2980FB0904AFA6CBDC3E04D791AF54305AAFFA368E4425FC607 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:46:19.0036 0x090c  StartCCC - ok
15:46:19.0099 0x090c  [ A5CFA515A0D2D1D7F6CBFFEEDC09E5D1, 5F157C4198BC1759587AC173553F3E7574459B01E47D42E1AA9D134428D9B20C ] C:\Program Files (x86)\BOINC\boinctray.exe
15:46:19.0099 0x090c  boinctray - ok
15:46:19.0286 0x090c  [ 1311D5FA48CBEA22C2FE00F9852AB6CF, BF5ECDC060CE470884AC1E0105533A11F26592419C6A2F25A56BD7F4B69A89DE ] C:\Program Files (x86)\BOINC\boincmgr.exe
15:46:19.0395 0x090c  boincmgr - ok
15:46:19.0457 0x090c  [ 1E9B225DE829A6F666A0BA9B8A7984BF, 89D1222D72E23D21E6388B068CE7C415A9857ABB37D7A3AAD549B949A87E61FC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:46:19.0473 0x090c  avgnt - ok
15:46:19.0473 0x090c  AMD AVT - ok
15:46:19.0535 0x090c  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:46:19.0535 0x090c  QuickTime Task - ok
15:46:19.0629 0x090c  [ 225518F190EDBC37CA32197A3E94B498, 9208BDEFCF6DC18291C74C147DC17061FC8C040E068D4D4020E8E2AE64CF99BB ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
15:46:19.0645 0x090c  TkBellExe - ok
15:46:19.0723 0x090c  [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:46:19.0723 0x090c  SunJavaUpdateSched - ok
15:46:19.0769 0x090c  {8d11c929-ccb6-4e61-94d5-d5ce4e8184e9} - ok
15:46:19.0769 0x090c  {6f261763-2698-889c-0bcf-b017aab5bf1d} - ok
15:46:19.0879 0x090c  Dumaucwuopm - ok
15:46:19.0910 0x090c  [ ACA142E3E26D1780A283A7BC0F8C1146, A459998290271D5ACE51D623C6E88FBA226D88D1C0FA905535F6203046D8330B ] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe
15:46:19.0910 0x090c  WinPatrol - ok
15:46:19.0972 0x090c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:20.0003 0x090c  Sidebar - ok
15:46:20.0035 0x090c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:46:20.0035 0x090c  mctadmin - ok
15:46:20.0081 0x090c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:20.0097 0x090c  Sidebar - ok
15:46:20.0113 0x090c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:46:20.0113 0x090c  mctadmin - ok
15:46:20.0128 0x090c  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe
15:46:20.0128 0x090c  AgentUpdate - ok
15:46:20.0144 0x090c  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe
15:46:20.0159 0x090c  CryptoUpdate - ok
15:46:20.0159 0x090c  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe
15:46:20.0159 0x090c  CryptoUpdate - ok
15:46:20.0159 0x090c  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe
15:46:20.0175 0x090c  AgentUpdate - ok
15:46:20.0206 0x090c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:46:20.0237 0x090c  Sidebar - ok
15:46:20.0471 0x090c  [ 13F025617EC85FBB80F20743483C2AF0, 25638586C707E1CD71B80B64AB3D7ABB8EA814816FFD19A5DB30B9B79FE27F87 ] C:\Program Files (x86)\ClipMate7\ClipMate.exe
15:46:20.0612 0x090c  ClipMate7 - ok
15:46:20.0659 0x090c  Skype - ok
15:46:20.0768 0x090c  [ C02FB37D6AE18AED6CFD0F3ADAF84D6F, E4A4AE6D2F7762DD8714A4F874CEEE374298BA97C1926D9249B0F24A3D8B231D ] C:\Program Files (x86)\Cookienator\cookienator.exe
15:46:20.0815 0x090c  Cookienator - ok
15:46:20.0830 0x090c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:46:20.0830 0x090c  mctadmin - ok
15:46:20.0893 0x090c  FlashPlayerUpdate - ok
15:46:20.0908 0x090c  Win FW state via NFP2: disabled
15:46:20.0908 0x090c  ============================================================
15:46:20.0908 0x090c  Scan finished
15:46:20.0908 0x090c  ============================================================
15:46:20.0924 0x05e8  Detected object count: 0
15:46:20.0924 0x05e8  Actual detected object count: 0
15:48:34.0522 0x0fc0  Deinitialize success

 

 

Your instructions asked for AdwCleaner[R0].txt which is the before log.  Here is the after:

 

 

# AdwCleaner v4.102 - Report created 27/11/2014 at 13:32:21
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - RED
# Running from : E:\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\Program Files\Video Converter

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17148


-\\ Mozilla Firefox v30.0 (en-US)


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [2511 octets] - [27/11/2014 13:24:44]
AdwCleaner[S0].txt - [2449 octets] - [27/11/2014 13:32:21]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [2509 octets] ##########
 

 

TDSS Found nothing


Edited by i_am_jim, 27 November 2014 - 05:05 PM.


#7 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 28 November 2014 - 06:26 AM

Repeat...you need to run the Eset scan. If you refuse to do that, you have the option of posting a new topic in the malware removal forum.

That forum is very busy and backed up....could be several days before you receive a reply.

You will first need to make a DDS log by following the instruction #6 here: Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help - Virus, Trojan, Spyware, and Malware Removal Logs

 

Post the DDS log along with a description of the problem here: Virus, Trojan, Spyware, and Malware Removal Logs Forum - BleepingComputer.com

Once you have posted the new topic, do not bump it....wait for a response.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#8 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 28 November 2014 - 09:05 AM

I'm going to do that one now, I just wanted to do everything else you thought might work first



#9 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 28 November 2014 - 11:49 AM

Report from ESET:

 

C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc114.htm    HTML/TrojanDownloader.Agent.NBU.Gen trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc115.htm    HTML/TrojanDownloader.Agent.NBU.Gen trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc123.htm    HTML/TrojanDownloader.Agent.NBV.Gen trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc80.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc86.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc87.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc88.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc89.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc90.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc91.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc92.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\RECYCLER\S-1-5-21-725345543-287218729-1801674531-1003\Dc96.htm    HTML/TrojanDownloader.Agent.NBR trojan
C:\Users\Mark\AppData\Local\Temp\7F618E5C-BAB0-7891-8B29-3B0330190CEC\Latest\IEHelper.dll    Win32/Toolbar.Babylon.E potentially unwanted application
C:\Users\Mark\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Unlocker Packages\uninstaller.exe    Win32/InstallCore.PC potentially unwanted application
C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\kd18d4pp.default\extensions\{4BED1D84-E4FB-2279-EC84-E199C6A3EF28}\components\UIAnimationManager.js    Win32/Boaxxe.BU trojan
C:\Users\Mark\Downloads\ARO2011_tbt.exe    a variant of Win32/Systweak potentially unwanted application
C:\Windows\Installer\{480FDE2A-2933-4457-B0CE-ADBD4E5A69C9}\msiexec.exe    Win32/TrojanDownloader.Delf.AXF trojan
C:\Windows\Installer\{D023B328-0010-4702-AEF2-242667A79C2E}\msiexec.exe    Win32/TrojanDownloader.Delf.AXF trojan

 



#10 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 28 November 2014 - 12:27 PM

It doesn't appear it removed the things it listed.  I wondered about that because it switched to an advertisement for the program without saying it did anything.  When I look I find files it listed still on the computer.



#11 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 28 November 2014 - 12:36 PM

Eset found several trojans. Did you follow the instructions and have you rebooted?

If not, rerun Eset and make sure you have done this:

  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 28 November 2014 - 04:42 PM

When it rescanned it found all of the ones it found before.  And, when it closed it was instantaneous and didn't require a reboot but it seems like it removed them this time.

 

Incidentally, it takes two hours to run.  I'm running it again and this time it's not finding anything, but it's not finished either.


Edited by i_am_jim, 28 November 2014 - 04:43 PM.


#13 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 28 November 2014 - 07:12 PM

Good...making progress...

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

 

CCleaner's Tools will allow you to copy and paste the programs installed on your computer, the programs included in Windows Startup, browser startups

and Tasks. Open CCleaner and click on Tools. Choose Uninstall. At the bottom of that page you will see a button when clicked will allow you

to copy and paste the list of installed programs in your next reply.

Click on Tools and Choose Startups. Copy and paste that list which Windows Startups. Then at the top of the page click on each browser and Tasks

and copy and paste those items in your next reply.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#14 i_am_jim

i_am_jim
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 30 November 2014 - 01:08 PM

Sorry.  I thought we'd done the last step. Things are looking pretty good right  now but I still get behaviour that suggest the machine isn't clean.  I hope to do your latest suggestions later today.



#15 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:45 PM

Posted 30 November 2014 - 01:34 PM

We'll keep a light on for you...:).....would help if you could be more specific about the 'behaviour'. But that can wait until I get the

lists and see the Security Check log.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users