Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Infection


  • Please log in to reply
13 replies to this topic

#1 ltix86

ltix86

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 30 November 2014 - 01:08 PM

Hello Everybody,

i'm afraid i got am infection, but i'm not sure which type.

I am running windows 8.1 and i'm not able to post a dds.

What should i do? Can anybody help me?

Thanks,

Luca



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 30 November 2014 - 01:45 PM

Try downloading and using Rkill first. If you are unable to download it, you will need to use another computer and transfer

Rkill using a medium such as a flash drive.

Once you have successfully scanned with Rkill....DO NOT reboot. Go on to the next scan using MBAM.

 RKill Download (read what it does)

 

 

Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR REVIEW.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

Edited by buddy215, 30 November 2014 - 01:46 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 01 December 2014 - 03:56 PM

Thanks, here are the logs:

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/01/2014 02:01:46 PM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\LucaTixi\AppData\Local\Temp\Install_8668\ytd.exe (PID: 3548) [T-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\apppatch\nbin => C:\PROGRA~2\SearchProtect\SearchProtect\bin [Dir]

Checking Windows Service Integrity:

 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * HdAudAddService [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/01/2014 02:04:08 PM
Execution time: 0 hours(s), 2 minute(s), and 22 seconds(s)
 

 

 

 

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 01/12/2014
Scan Time: 14.11.46
Logfile: mba log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.12.01.02
Rootkit Database: v2014.11.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: LucaTixi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 423593
Time Elapsed: 1 hr, 1 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.Goobzo, C:\Users\LucaTixi\AppData\Local\Installer\Installytd_41\DC1AB5RN511.exe, 6268, , [17d72819e19b181ef5bade6bbd4819e7]

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [42ac70d13f3dca6c93b5cfec9b697c84],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [8965c180cbb19b9b3b0c6b50c0448e72],

Registry Values: 1
PUP.Optional.QuickStart.A, HKU\S-1-5-21-565506067-3698530459-4260336734-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, , [56988fb2700c60d67b4785da40c3e719]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\defaults, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\defaults\preferences, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\userCode, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\locale, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\locale\en-US, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin, , [fef07ec32c501125f8e3082704ff49b7],

Files: 124
PUP.Optional.Goobzo, C:\Users\LucaTixi\AppData\Local\Installer\Installytd_41\DC1AB5RN511.exe, , [17d72819e19b181ef5bade6bbd4819e7],
PUP.Optional.Nova.A, C:\Program Files (x86)\7-Zip\a3496dd5-86d3-45dc-a508-f46565a6840b.dll, , [20ce93ae285468ce3d3bde09b74aae52],
PUP.Optional.Nova.A, C:\Program Files (x86)\84e33d6c-7127-49a2-8785-41eb2fe6ae65\73cfc6ba-a68e-428c-9bc9-76f8e0a98103.dll, , [b638df621b612511b9bf7c6b5da4a060],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Local\Temp\Install_300\geforce.exe, , [a648d869a1db8fa71f32d20a649d619f],
PUP.Optional.Goobzo, C:\Users\LucaTixi\AppData\Local\Installer\Installgeforce_32534\DC1AB5RN511.exe, , [5896d968ec90fc3a7b345eebc144c33d],
PUP.Optional.SearchProtect, C:\Windows\apppatch\apppatch64\VCLdr64.dll, , [9f4f54edbdbfcf67829c98583fc2936d],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\c9c343be-ec49-4b17-94fb-4d25bdf51533-11.job, , [2bc39fa2df9d5dd953632691659f03fd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\c9c343be-ec49-4b17-94fb-4d25bdf51533-5_user.job, , [04eab78a92ea999df9bd486fb74d9e62],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [c32b7fc2b1cb270f76566b4cfc083ac6],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [608ea9986a12f73f725c96216a9a3ac6],
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [33bb80c12a5266d055f6cfec92720cf4],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome.manifest, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\install.rdf, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\01a90b695a0bd7de4ca31ad33c7b520e.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\1bdd043fe2167f63f984325726554858.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\25dbeb8d5c99bcdf7eb2fec83c5c92d4.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\67ffac553805e50be434fd2341243b06.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\background.html, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\bf15d5731f37a4005042daa510b49de4.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\browser.xul, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\cc7c5e58fc6c4b7f309c35236e042d5f.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\dialog.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\ffCoreFilesIndex.txt, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\options.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\options.xul, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\search_dialog.xul, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\005e5783b54ca8c520ac5afba761c9a6.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\0207b2d813ef18181bfe10ffe04487a0.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\63868fb8254e077d6df93fc962bfe9f4.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\698b4e91ef44ab36a63e8c1b2a94f8c0.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\6ba8f857c73d4db925f74bf9a6a58213.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\8b5cc65d12f1122f8ed75ac19b8017b9.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\8b8ee350ee26f49c17e8fb9d578117ce.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\8bcb6ded4426302de23a1a9fbf028080.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\8ec8e7a1c5133ff61307ff793bfa3009.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\b83fb361bd1b0c8980c7832f769382fc.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\bf59de7ea0f15723f77b98fc5ad5ebfa.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\c64391d84f8be762c141102da9eab761.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\c7279015a5884f2eac02a8b38bf94a57.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\ccda64243b8269e32f67571e15bac4ff.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\d5b1f68357aa99ab9bd9cb704462f917.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\api\e4f189665fbe65c19c6d24cc8b183bfb.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\a3bdf40bb1718a0c1f510013a9571868.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\089e42666e757e8e6a03d26bf8c1039a.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\16aef2e41108140db2e42ca6f9e5c02f.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\1ac37d3c0d072d081f142b57879a146d.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\1cb63223a1262f141e24c43fcf9985a2.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\229901c5d3a77a7d35f3e9fbcf1cc64a.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\37ef44a89d044afbe50b23519e0b3249.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\3b03ff2dbdcbe0f40a54da8b493a4b1d.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\66405584ff3986680c1ed2ea75fe77a3.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\7fa0e918297020bc7c499387881166ce.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\8ce268caf2c32bd4a437bfe52b0adced.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\96b757b3186198203e41fc9aa2e02392.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\a9e4f24a643d7add0733ffca6bdb80c8.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\b73dd4af6b4a24181f338688c6411538.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\c5a586fa9e1ab3a103ef18c81fc1b6bc.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\c6e74e062bca45d6c8418a13c6a50871.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\c6e8f7f78dba36c9fced11e7268c1253.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\e15cf76d140ac6da784b685e5aca7f3f.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\e4812ceecf9ef5c3b0e14fce51572ab7.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\e7c55902f43b6be3260b834bb72ec244.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\chrome\content\core\installer.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\defaults\preferences\prefs.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\manifest.xml, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins.json, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\1.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\102.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\104.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\123.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\13.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\14.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\16.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\17.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\177.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\180.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\182.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\183.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\184.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\192.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\195.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\207.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\21.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\22.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\220.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\221.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\223.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\239.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\244.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\246.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\262.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\263.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\268.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\273.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\28.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\281.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\288.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\301.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\4.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\47.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\64.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\7.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\72.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\78.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\9.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\91.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\plugins\98.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\userCode\background.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\extensionData\userCode\extension.js, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\locale\en-US\translations.dtd, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\button1.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\button2.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\button3.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\button4.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\button5.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\crossrider_statusbar.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\icon128.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\icon16.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\icon24.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\icon48.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\panelarrow-up.png, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\popup.html, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\skin.css, , [fef07ec32c501125f8e3082704ff49b7],
PUP.Optional.CrossRider.A, C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com\skin\update.css, , [fef07ec32c501125f8e3082704ff49b7],

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Configuration Updater.exe.vir    MSIL/RunElevated.A potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir    MSIL/MyPCBackup.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll.vir    Win32/BubbleDock.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx.vir    Win32/BubbleDock.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir    a variant of Win32/Thinknice.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir    Win64/Thinknice.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir    a variant of Win32/Thinknice.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir    a variant of Win32/ELEX.AR potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir    Win32/Thinknice.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir    Win64/Thinknice.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir    Win32/Thinknice.C potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir    a variant of Win64/Thinknice.C potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir    a variant of Win32/Thinknice.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\00e1002c-7029-4aa8-96af-5a4f99b861b7-3.exe.vir    a variant of Win32/Toolbar.CrossRider.AK potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\00e1002c-7029-4aa8-96af-5a4f99b861b7-4.exe.vir    a variant of Win32/Toolbar.CrossRider.AK potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\51390.crx.vir    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\51390.xpi.vir    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll.vir    a variant of Win32/Toolbar.CrossRider.AF potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll.vir    a variant of Win64/Toolbar.Crossrider.J potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-buttonutil.dll.vir    a variant of Win32/Toolbar.CrossRider.BD potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-buttonutil.exe.vir    a variant of Win32/Toolbar.CrossRider.AA potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-buttonutil64.dll.vir    a variant of Win64/Toolbar.Crossrider.I potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-buttonutil64.exe.vir    a variant of Win64/Toolbar.Crossrider.H potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe.vir    a variant of Win32/Toolbar.CrossRider.AJ potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Uninstall.exe.vir    a variant of Win32/Toolbar.CrossRider.BP potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\utils.exe.vir    Win32/Packed.VMDetector.I potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn\1.26.41_0\extensionData\plugins\91.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Local\PriceMeter\pricemeterd.exe.vir    a variant of Win32/DealPly.Q potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Local\PriceMeter\PriceMeterUpdateVer.exe.vir    a variant of Win32/DealPly.S potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Local\PriceMeter\uninst.exe.vir    a variant of Win32/DealPly.Q potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Local\PriceMeter\TEMP\tmp.exe.vir    a variant of Win32/DealPly.Q potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\91.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Update.exe.vir    Win32/BubbleDock.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe.vir    a variant of Win32/BubbleDock.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe.vir    a variant of Win32/BubbleDock.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\PriceMeterUpdater\UpdateProc\UpdateTask.exe.vir    a variant of Win32/DealPly.S potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\SupTab\SupTab.dll.vir    a variant of Win32/Thinknice.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\LucaTixi\AppData\Roaming\VOPackage\Uninstall.exe.vir    Win32/VOPackage.AT potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\7-Zip\84e33d6c-7127-49a2-8785-41eb2fe6ae65.dll    a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\84e33d6c-7127-49a2-8785-41eb2fe6ae65\0684e57d-916f-4a19-b0d2-dbcff91dd102.dll    a variant of Win32/Toolbar.CrossRider.BM potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Local\Temp\avastBCLTMP\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com.zip    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Local\Temp\Install_20569\ytd.exe    a variant of Win32/SBWatchman.D potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Local\Temp\Install_28492\ytd.exe    a variant of Win32/SBWatchman.D potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Local\Temp\Install_29944\ytd.exe    a variant of Win32/SBWatchman.D potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Local\Temp\Install_8668\ytd.exe    a variant of Win32/SBWatchman.D potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Roaming\JU    JS/Toolbar.Crossrider.C potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\AppData\Roaming\PQWBVJPG    JS/Toolbar.Crossrider.C potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\Desktop\Luca\Desktop\Programmi\light_image_resizer4.0.6.6.exe    Win32/InstallMonetizer.AF potentially unwanted application    deleted - quarantined
C:\Users\LucaTixi\Downloads\FoxitReader606.0722_enu_Setup.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
 

 

 

 

 

21:48:08.0191 0x12b4  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
21:48:08.0191 0x12b4  UEFI system
21:48:15.0222 0x12b4  ============================================================
21:48:15.0222 0x12b4  Current date / time: 2014/12/01 21:48:15.0222
21:48:15.0222 0x12b4  SystemInfo:
21:48:15.0222 0x12b4  
21:48:15.0222 0x12b4  OS Version: 6.3.9600 ServicePack: 0.0
21:48:15.0222 0x12b4  Product type: Workstation
21:48:15.0222 0x12b4  ComputerName: LUCA
21:48:15.0222 0x12b4  UserName: LucaTixi
21:48:15.0222 0x12b4  Windows directory: C:\WINDOWS
21:48:15.0222 0x12b4  System windows directory: C:\WINDOWS
21:48:15.0222 0x12b4  Running under WOW64
21:48:15.0222 0x12b4  Processor architecture: Intel x64
21:48:15.0222 0x12b4  Number of processors: 4
21:48:15.0222 0x12b4  Page size: 0x1000
21:48:15.0222 0x12b4  Boot type: Normal boot
21:48:15.0222 0x12b4  ============================================================
21:48:15.0519 0x12b4  KLMD registered as C:\WINDOWS\system32\drivers\43802821.sys
21:48:16.0769 0x12b4  System UUID: {E7B7C473-A829-0BA9-06D4-F9A8606EDF95}
21:48:18.0504 0x12b4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:48:18.0535 0x12b4  ============================================================
21:48:18.0535 0x12b4  \Device\Harddisk0\DR0:
21:48:18.0550 0x12b4  GPT partitions:
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F70D92E2-56D4-4E02-9480-4188F5BD016F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {724C8D2C-933F-4C72-9131-7DBB41643C21}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2D788ACC-3537-4F32-8C1F-2B30D81C8899}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8F68C85E-5E01-4885-A6F9-F80AA538ED72}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x3808B000
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D1071A4B-754B-4EF3-AD4D-72C04056C054}, Name: , StartLBA 0x38215800, BlocksNum 0xE1000
21:48:18.0550 0x12b4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {13CE099B-341F-4782-AB75-46CE92496E81}, Name: Basic data partition, StartLBA 0x382F6800, BlocksNum 0x208C000
21:48:18.0550 0x12b4  MBR partitions:
21:48:18.0550 0x12b4  ============================================================
21:48:18.0597 0x12b4  C: <-> \Device\Harddisk0\DR0\Partition4
21:48:18.0644 0x12b4  D: <-> \Device\Harddisk0\DR0\Partition6
21:48:18.0644 0x12b4  ============================================================
21:48:18.0644 0x12b4  Initialize success
21:48:18.0644 0x12b4  ============================================================
21:48:26.0285 0x0de4  ============================================================
21:48:26.0285 0x0de4  Scan started
21:48:26.0285 0x0de4  Mode: Manual;
21:48:26.0285 0x0de4  ============================================================
21:48:26.0285 0x0de4  KSN ping started
21:48:28.0988 0x0de4  KSN ping finished: true
21:48:32.0035 0x0de4  ================ Scan system memory ========================
21:48:32.0035 0x0de4  System memory - ok
21:48:32.0035 0x0de4  ================ Scan services =============================
21:48:32.0270 0x0de4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:48:32.0285 0x0de4  1394ohci - ok
21:48:32.0332 0x0de4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:48:32.0332 0x0de4  3ware - ok
21:48:32.0379 0x0de4  [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
21:48:32.0379 0x0de4  Accelerometer - ok
21:48:32.0410 0x0de4  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:48:32.0442 0x0de4  ACPI - ok
21:48:32.0442 0x0de4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:48:32.0442 0x0de4  acpiex - ok
21:48:32.0489 0x0de4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:48:32.0489 0x0de4  acpipagr - ok
21:48:32.0520 0x0de4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:48:32.0520 0x0de4  AcpiPmi - ok
21:48:32.0535 0x0de4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:48:32.0535 0x0de4  acpitime - ok
21:48:32.0692 0x0de4  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:48:32.0707 0x0de4  AdobeFlashPlayerUpdateSvc - ok
21:48:32.0801 0x0de4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:48:32.0817 0x0de4  ADP80XX - ok
21:48:32.0879 0x0de4  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
21:48:32.0911 0x0de4  AeLookupSvc - ok
21:48:32.0942 0x0de4  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:48:32.0957 0x0de4  AFD - ok
21:48:32.0989 0x0de4  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
21:48:33.0004 0x0de4  agp440 - ok
21:48:33.0020 0x0de4  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:48:33.0020 0x0de4  ahcache - ok
21:48:33.0051 0x0de4  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
21:48:33.0051 0x0de4  ALG - ok
21:48:33.0098 0x0de4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:48:33.0098 0x0de4  AmdK8 - ok
21:48:33.0114 0x0de4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:48:33.0114 0x0de4  AmdPPM - ok
21:48:33.0161 0x0de4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:48:33.0176 0x0de4  amdsata - ok
21:48:33.0192 0x0de4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:48:33.0207 0x0de4  amdsbs - ok
21:48:33.0239 0x0de4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:48:33.0239 0x0de4  amdxata - ok
21:48:33.0332 0x0de4  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:48:33.0348 0x0de4  AppHostSvc - ok
21:48:33.0379 0x0de4  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:48:33.0379 0x0de4  AppID - ok
21:48:33.0442 0x0de4  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:48:33.0442 0x0de4  AppIDSvc - ok
21:48:33.0504 0x0de4  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:48:33.0520 0x0de4  Appinfo - ok
21:48:33.0567 0x0de4  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:48:33.0582 0x0de4  AppReadiness - ok
21:48:33.0707 0x0de4  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:48:33.0739 0x0de4  AppXSvc - ok
21:48:33.0770 0x0de4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:48:33.0770 0x0de4  arcsas - ok
21:48:33.0926 0x0de4  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:48:33.0926 0x0de4  aspnet_state - ok
21:48:33.0989 0x0de4  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
21:48:33.0989 0x0de4  aswHwid - ok
21:48:34.0020 0x0de4  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
21:48:34.0020 0x0de4  aswMonFlt - ok
21:48:34.0036 0x0de4  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
21:48:34.0036 0x0de4  aswRdr - ok
21:48:34.0067 0x0de4  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
21:48:34.0067 0x0de4  aswRvrt - ok
21:48:34.0145 0x0de4  [ CB3FC6732A50513EFC93B6E2495CF94A, 2CDB5268A73BFD788E5B5D708384C1C1D4E72834F99EB16B62C692A451061BBF ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
21:48:34.0176 0x0de4  aswSnx - ok
21:48:34.0239 0x0de4  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
21:48:34.0254 0x0de4  aswSP - ok
21:48:34.0317 0x0de4  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
21:48:34.0332 0x0de4  aswStm - ok
21:48:34.0489 0x0de4  aswVmm - ok
21:48:34.0520 0x0de4  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:48:34.0520 0x0de4  AsyncMac - ok
21:48:34.0567 0x0de4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:48:34.0582 0x0de4  atapi - ok
21:48:34.0754 0x0de4  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
21:48:34.0879 0x0de4  athr - ok
21:48:34.0957 0x0de4  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:48:34.0973 0x0de4  AudioEndpointBuilder - ok
21:48:35.0036 0x0de4  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:48:35.0051 0x0de4  Audiosrv - ok
21:48:35.0176 0x0de4  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:48:35.0192 0x0de4  avast! Antivirus - ok
21:48:35.0239 0x0de4  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:48:35.0254 0x0de4  AxInstSV - ok
21:48:35.0317 0x0de4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:48:35.0348 0x0de4  b06bdrv - ok
21:48:35.0364 0x0de4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:48:35.0364 0x0de4  BasicDisplay - ok
21:48:35.0395 0x0de4  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:48:35.0395 0x0de4  BasicRender - ok
21:48:35.0426 0x0de4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:48:35.0426 0x0de4  bcmfn2 - ok
21:48:35.0489 0x0de4  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:48:35.0504 0x0de4  BDESVC - ok
21:48:35.0567 0x0de4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:48:35.0567 0x0de4  Beep - ok
21:48:35.0645 0x0de4  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
21:48:35.0661 0x0de4  BFE - ok
21:48:35.0786 0x0de4  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
21:48:35.0817 0x0de4  BITS - ok
21:48:35.0879 0x0de4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:48:35.0895 0x0de4  Bonjour Service - ok
21:48:35.0926 0x0de4  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:48:35.0926 0x0de4  bowser - ok
21:48:35.0989 0x0de4  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:48:36.0004 0x0de4  BrokerInfrastructure - ok
21:48:36.0067 0x0de4  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
21:48:36.0067 0x0de4  Browser - ok
21:48:36.0114 0x0de4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:48:36.0129 0x0de4  BthAvrcpTg - ok
21:48:36.0145 0x0de4  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:48:36.0145 0x0de4  BthHFEnum - ok
21:48:36.0145 0x0de4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:48:36.0145 0x0de4  bthhfhid - ok
21:48:36.0176 0x0de4  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:48:36.0192 0x0de4  BTHMODEM - ok
21:48:36.0239 0x0de4  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:48:36.0239 0x0de4  bthserv - ok
21:48:36.0442 0x0de4  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
21:48:36.0489 0x0de4  c2cautoupdatesvc - ok
21:48:36.0629 0x0de4  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
21:48:36.0676 0x0de4  c2cpnrsvc - ok
21:48:36.0692 0x0de4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:48:36.0692 0x0de4  cdfs - ok
21:48:36.0723 0x0de4  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:48:36.0723 0x0de4  cdrom - ok
21:48:36.0786 0x0de4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:48:36.0786 0x0de4  CertPropSvc - ok
21:48:36.0833 0x0de4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:48:36.0833 0x0de4  circlass - ok
21:48:36.0911 0x0de4  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:48:36.0926 0x0de4  CLFS - ok
21:48:36.0942 0x0de4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:48:36.0942 0x0de4  CmBatt - ok
21:48:37.0020 0x0de4  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:48:37.0036 0x0de4  CNG - ok
21:48:37.0051 0x0de4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
21:48:37.0067 0x0de4  CompositeBus - ok
21:48:37.0067 0x0de4  COMSysApp - ok
21:48:37.0114 0x0de4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:48:37.0114 0x0de4  condrv - ok
21:48:37.0192 0x0de4  [ DCA39DB96E3489B7229720E3F8F796FD, 1640C53B5CAA9133BCF3D322E6684D8B6A3940C7BB8932A40DF9468866858D8C ] cpextender      C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
21:48:37.0208 0x0de4  cpextender - ok
21:48:37.0348 0x0de4  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:48:37.0395 0x0de4  cphs - ok
21:48:37.0442 0x0de4  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:48:37.0442 0x0de4  CryptSvc - ok
21:48:37.0473 0x0de4  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:48:37.0473 0x0de4  dam - ok
21:48:37.0583 0x0de4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:48:37.0598 0x0de4  DcomLaunch - ok
21:48:37.0676 0x0de4  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:48:37.0692 0x0de4  defragsvc - ok
21:48:37.0770 0x0de4  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:48:37.0786 0x0de4  DeviceAssociationService - ok
21:48:37.0833 0x0de4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:48:37.0848 0x0de4  DeviceInstall - ok
21:48:37.0895 0x0de4  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:48:37.0926 0x0de4  Dfsc - ok
21:48:37.0989 0x0de4  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:48:38.0005 0x0de4  Dhcp - ok
21:48:38.0020 0x0de4  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
21:48:38.0020 0x0de4  disk - ok
21:48:38.0083 0x0de4  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:48:38.0083 0x0de4  dmvsc - ok
21:48:38.0145 0x0de4  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:48:38.0176 0x0de4  Dnscache - ok
21:48:38.0223 0x0de4  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:48:38.0239 0x0de4  dot3svc - ok
21:48:38.0255 0x0de4  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
21:48:38.0270 0x0de4  DPS - ok
21:48:38.0286 0x0de4  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:48:38.0286 0x0de4  drmkaud - ok
21:48:38.0333 0x0de4  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:48:38.0348 0x0de4  DsmSvc - ok
21:48:38.0473 0x0de4  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:48:38.0520 0x0de4  DXGKrnl - ok
21:48:38.0567 0x0de4  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
21:48:38.0583 0x0de4  Eaphost - ok
21:48:38.0755 0x0de4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:48:38.0911 0x0de4  ebdrv - ok
21:48:38.0942 0x0de4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
21:48:38.0958 0x0de4  EFS - ok
21:48:39.0020 0x0de4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:48:39.0020 0x0de4  EhStorClass - ok
21:48:39.0051 0x0de4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:48:39.0067 0x0de4  EhStorTcgDrv - ok
21:48:39.0098 0x0de4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:48:39.0098 0x0de4  ErrDev - ok
21:48:39.0208 0x0de4  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
21:48:39.0223 0x0de4  EventSystem - ok
21:48:39.0286 0x0de4  [ CE526B76F30A4795EBF8421C6C0B48C3, 9F8D8F406D2F826DB69924ADAEBF8B7F088D3601B6D10B7D82D37DB8AC304C36 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
21:48:39.0301 0x0de4  ewusbnet - ok
21:48:39.0317 0x0de4  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
21:48:39.0317 0x0de4  ew_hwusbdev - ok
21:48:39.0348 0x0de4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:48:39.0348 0x0de4  exfat - ok
21:48:39.0411 0x0de4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:48:39.0426 0x0de4  fastfat - ok
21:48:39.0489 0x0de4  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:48:39.0520 0x0de4  Fax - ok
21:48:39.0536 0x0de4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:48:39.0536 0x0de4  fdc - ok
21:48:39.0583 0x0de4  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:48:39.0583 0x0de4  fdPHost - ok
21:48:39.0614 0x0de4  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:48:39.0614 0x0de4  FDResPub - ok
21:48:39.0661 0x0de4  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:48:39.0661 0x0de4  fhsvc - ok
21:48:39.0723 0x0de4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:48:39.0723 0x0de4  FileInfo - ok
21:48:39.0755 0x0de4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:48:39.0755 0x0de4  Filetrace - ok
21:48:39.0880 0x0de4  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:48:39.0895 0x0de4  FLEXnet Licensing Service - ok
21:48:39.0927 0x0de4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:48:39.0942 0x0de4  flpydisk - ok
21:48:40.0005 0x0de4  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:48:40.0020 0x0de4  FltMgr - ok
21:48:40.0114 0x0de4  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:48:40.0161 0x0de4  FontCache - ok
21:48:40.0333 0x0de4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:48:40.0333 0x0de4  FontCache3.0.0.0 - ok
21:48:40.0458 0x0de4  [ D316BB764E63289DEE509F05C31C2956, 3685CD50504725CD7FA65EE27BD450DE5D7058201FF870FF8D833AA81B415C4D ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
21:48:40.0473 0x0de4  FoxitCloudUpdateService - ok
21:48:40.0520 0x0de4  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:48:40.0536 0x0de4  FsDepends - ok
21:48:40.0552 0x0de4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:48:40.0552 0x0de4  Fs_Rec - ok
21:48:40.0598 0x0de4  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:48:40.0614 0x0de4  fvevol - ok
21:48:40.0645 0x0de4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
21:48:40.0645 0x0de4  FxPPM - ok
21:48:40.0677 0x0de4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
21:48:40.0677 0x0de4  gagp30kx - ok
21:48:40.0708 0x0de4  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:48:40.0708 0x0de4  gencounter - ok
21:48:40.0770 0x0de4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:48:40.0770 0x0de4  GPIOClx0101 - ok
21:48:40.0895 0x0de4  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:48:40.0927 0x0de4  gpsvc - ok
21:48:41.0067 0x0de4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:48:41.0083 0x0de4  gupdate - ok
21:48:41.0098 0x0de4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:48:41.0098 0x0de4  gupdatem - ok
21:48:41.0161 0x0de4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:48:41.0161 0x0de4  HDAudBus - ok
21:48:41.0192 0x0de4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:48:41.0192 0x0de4  HidBatt - ok
21:48:41.0255 0x0de4  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:48:41.0255 0x0de4  HidBth - ok
21:48:41.0286 0x0de4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:48:41.0286 0x0de4  hidi2c - ok
21:48:41.0317 0x0de4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:48:41.0317 0x0de4  HidIr - ok
21:48:41.0364 0x0de4  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:48:41.0380 0x0de4  hidserv - ok
21:48:41.0427 0x0de4  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:48:41.0427 0x0de4  HidUsb - ok
21:48:41.0536 0x0de4  [ E9499A51801037F4E7CD2D7937D76542, E908A7DC52E8FD4E611620E2E0D23D567B44F965208274C5CF571FC1694F1EB5 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
21:48:41.0552 0x0de4  HitmanProScheduler - ok
21:48:41.0598 0x0de4  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
21:48:41.0614 0x0de4  hkmsvc - ok
21:48:41.0645 0x0de4  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:48:41.0661 0x0de4  HomeGroupListener - ok
21:48:41.0723 0x0de4  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:48:41.0739 0x0de4  HomeGroupProvider - ok
21:48:41.0802 0x0de4  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:48:41.0817 0x0de4  HP Support Assistant Service - ok
21:48:41.0864 0x0de4  [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
21:48:41.0864 0x0de4  hpdskflt - ok
21:48:42.0005 0x0de4  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:48:42.0020 0x0de4  hpqcxs08 - ok
21:48:42.0067 0x0de4  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:48:42.0067 0x0de4  hpqddsvc - ok
21:48:42.0161 0x0de4  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:48:42.0192 0x0de4  hpqwmiex - ok
21:48:42.0239 0x0de4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:48:42.0239 0x0de4  HpSAMD - ok
21:48:42.0348 0x0de4  [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:48:42.0380 0x0de4  HPSLPSVC - ok
21:48:42.0395 0x0de4  [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
21:48:42.0395 0x0de4  hpsrv - ok
21:48:42.0427 0x0de4  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:48:42.0427 0x0de4  HPWMISVC - ok
21:48:42.0489 0x0de4  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:48:42.0520 0x0de4  HTTP - ok
21:48:42.0567 0x0de4  [ BAFE6B0B92BE69144D59907550A07678, 28D0823F0F590FC15D05FA4C7A0C89EDA9E023C05A49056C251986BB47574378 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
21:48:42.0583 0x0de4  huawei_enumerator - ok
21:48:42.0645 0x0de4  [ F47F112DC883F7A9E4618A006CC6DE1B, 555D78A589CF8B8E1099E9B270E8B90512C41107C84CE2D311AD875B059730D1 ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:48:42.0645 0x0de4  hwdatacard - ok
21:48:42.0708 0x0de4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:48:42.0708 0x0de4  hwpolicy - ok
21:48:42.0739 0x0de4  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:48:42.0739 0x0de4  hyperkbd - ok
21:48:42.0786 0x0de4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:48:42.0802 0x0de4  HyperVideo - ok
21:48:42.0817 0x0de4  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:48:42.0833 0x0de4  i8042prt - ok
21:48:42.0849 0x0de4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:48:42.0864 0x0de4  iaLPSSi_GPIO - ok
21:48:42.0895 0x0de4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:48:42.0895 0x0de4  iaLPSSi_I2C - ok
21:48:43.0020 0x0de4  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:48:43.0052 0x0de4  iaStorA - ok
21:48:43.0130 0x0de4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:48:43.0145 0x0de4  iaStorAV - ok
21:48:43.0177 0x0de4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:48:43.0192 0x0de4  iaStorV - ok
21:48:43.0317 0x0de4  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:48:43.0380 0x0de4  IconMan_R - ok
21:48:43.0442 0x0de4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:48:43.0458 0x0de4  IDriverT - ok
21:48:43.0474 0x0de4  IEEtwCollectorService - ok
21:48:43.0661 0x0de4  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:48:43.0786 0x0de4  igfx - ok
21:48:43.0849 0x0de4  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:48:43.0849 0x0de4  igfxCUIService1.0.0.0 - ok
21:48:43.0958 0x0de4  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:48:43.0989 0x0de4  IKEEXT - ok
21:48:44.0067 0x0de4  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:48:44.0083 0x0de4  IntcDAud - ok
21:48:44.0224 0x0de4  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:48:44.0239 0x0de4  Intel® Capability Licensing Service Interface - ok
21:48:44.0302 0x0de4  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:48:44.0333 0x0de4  Intel® Capability Licensing Service TCP IP Interface - ok
21:48:44.0411 0x0de4  [ B32A84262049E43DB2FDB70F2EAF3BEE, B80214F5A697F7C163E62448FAC4FC71E798114E1C0FBB52C3A16534208849B7 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:48:44.0411 0x0de4  Intel® ME Service - ok
21:48:44.0458 0x0de4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:48:44.0458 0x0de4  intelide - ok
21:48:44.0505 0x0de4  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:48:44.0505 0x0de4  intelpep - ok
21:48:44.0520 0x0de4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:48:44.0536 0x0de4  intelppm - ok
21:48:44.0552 0x0de4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:48:44.0552 0x0de4  IpFilterDriver - ok
21:48:44.0630 0x0de4  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:48:44.0661 0x0de4  iphlpsvc - ok
21:48:44.0677 0x0de4  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:48:44.0677 0x0de4  IPMIDRV - ok
21:48:44.0739 0x0de4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:48:44.0755 0x0de4  IPNAT - ok
21:48:44.0786 0x0de4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:48:44.0849 0x0de4  IRENUM - ok
21:48:44.0896 0x0de4  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:48:44.0911 0x0de4  isapnp - ok
21:48:44.0958 0x0de4  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:48:44.0958 0x0de4  iScsiPrt - ok
21:48:45.0021 0x0de4  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
21:48:45.0021 0x0de4  iwdbus - ok
21:48:45.0067 0x0de4  [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:48:45.0083 0x0de4  jhi_service - ok
21:48:45.0130 0x0de4  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:48:45.0130 0x0de4  kbdclass - ok
21:48:45.0161 0x0de4  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:48:45.0161 0x0de4  kbdhid - ok
21:48:45.0177 0x0de4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:48:45.0177 0x0de4  kdnic - ok
21:48:45.0192 0x0de4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:48:45.0192 0x0de4  KeyIso - ok
21:48:45.0224 0x0de4  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:48:45.0224 0x0de4  KSecDD - ok
21:48:45.0271 0x0de4  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:48:45.0286 0x0de4  KSecPkg - ok
21:48:45.0286 0x0de4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:48:45.0302 0x0de4  ksthunk - ok
21:48:45.0349 0x0de4  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:48:45.0364 0x0de4  KtmRm - ok
21:48:45.0411 0x0de4  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:48:45.0427 0x0de4  LanmanServer - ok
21:48:45.0489 0x0de4  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:48:45.0505 0x0de4  LanmanWorkstation - ok
21:48:45.0599 0x0de4  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
21:48:45.0630 0x0de4  lfsvc - ok
21:48:45.0677 0x0de4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:48:45.0677 0x0de4  lltdio - ok
21:48:45.0739 0x0de4  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:48:45.0771 0x0de4  lltdsvc - ok
21:48:45.0817 0x0de4  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:48:45.0817 0x0de4  lmhosts - ok
21:48:45.0849 0x0de4  [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:48:45.0864 0x0de4  LMS - ok
21:48:45.0927 0x0de4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:48:45.0927 0x0de4  LSI_SAS - ok
21:48:45.0958 0x0de4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:48:45.0958 0x0de4  LSI_SAS2 - ok
21:48:45.0989 0x0de4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
21:48:46.0005 0x0de4  LSI_SAS3 - ok
21:48:46.0036 0x0de4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:48:46.0036 0x0de4  LSI_SSS - ok
21:48:46.0146 0x0de4  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
21:48:46.0177 0x0de4  LSM - ok
21:48:46.0192 0x0de4  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:48:46.0192 0x0de4  luafv - ok
21:48:46.0255 0x0de4  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:48:46.0255 0x0de4  MBAMSwissArmy - ok
21:48:46.0333 0x0de4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:48:46.0333 0x0de4  megasas - ok
21:48:46.0396 0x0de4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:48:46.0411 0x0de4  megasr - ok
21:48:46.0458 0x0de4  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
21:48:46.0474 0x0de4  MEIx64 - ok
21:48:46.0583 0x0de4  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:48:46.0583 0x0de4  Microsoft Office Groove Audit Service - ok
21:48:46.0646 0x0de4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
21:48:46.0646 0x0de4  MMCSS - ok
21:48:46.0692 0x0de4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:48:46.0692 0x0de4  Modem - ok
21:48:46.0708 0x0de4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:48:46.0724 0x0de4  monitor - ok
21:48:46.0739 0x0de4  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:48:46.0739 0x0de4  mouclass - ok
21:48:46.0771 0x0de4  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:48:46.0771 0x0de4  mouhid - ok
21:48:46.0786 0x0de4  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:48:46.0786 0x0de4  mountmgr - ok
21:48:46.0864 0x0de4  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:48:46.0880 0x0de4  MozillaMaintenance - ok
21:48:46.0896 0x0de4  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:48:46.0911 0x0de4  mpsdrv - ok
21:48:47.0005 0x0de4  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:48:47.0036 0x0de4  MpsSvc - ok
21:48:47.0099 0x0de4  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:48:47.0114 0x0de4  MRxDAV - ok
21:48:47.0161 0x0de4  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:48:47.0177 0x0de4  mrxsmb - ok
21:48:47.0239 0x0de4  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:48:47.0255 0x0de4  mrxsmb10 - ok
21:48:47.0271 0x0de4  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:48:47.0286 0x0de4  mrxsmb20 - ok
21:48:47.0318 0x0de4  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
21:48:47.0333 0x0de4  MsBridge - ok
21:48:47.0380 0x0de4  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:48:47.0411 0x0de4  MSDTC - ok
21:48:47.0427 0x0de4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:48:47.0427 0x0de4  Msfs - ok
21:48:47.0458 0x0de4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:48:47.0458 0x0de4  msgpiowin32 - ok
21:48:47.0489 0x0de4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:48:47.0489 0x0de4  mshidkmdf - ok
21:48:47.0505 0x0de4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:48:47.0505 0x0de4  mshidumdf - ok
21:48:47.0521 0x0de4  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:48:47.0536 0x0de4  msisadrv - ok
21:48:47.0583 0x0de4  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:48:47.0599 0x0de4  MSiSCSI - ok
21:48:47.0614 0x0de4  msiserver - ok
21:48:47.0630 0x0de4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:48:47.0630 0x0de4  MSKSSRV - ok
21:48:47.0693 0x0de4  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:48:47.0708 0x0de4  MsLldp - ok
21:48:47.0755 0x0de4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:48:47.0755 0x0de4  MSPCLOCK - ok
21:48:47.0786 0x0de4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:48:47.0786 0x0de4  MSPQM - ok
21:48:47.0849 0x0de4  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:48:47.0864 0x0de4  MsRPC - ok
21:48:47.0864 0x0de4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:48:47.0880 0x0de4  mssmbios - ok
21:48:47.0927 0x0de4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:48:47.0927 0x0de4  MSTEE - ok
21:48:47.0958 0x0de4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:48:47.0958 0x0de4  MTConfig - ok
21:48:47.0989 0x0de4  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:48:48.0021 0x0de4  Mup - ok
21:48:48.0083 0x0de4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:48:48.0083 0x0de4  mvumis - ok
21:48:48.0161 0x0de4  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
21:48:48.0177 0x0de4  napagent - ok
21:48:48.0255 0x0de4  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:48:48.0271 0x0de4  NativeWifiP - ok
21:48:48.0333 0x0de4  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:48:48.0349 0x0de4  NcaSvc - ok
21:48:48.0380 0x0de4  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:48:48.0380 0x0de4  NcbService - ok
21:48:48.0396 0x0de4  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:48:48.0411 0x0de4  NcdAutoSetup - ok
21:48:48.0474 0x0de4  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:48:48.0505 0x0de4  NDIS - ok
21:48:48.0521 0x0de4  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:48:48.0521 0x0de4  NdisCap - ok
21:48:48.0583 0x0de4  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:48:48.0599 0x0de4  NdisImPlatform - ok
21:48:48.0630 0x0de4  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:48:48.0630 0x0de4  NdisTapi - ok
21:48:48.0677 0x0de4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:48:48.0693 0x0de4  Ndisuio - ok
21:48:48.0693 0x0de4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:48:48.0708 0x0de4  NdisVirtualBus - ok
21:48:48.0739 0x0de4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:48:48.0755 0x0de4  NdisWan - ok
21:48:48.0771 0x0de4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:48:48.0771 0x0de4  NdisWanLegacy - ok
21:48:48.0802 0x0de4  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:48:48.0802 0x0de4  NDProxy - ok
21:48:48.0818 0x0de4  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:48:48.0818 0x0de4  Ndu - ok
21:48:48.0880 0x0de4  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:48:48.0896 0x0de4  Net Driver HPZ12 - ok
21:48:48.0943 0x0de4  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:48:48.0958 0x0de4  NetBIOS - ok
21:48:48.0989 0x0de4  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:48:49.0005 0x0de4  NetBT - ok
21:48:49.0021 0x0de4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:48:49.0021 0x0de4  Netlogon - ok
21:48:49.0083 0x0de4  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
21:48:49.0099 0x0de4  Netman - ok
21:48:49.0177 0x0de4  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:48:49.0208 0x0de4  netprofm - ok
21:48:49.0302 0x0de4  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:48:49.0349 0x0de4  NetTcpPortSharing - ok
21:48:49.0396 0x0de4  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
21:48:49.0396 0x0de4  netvsc - ok
21:48:49.0458 0x0de4  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:48:49.0489 0x0de4  NlaSvc - ok
21:48:49.0505 0x0de4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:48:49.0505 0x0de4  Npfs - ok
21:48:49.0521 0x0de4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:48:49.0536 0x0de4  npsvctrig - ok
21:48:49.0583 0x0de4  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:48:49.0583 0x0de4  nsi - ok
21:48:49.0599 0x0de4  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:48:49.0614 0x0de4  nsiproxy - ok
21:48:49.0677 0x0de4  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:48:49.0739 0x0de4  Ntfs - ok
21:48:49.0802 0x0de4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:48:49.0802 0x0de4  Null - ok
21:48:50.0302 0x0de4  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:48:50.0740 0x0de4  nvlddmkm - ok
21:48:50.0786 0x0de4  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
21:48:50.0786 0x0de4  nvpciflt - ok
21:48:50.0849 0x0de4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:48:50.0849 0x0de4  nvraid - ok
21:48:50.0880 0x0de4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:48:50.0880 0x0de4  nvstor - ok
21:48:50.0943 0x0de4  [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:48:50.0974 0x0de4  nvsvc - ok
21:48:51.0130 0x0de4  [ 9B0CE33647D1006F4FF8EE572A570974, 740500BBAA76E2D2D7C648C86927210C0FBA5DFD0A8B487B83415122C47CA7F7 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:48:51.0161 0x0de4  nvUpdatusService - ok
21:48:51.0177 0x0de4  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
21:48:51.0177 0x0de4  nv_agp - ok
21:48:51.0318 0x0de4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:48:51.0349 0x0de4  odserv - ok
21:48:51.0396 0x0de4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:48:51.0396 0x0de4  ose - ok
21:48:51.0474 0x0de4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:48:51.0505 0x0de4  p2pimsvc - ok
21:48:51.0568 0x0de4  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:48:51.0583 0x0de4  p2psvc - ok
21:48:51.0599 0x0de4  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:48:51.0615 0x0de4  Parport - ok
21:48:51.0630 0x0de4  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:48:51.0646 0x0de4  partmgr - ok
21:48:51.0740 0x0de4  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:48:51.0755 0x0de4  PcaSvc - ok
21:48:51.0818 0x0de4  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:48:51.0833 0x0de4  pci - ok
21:48:51.0865 0x0de4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:48:51.0865 0x0de4  pciide - ok
21:48:51.0896 0x0de4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:48:51.0896 0x0de4  pcmcia - ok
21:48:51.0943 0x0de4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:48:51.0958 0x0de4  pcw - ok
21:48:52.0005 0x0de4  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:48:52.0021 0x0de4  pdc - ok
21:48:52.0099 0x0de4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:48:52.0115 0x0de4  PEAUTH - ok
21:48:52.0224 0x0de4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:48:52.0240 0x0de4  PerfHost - ok
21:48:52.0349 0x0de4  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
21:48:52.0380 0x0de4  pla - ok
21:48:52.0427 0x0de4  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:48:52.0427 0x0de4  PlugPlay - ok
21:48:52.0490 0x0de4  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:48:52.0505 0x0de4  Pml Driver HPZ12 - ok
21:48:52.0552 0x0de4  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:48:52.0552 0x0de4  PNRPAutoReg - ok
21:48:52.0599 0x0de4  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:48:52.0615 0x0de4  PNRPsvc - ok
21:48:52.0677 0x0de4  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:48:52.0693 0x0de4  PolicyAgent - ok
21:48:52.0708 0x0de4  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
21:48:52.0708 0x0de4  Power - ok
21:48:52.0771 0x0de4  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:48:52.0771 0x0de4  PptpMiniport - ok
21:48:52.0974 0x0de4  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:48:53.0183 0x0de4  PrintNotify - ok
21:48:53.0262 0x0de4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:48:53.0280 0x0de4  Processor - ok
21:48:53.0371 0x0de4  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:48:53.0392 0x0de4  ProfSvc - ok
21:48:53.0409 0x0de4  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
21:48:53.0415 0x0de4  Psched - ok
21:48:53.0562 0x0de4  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:48:53.0584 0x0de4  QWAVE - ok
21:48:53.0643 0x0de4  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:48:53.0646 0x0de4  QWAVEdrv - ok
21:48:53.0700 0x0de4  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:48:53.0703 0x0de4  RasAcd - ok
21:48:53.0762 0x0de4  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:48:53.0766 0x0de4  RasAgileVpn - ok
21:48:53.0815 0x0de4  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:48:53.0824 0x0de4  RasAuto - ok
21:48:53.0860 0x0de4  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:48:53.0864 0x0de4  Rasl2tp - ok
21:48:53.0899 0x0de4  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:48:53.0919 0x0de4  RasMan - ok
21:48:53.0937 0x0de4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:48:53.0941 0x0de4  RasPppoe - ok
21:48:53.0958 0x0de4  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:48:53.0962 0x0de4  RasSstp - ok
21:48:53.0990 0x0de4  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:48:54.0004 0x0de4  rdbss - ok
21:48:54.0059 0x0de4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:48:54.0061 0x0de4  rdpbus - ok
21:48:54.0079 0x0de4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:48:54.0085 0x0de4  RDPDR - ok
21:48:54.0143 0x0de4  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:48:54.0145 0x0de4  RdpVideoMiniport - ok
21:48:54.0166 0x0de4  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:48:54.0174 0x0de4  rdyboost - ok
21:48:54.0263 0x0de4  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
21:48:54.0293 0x0de4  ReFS - ok
21:48:54.0341 0x0de4  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:48:54.0351 0x0de4  RemoteAccess - ok
21:48:54.0440 0x0de4  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:48:54.0468 0x0de4  RemoteRegistry - ok
21:48:54.0512 0x0de4  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:48:54.0520 0x0de4  RpcEptMapper - ok
21:48:54.0580 0x0de4  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:48:54.0591 0x0de4  RpcLocator - ok
21:48:54.0655 0x0de4  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:48:54.0679 0x0de4  RpcSs - ok
21:48:54.0730 0x0de4  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
21:48:54.0740 0x0de4  RSP2STOR - ok
21:48:54.0798 0x0de4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:48:54.0803 0x0de4  rspndr - ok
21:48:54.0902 0x0de4  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
21:48:54.0919 0x0de4  RTL8168 - ok
21:48:54.0968 0x0de4  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:48:54.0982 0x0de4  s3cap - ok
21:48:55.0045 0x0de4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:48:55.0051 0x0de4  SamSs - ok
21:48:55.0199 0x0de4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:48:55.0217 0x0de4  sbp2port - ok
21:48:55.0414 0x0de4  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:48:55.0445 0x0de4  SCardSvr - ok
21:48:55.0632 0x0de4  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:48:55.0656 0x0de4  ScDeviceEnum - ok
21:48:55.0840 0x0de4  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:48:55.0872 0x0de4  scfilter - ok
21:48:56.0491 0x0de4  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:48:56.0572 0x0de4  Schedule - ok
21:48:56.0696 0x0de4  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:48:56.0702 0x0de4  SCPolicySvc - ok
21:48:56.0833 0x0de4  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:48:56.0867 0x0de4  sdbus - ok
21:48:56.0949 0x0de4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:48:56.0964 0x0de4  sdstor - ok
21:48:57.0064 0x0de4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
21:48:57.0095 0x0de4  secdrv - ok
21:48:57.0166 0x0de4  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:48:57.0182 0x0de4  seclogon - ok
21:48:57.0205 0x0de4  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
21:48:57.0215 0x0de4  SENS - ok
21:48:57.0240 0x0de4  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:48:57.0265 0x0de4  SensrSvc - ok
21:48:57.0314 0x0de4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:48:57.0352 0x0de4  SerCx - ok
21:48:57.0431 0x0de4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:48:57.0439 0x0de4  SerCx2 - ok
21:48:57.0472 0x0de4  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:48:57.0497 0x0de4  Serenum - ok
21:48:57.0618 0x0de4  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:48:57.0761 0x0de4  Serial - ok
21:48:57.0828 0x0de4  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:48:57.0896 0x0de4  sermouse - ok
21:48:58.0062 0x0de4  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:48:58.0084 0x0de4  SessionEnv - ok
21:48:58.0139 0x0de4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:48:58.0167 0x0de4  sfloppy - ok
21:48:58.0361 0x0de4  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:48:58.0383 0x0de4  SharedAccess - ok
21:48:58.0651 0x0de4  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:48:58.0689 0x0de4  ShellHWDetection - ok
21:48:58.0751 0x0de4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:48:58.0776 0x0de4  SiSRaid2 - ok
21:48:58.0821 0x0de4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:48:58.0833 0x0de4  SiSRaid4 - ok
21:48:58.0959 0x0de4  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:48:58.0965 0x0de4  SkypeUpdate - ok
21:48:58.0985 0x0de4  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
21:48:58.0989 0x0de4  SmbDrv - ok
21:48:59.0077 0x0de4  [ 962ABD93C70B28CE97F78B8F115FF1B2, C3C83AF01764E24FFEFDDC8383DA4667107A0D84C2533FE71794EF90C3C374A7 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:48:59.0089 0x0de4  SmbDrvI - ok
21:48:59.0180 0x0de4  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
21:48:59.0196 0x0de4  smphost - ok
21:48:59.0267 0x0de4  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:48:59.0278 0x0de4  SNMPTRAP - ok
21:48:59.0429 0x0de4  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:48:59.0459 0x0de4  spaceport - ok
21:48:59.0492 0x0de4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:48:59.0496 0x0de4  SpbCx - ok
21:48:59.0573 0x0de4  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:48:59.0606 0x0de4  Spooler - ok
21:48:59.0962 0x0de4  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:49:00.0211 0x0de4  sppsvc - ok
21:49:00.0253 0x0de4  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:49:00.0265 0x0de4  srv - ok
21:49:00.0333 0x0de4  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:49:00.0355 0x0de4  srv2 - ok
21:49:00.0367 0x0de4  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:49:00.0374 0x0de4  srvnet - ok
21:49:00.0432 0x0de4  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:49:00.0445 0x0de4  SSDPSRV - ok
21:49:00.0496 0x0de4  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:49:00.0517 0x0de4  SstpSvc - ok
21:49:00.0646 0x0de4  [ 098185E9B7C417CF7480BB9F839DB652, 5573CB98057DC2F01E8958780165A32AFD08E4C768F5625250628CB8A4C509D3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
21:49:00.0655 0x0de4  STacSV - ok
21:49:00.0671 0x0de4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:49:00.0674 0x0de4  stexstor - ok
21:49:00.0740 0x0de4  [ 32BE0B7CCA47A5BE30E7E43DC54B54F3, D4667E88E14393311F93D787C902B993B9451A94D332A65B0E22A8C40C3DFF44 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
21:49:00.0755 0x0de4  STHDA - ok
21:49:00.0802 0x0de4  [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
21:49:00.0806 0x0de4  StillCam - ok
21:49:00.0886 0x0de4  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:49:00.0910 0x0de4  stisvc - ok
21:49:00.0970 0x0de4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:49:00.0975 0x0de4  storahci - ok
21:49:00.0988 0x0de4  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
21:49:00.0991 0x0de4  storflt - ok
21:49:01.0020 0x0de4  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:49:01.0037 0x0de4  stornvme - ok
21:49:01.0092 0x0de4  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:49:01.0107 0x0de4  StorSvc - ok
21:49:01.0167 0x0de4  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:49:01.0170 0x0de4  storvsc - ok
21:49:01.0219 0x0de4  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:49:01.0234 0x0de4  svsvc - ok
21:49:01.0278 0x0de4  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:49:01.0283 0x0de4  swenum - ok
21:49:01.0365 0x0de4  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
21:49:01.0391 0x0de4  swprv - ok
21:49:01.0454 0x0de4  [ 1C9BC67929C728DED1091CA19C3F7D41, 78C7EA28E339FCDBD74470938298E33AB41A14CEE967E1B82CE1D11C54594135 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:49:01.0470 0x0de4  SynTP - ok
21:49:01.0583 0x0de4  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:49:01.0622 0x0de4  SysMain - ok
21:49:01.0675 0x0de4  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:49:01.0689 0x0de4  SystemEventsBroker - ok
21:49:01.0741 0x0de4  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:49:01.0758 0x0de4  TabletInputService - ok
21:49:01.0786 0x0de4  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:49:01.0801 0x0de4  TapiSrv - ok
21:49:01.0945 0x0de4  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:49:02.0011 0x0de4  Tcpip - ok
21:49:02.0089 0x0de4  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:49:02.0150 0x0de4  TCPIP6 - ok
21:49:02.0196 0x0de4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:49:02.0199 0x0de4  tcpipreg - ok
21:49:02.0257 0x0de4  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:49:02.0261 0x0de4  tdx - ok
21:49:02.0286 0x0de4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:49:02.0289 0x0de4  terminpt - ok
21:49:02.0382 0x0de4  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:49:02.0416 0x0de4  TermService - ok
21:49:02.0441 0x0de4  [ 95B3CEAF06A2DF96FE28CD0755D319C4, 4BFA65F9786AB80FF321A1D21C243DCCDA168FCD35394B1066BE9379A811F135 ] tgpxpdrj        C:\WINDOWS\system32\drivers\vikgn.sys
21:49:02.0445 0x0de4  tgpxpdrj - ok
21:49:02.0492 0x0de4  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:49:02.0500 0x0de4  Themes - ok
21:49:02.0550 0x0de4  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
21:49:02.0562 0x0de4  THREADORDER - ok
21:49:02.0583 0x0de4  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
21:49:02.0599 0x0de4  TimeBroker - ok
21:49:02.0623 0x0de4  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
21:49:02.0629 0x0de4  TPM - ok
21:49:02.0676 0x0de4  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:49:02.0686 0x0de4  TrkWks - ok
21:49:02.0733 0x0de4  [ 975F2CAA23B9CF4420EAB6439BE4D233, D2E37D96D1C90F3B1D5CE21E6516B88E98199F86EE56CDAF3E2673FFE154E452 ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
21:49:02.0736 0x0de4  TrueSight - ok
21:49:02.0851 0x0de4  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:49:02.0859 0x0de4  TrustedInstaller - ok
21:49:02.0895 0x0de4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
21:49:02.0902 0x0de4  TsUsbFlt - ok
21:49:02.0943 0x0de4  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:49:02.0954 0x0de4  TsUsbGD - ok
21:49:02.0990 0x0de4  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:49:02.0997 0x0de4  tunnel - ok
21:49:03.0059 0x0de4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
21:49:03.0079 0x0de4  uagp35 - ok
21:49:03.0134 0x0de4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:49:03.0141 0x0de4  UASPStor - ok
21:49:03.0222 0x0de4  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
21:49:03.0273 0x0de4  UCX01000 - ok
21:49:03.0347 0x0de4  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:49:03.0358 0x0de4  udfs - ok
21:49:03.0393 0x0de4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:49:03.0397 0x0de4  UEFI - ok
21:49:03.0437 0x0de4  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:49:03.0445 0x0de4  UI0Detect - ok
21:49:03.0481 0x0de4  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
21:49:03.0484 0x0de4  uliagpkx - ok
21:49:03.0537 0x0de4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:49:03.0540 0x0de4  umbus - ok
21:49:03.0568 0x0de4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:49:03.0570 0x0de4  UmPass - ok
21:49:03.0630 0x0de4  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:49:03.0647 0x0de4  UmRdpService - ok
21:49:03.0758 0x0de4  [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:49:03.0769 0x0de4  UNS - ok
21:49:03.0838 0x0de4  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:49:03.0856 0x0de4  upnphost - ok
21:49:03.0885 0x0de4  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:49:03.0891 0x0de4  usbccgp - ok
21:49:03.0965 0x0de4  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:49:03.0971 0x0de4  usbcir - ok
21:49:04.0029 0x0de4  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:49:04.0033 0x0de4  usbehci - ok
21:49:04.0056 0x0de4  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:49:04.0070 0x0de4  usbhub - ok
21:49:04.0097 0x0de4  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:49:04.0122 0x0de4  USBHUB3 - ok
21:49:04.0175 0x0de4  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:49:04.0179 0x0de4  usbohci - ok
21:49:04.0238 0x0de4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:49:04.0269 0x0de4  usbprint - ok
21:49:04.0366 0x0de4  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:49:04.0379 0x0de4  usbscan - ok
21:49:04.0476 0x0de4  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:49:04.0501 0x0de4  USBSTOR - ok
21:49:04.0582 0x0de4  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:49:04.0586 0x0de4  usbuhci - ok
21:49:04.0718 0x0de4  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
21:49:04.0739 0x0de4  usbvideo - ok
21:49:04.0777 0x0de4  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:49:04.0788 0x0de4  USBXHCI - ok
21:49:04.0801 0x0de4  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:49:04.0806 0x0de4  VaultSvc - ok
21:49:04.0847 0x0de4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:49:04.0850 0x0de4  vdrvroot - ok
21:49:04.0981 0x0de4  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
21:49:05.0023 0x0de4  vds - ok
21:49:05.0075 0x0de4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:49:05.0081 0x0de4  VerifierExt - ok
21:49:05.0130 0x0de4  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:49:05.0154 0x0de4  vhdmp - ok
21:49:05.0195 0x0de4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
21:49:05.0198 0x0de4  viaide - ok
21:49:05.0248 0x0de4  [ 59E6D1CC4EA1A19D07570AA0657ED966, 27E3366E7D2862148E6A8F6FAD02204FCAB50496ADCE49669096C54AA0A74022 ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:49:05.0251 0x0de4  VmbService - ok
21:49:05.0299 0x0de4  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:49:05.0303 0x0de4  vmbus - ok
21:49:05.0321 0x0de4  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:49:05.0324 0x0de4  VMBusHID - ok
21:49:05.0390 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:49:05.0408 0x0de4  vmicguestinterface - ok
21:49:05.0428 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
21:49:05.0443 0x0de4  vmicheartbeat - ok
21:49:05.0463 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:49:05.0479 0x0de4  vmickvpexchange - ok
21:49:05.0498 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
21:49:05.0514 0x0de4  vmicrdv - ok
21:49:05.0534 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
21:49:05.0549 0x0de4  vmicshutdown - ok
21:49:05.0570 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
21:49:05.0586 0x0de4  vmictimesync - ok
21:49:05.0606 0x0de4  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
21:49:05.0621 0x0de4  vmicvss - ok
21:49:05.0676 0x0de4  [ A96AFA32F73C065B9AE9D1554CDD00FC, 3EF9A03D1BD34D1991D35CD938050202F61EC7A0F2BD826671AA86B7EB452D45 ] VNA             C:\WINDOWS\system32\DRIVERS\vna.sys
21:49:05.0681 0x0de4  VNA - ok
21:49:05.0696 0x0de4  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:49:05.0701 0x0de4  volmgr - ok
21:49:05.0745 0x0de4  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:49:05.0758 0x0de4  volmgrx - ok
21:49:05.0775 0x0de4  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:49:05.0785 0x0de4  volsnap - ok
21:49:05.0820 0x0de4  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:49:05.0824 0x0de4  vpci - ok
21:49:05.0847 0x0de4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:49:05.0853 0x0de4  vsmraid - ok
21:49:05.0968 0x0de4  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
21:49:06.0014 0x0de4  VSS - ok
21:49:06.0078 0x0de4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:49:06.0088 0x0de4  VSTXRAID - ok
21:49:06.0188 0x0de4  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:49:06.0191 0x0de4  vwifibus - ok
21:49:06.0250 0x0de4  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:49:06.0253 0x0de4  vwififlt - ok
21:49:06.0262 0x0de4  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
21:49:06.0266 0x0de4  vwifimp - ok
21:49:06.0328 0x0de4  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
21:49:06.0346 0x0de4  W32Time - ok
21:49:06.0433 0x0de4  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:49:06.0436 0x0de4  w3logsvc - ok
21:49:06.0467 0x0de4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:49:06.0470 0x0de4  WacomPen - ok
21:49:06.0501 0x0de4  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:49:06.0505 0x0de4  Wanarp - ok
21:49:06.0511 0x0de4  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:49:06.0515 0x0de4  Wanarpv6 - ok
21:49:06.0584 0x0de4  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:49:06.0600 0x0de4  WAS - ok
21:49:06.0706 0x0de4  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:49:06.0799 0x0de4  wbengine - ok
21:49:06.0876 0x0de4  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:49:06.0897 0x0de4  WbioSrvc - ok
21:49:06.0915 0x0de4  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:49:06.0931 0x0de4  Wcmsvc - ok
21:49:06.0949 0x0de4  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:49:06.0967 0x0de4  wcncsvc - ok
21:49:06.0981 0x0de4  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:49:06.0990 0x0de4  WcsPlugInService - ok
21:49:07.0043 0x0de4  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:49:07.0046 0x0de4  WdBoot - ok
21:49:07.0130 0x0de4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:49:07.0155 0x0de4  Wdf01000 - ok
21:49:07.0185 0x0de4  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:49:07.0194 0x0de4  WdFilter - ok
21:49:07.0255 0x0de4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:49:07.0265 0x0de4  WdiServiceHost - ok
21:49:07.0272 0x0de4  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:49:07.0282 0x0de4  WdiSystemHost - ok
21:49:07.0335 0x0de4  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:49:07.0340 0x0de4  WdNisDrv - ok
21:49:07.0403 0x0de4  WdNisSvc - ok
21:49:07.0492 0x0de4  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:49:07.0508 0x0de4  WebClient - ok
21:49:07.0540 0x0de4  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:49:07.0554 0x0de4  Wecsvc - ok
21:49:07.0575 0x0de4  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:49:07.0585 0x0de4  WEPHOSTSVC - ok
21:49:07.0639 0x0de4  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:49:07.0648 0x0de4  wercplsupport - ok
21:49:07.0658 0x0de4  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:49:07.0670 0x0de4  WerSvc - ok
21:49:07.0727 0x0de4  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:49:07.0732 0x0de4  WFPLWFS - ok
21:49:07.0758 0x0de4  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:49:07.0769 0x0de4  WiaRpc - ok
21:49:07.0808 0x0de4  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:49:07.0810 0x0de4  WIMMount - ok
21:49:07.0815 0x0de4  WinDefend - ok
21:49:07.0898 0x0de4  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:49:07.0937 0x0de4  WinHttpAutoProxySvc - ok
21:49:08.0134 0x0de4  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:49:08.0146 0x0de4  Winmgmt - ok
21:49:08.0556 0x0de4  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:49:08.0658 0x0de4  WinRM - ok
21:49:08.0726 0x0de4  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
21:49:08.0729 0x0de4  WirelessButtonDriver - ok
21:49:08.0840 0x0de4  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:49:08.0888 0x0de4  WlanSvc - ok
21:49:09.0143 0x0de4  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:49:09.0216 0x0de4  wlidsvc - ok
21:49:09.0263 0x0de4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:49:09.0265 0x0de4  WmiAcpi - ok
21:49:09.0319 0x0de4  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:49:09.0325 0x0de4  wmiApSrv - ok
21:49:09.0376 0x0de4  WMPNetworkSvc - ok
21:49:09.0391 0x0de4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:49:09.0396 0x0de4  Wof - ok
21:49:09.0506 0x0de4  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:49:09.0561 0x0de4  workfolderssvc - ok
21:49:09.0619 0x0de4  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:49:09.0623 0x0de4  wpcfltr - ok
21:49:09.0673 0x0de4  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
21:49:09.0884 0x0de4  WPCSvc - ok
21:49:09.0905 0x0de4  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:49:09.0914 0x0de4  WPDBusEnum - ok
21:49:09.0967 0x0de4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:49:09.0970 0x0de4  WpdUpFltr - ok
21:49:10.0028 0x0de4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:49:10.0033 0x0de4  ws2ifsl - ok
21:49:10.0145 0x0de4  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:49:10.0174 0x0de4  wscsvc - ok
21:49:10.0181 0x0de4  WSearch - ok
21:49:10.0559 0x0de4  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
21:49:10.0734 0x0de4  WSService - ok
21:49:11.0245 0x0de4  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:49:11.0406 0x0de4  wuauserv - ok
21:49:11.0512 0x0de4  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:49:11.0527 0x0de4  WudfPf - ok
21:49:11.0551 0x0de4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
21:49:11.0561 0x0de4  WUDFRd - ok
21:49:11.0574 0x0de4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:49:11.0580 0x0de4  WUDFSensorLP - ok
21:49:11.0599 0x0de4  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:49:11.0611 0x0de4  wudfsvc - ok
21:49:11.0625 0x0de4  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:49:11.0634 0x0de4  WUDFWpdFs - ok
21:49:11.0705 0x0de4  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:49:11.0960 0x0de4  WwanSvc - ok
21:49:11.0987 0x0de4  ================ Scan global ===============================
21:49:12.0052 0x0de4  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
21:49:12.0106 0x0de4  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
21:49:12.0174 0x0de4  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
21:49:12.0207 0x0de4  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
21:49:12.0223 0x0de4  [ Global ] - ok
21:49:12.0224 0x0de4  ================ Scan MBR ==================================
21:49:12.0240 0x0de4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:49:12.0246 0x0de4  \Device\Harddisk0\DR0 - ok
21:49:12.0247 0x0de4  ================ Scan VBR ==================================
21:49:12.0250 0x0de4  [ 32869C4C7F1A872439FA17E5B35E791D ] \Device\Harddisk0\DR0\Partition1
21:49:12.0268 0x0de4  \Device\Harddisk0\DR0\Partition1 - ok
21:49:12.0280 0x0de4  [ 72719EAE46D1DFF3FFC59275695797D8 ] \Device\Harddisk0\DR0\Partition2
21:49:12.0295 0x0de4  \Device\Harddisk0\DR0\Partition2 - ok
21:49:12.0311 0x0de4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:49:12.0311 0x0de4  \Device\Harddisk0\DR0\Partition3 - ok
21:49:12.0326 0x0de4  [ E801F288BAFC42A8DB041FA2A8C817E9 ] \Device\Harddisk0\DR0\Partition4
21:49:12.0327 0x0de4  \Device\Harddisk0\DR0\Partition4 - ok
21:49:12.0361 0x0de4  [ C9FC7874769C13FD0169DB8302009ABD ] \Device\Harddisk0\DR0\Partition5
21:49:12.0380 0x0de4  \Device\Harddisk0\DR0\Partition5 - ok
21:49:12.0397 0x0de4  [ 470A6986D6DFD8E59E9A9E120C12D0F3 ] \Device\Harddisk0\DR0\Partition6
21:49:12.0444 0x0de4  \Device\Harddisk0\DR0\Partition6 - ok
21:49:12.0444 0x0de4  ================ Scan generic autorun ======================
21:49:12.0658 0x0de4  [ 210875E72C45D712120904128F357233, 4998BF27D28D4DDE79F9B06E0562E28A9D433DBFC0D3D4144A7A97EBF5110091 ] C:\Program Files\IDT\WDM\sttray64.exe
21:49:12.0738 0x0de4  SysTrayApp - ok
21:49:12.0840 0x0de4  [ 8EC9EF60E24E88DC5DC74D305925E2CF, 37719AAD02B4EA851F899AB4A3464EA381B96BA2E386A52BF9FDAA8C9257FDBE ] C:\Windows\system32\igfxtray.exe
21:49:12.0858 0x0de4  IgfxTray - ok
21:49:12.0860 0x0de4  SynTPEnh - ok
21:49:13.0090 0x0de4  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
21:49:13.0105 0x0de4  NCPluginUpdater - ok
21:49:13.0299 0x0de4  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
21:49:13.0303 0x0de4  RemoteControl10 - ok
21:49:13.0421 0x0de4  [ A9732510C6D8E3C954DB2F249AAC9818, 491DA44A6905418B01B3A7864D9E58BF86F9E06FF4A1221D5369C684E57BF33D ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
21:49:13.0438 0x0de4  HP Quick Launch - ok
21:49:13.0701 0x0de4  [ D1C8B0DC04347B6B9B5B3B9204DF6756, DA4D1CC98DCDFDF674F83164843A6B4E8830232700BE13CC755F94638351DA8B ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
21:49:13.0733 0x0de4  HP CoolSense - ok
21:49:13.0880 0x0de4  [ A2CF504CD272A96696D3F4109EA7B74B, EF5E42593A63010797F0B0B088B196EA3B1306908D5897D4F4B4298F6C301E57 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
21:49:13.0927 0x0de4  MobileBroadband - ok
21:49:14.0083 0x0de4  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
21:49:14.0085 0x0de4  GrooveMonitor - ok
21:49:14.0309 0x0de4  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:49:14.0416 0x0de4  AvastUI.exe - ok
21:49:14.0595 0x0de4  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:49:14.0843 0x0de4  SunJavaUpdateSched - ok
21:49:14.0943 0x0de4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:49:14.0946 0x0de4  HP Software Update - ok
21:49:15.0075 0x0de4  [ 842C198BB5FB3A051C34D493F3A7DFF4, DAAA42E02CC0D268FAEB72FE37D75A8832C1A31207C789138BBE9FCB1A98B183 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
21:49:15.0078 0x0de4  Malwarebytes Anti-Malware (cleanup) - ok
21:49:15.0154 0x0de4  [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:49:15.0168 0x0de4  WAB Migrate - ok
21:49:15.0169 0x0de4  Waiting for KSN requests completion. In queue: 142
21:49:16.0170 0x0de4  Waiting for KSN requests completion. In queue: 142
21:49:17.0171 0x0de4  Waiting for KSN requests completion. In queue: 142
21:49:18.0172 0x0de4  Waiting for KSN requests completion. In queue: 142
21:49:19.0403 0x0de4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
21:49:19.0419 0x0de4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
21:49:19.0487 0x0de4  Win FW state via NFP2: enabled
21:49:22.0199 0x0de4  ============================================================
21:49:22.0199 0x0de4  Scan finished
21:49:22.0199 0x0de4  ============================================================
21:49:22.0211 0x11e8  Detected object count: 0
21:49:22.0211 0x11e8  Actual detected object count: 0
 



#4 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 01 December 2014 - 04:22 PM

That was quite a collection of adware. Removing it must give you some relief.

 

CCleaner - PC Optimization and Cleaning - Free Download

Install CCleaner, open it and click on the run cleaner button at the bottom right. That will clean up temporary files, caches, logs, ALL cookies.

Pay close attention while installing and UNcheck offers of Google or other toolbars. No need to use the Registry Cleaning Tool...risky.

 

Click on CCleaner's Tools. Choose Startups. At the bottom of that page you will see a button when clicked will allow you to copy and

paste the list of Windows Startups in your next reply. Click on the buttons at the top of that page for each browser and Tasks and posts

those lists, too.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 01 December 2014 - 04:29 PM

Add these scans to my post #4

Rerun AdwCleaner and post its log. Run a scan using Junkware Removal Tool.

 

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 02 December 2014 - 04:56 AM

Yes    HKLM:Run    AvastUI.exe    AVAST Software    "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Yes    HKLM:Run    GrooveMonitor    Microsoft Corporation    "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Yes    HKLM:Run    HP CoolSense    Hewlett-Packard Development Company, L.P.    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
Yes    HKLM:Run    HP Quick Launch    Hewlett-Packard Development Company, L.P.    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
No    HKLM:Run    HP Software Update    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes    HKLM:Run    IgfxTray    Intel Corporation    C:\Windows\system32\igfxtray.exe
Yes    HKLM:Run    MobileBroadband    Vodafone    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
Yes    HKLM:Run    RemoteControl10    CyberLink Corp.    "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
No    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes    HKLM:Run    SysTrayApp    IDT, Inc.    C:\Program Files\IDT\WDM\sttray64.exe
Yes    HKLM:RunOnce    NCPluginUpdater    Hewlett-Packard    "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
Yes    Startup Common    HP Digital Imaging Monitor.lnk    Hewlett-Packard Co.    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Yes    Startup User    Dropbox.lnk    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\Dropbox.exe
Yes    Startup User    EvernoteClipper.lnk    Evernote Corp., 305 Walnut Street, Redwood City, CA 94063    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Yes    Startup User    Ritaglio schermata e avvio di OneNote 2007.lnk    Microsoft Corporation    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Yes    Startup User    Verbatim GREEN BUTTON.lnk        C:\Program Files (x86)\Verbatim GREEN BUTTON\GREEN BUTTON.exe
 

 

Yes    Extension    Aggiungi a Evernote 5        C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Yes    Extension    HP Smart Print    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
Yes    Extension    Inserisci blog    Microsoft Corporation    C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Yes    Extension    Invia a OneNote    Microsoft Corporation    C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
Yes    Extension    Research    Microsoft Corporation    C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Yes    Extension    Skype Click to Call settings    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Yes    Extension    Skype Click to Call settings    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
Yes    Extension    Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
Yes    Helper    avast! Online Security    AVAST Software    C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
Yes    Helper    avast! Online Security    AVAST Software    C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
No    Helper    Evernote extension    Evernote Corp., 305 Walnut Street, Redwood City, CA 94063    C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
No    Helper    Groove GFS Browser Helper    Microsoft Corporation    C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
No    Helper    HP Network Check Helper    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
No    Helper    HP Network Check Helper    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
Yes    Helper    Java™ Plug-In 2 SSV Helper    Oracle Corporation    C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
Yes    Helper    Java™ Plug-In SSV Helper    Oracle Corporation    C:\Program Files (x86)\Java\jre7\bin\ssv.dll
No    Helper    Skype Click to Call for Internet Explorer    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
No    Helper    Skype Click to Call for Internet Explorer    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
 

 

No    Extension    avast! Online Security    9.0.2006.53    AVAST Software    default-1373181426824        C:\Program Files\AVAST Software\Avast\WebRep\FF
Yes    Extension    Firebug    1.12.5    Joe Hewitt    default-1373181426824        C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\firebug@software.joehewitt.com.xpi
No    Extension    Skype Click to Call    6.12.0.13601    Skype Technologies S.A.    default-1373181426824        C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
No    Plugin    Foxit Reader Plugin for Mozilla    2.2.3.703    Foxit Corporation    default-1373181426824        C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
No    Plugin    Google Earth Plugin    7.1.2.2041    Google    default-1373181426824        C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
No    Plugin    Google Update    1.3.25.11    Google Inc.    default-1373181426824        C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
No    Plugin    Intel® Identity Protection Technology    2.1.66.0    Intel Corporation    default-1373181426824        C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
No    Plugin    Intel® Identity Protection Technology    2.1.66.0    Intel Corporation    default-1373181426824        C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
No    Plugin    Java Deployment Toolkit 7.0.510.13    10.51.2.13    Oracle Corporation    default-1373181426824        C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
No    Plugin    Java™ Platform SE 7 U51    10.51.2.13    Oracle Corporation    default-1373181426824        C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
No    Plugin    Shockwave Flash    15.0.0.239    Adobe Systems Incorporated    default-1373181426824        C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
No    Plugin    Shockwave for Director    11.6.5.635    Adobe Systems, Inc.    default-1373181426824        C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
No    Plugin    Silverlight Plug-In    5.1.30514.0     Microsoft Corporation    default-1373181426824        c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
No    Plugin    VLC Web Plugin    2.1.3.0    VideoLAN    default-1373181426824        C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
No    Plugin    Windows Live™ Photo Gallery    15.4.3555.308    Microsoft Corporation    default-1373181426824        C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 

 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCeeScheduleForLUCA$    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLUCA$ (null)
Yes    Task    HPCeeScheduleForLucaTixi    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLucaTixi (null)
Yes    Task    HPCustParticipation HP Deskjet 2540 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
Yes    Task    Installer_geforce        C:\Users\LucaTixi\AppData\Local\Installer\Installgeforce_32534\DC1AB5RN511.exe /S /SCHEDULE /MAG=obrdc /pn=geforce /pixGuid=76e4e8d7-463e-4e1b-962f-7f6644840bd1 /sub=18082 /Reason=Network
Yes    Task    Installer_ytd        C:\Users\LucaTixi\AppData\Local\Installer\Installytd_41\DC1AB5RN511.exe /S /SCHEDULE /MAG=obrdc /pn=ytd /pixGuid=76e4e8d7-463e-4e1b-962f-7f6644840bd1 /sub=18082 /Reason=Version
Yes    Task    Java Update Scheduler    Oracle Corporation    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Yes    Task    JU        C:\Users\LucaTixi\AppData\Roaming\JU.exe /infocmdline=Y1JKL0KNLxKhWUUyXGWMwfAqP26FLcjDBYCfF23KFZDmXC7iFC7Yv/9qWhNtaZjHtJglr+Nz8GlkZEUHOaI1wlodWn9mzyqVM9vCipv0jAhE0YOpksDZXBpCRfu2aG3/8u92oBFC0Spq8wBmJeThIfAhmByoWlft0h8oqNoUZyQK2zDPJ9dl1YtSfyaJM82RjR49wWHHmPAzFifF8596J+2INOmb6FkKuFmxJawE4F9+EErAOen5wyhGQkVMTLXYBm0GKMWs/JN22IqhOYMbV2cbuOQhBAg0Q1coOjIpD1NH5zJpwvTPl/MK9RejZT7Cp9/WkSvaJv4c+jlLwyPz/irbnnMuxnfGFx9B+NZbmHPGLh8QGzP2v+3Nah4krh9ir4wM3FIlGv8j9lzfe8/RJcpQ/kqMl15g8FPMvtpkP9VUW28SvA0mYT40hH72Zqi4RJitzXjv6cxjSBS8M5l64ft3g7eo7i2NdnJGgUBThvO/zUFyI9W6GSiTkCsQkLzZ
Yes    Task    Optimize Start Menu Cache Files-S-1-5-21-565506067-3698530459-4260336734-1002        
Yes    Task    Optimize Start Menu Cache Files-S-1-5-21-565506067-3698530459-4260336734-500        
Yes    Task    PQWBVJPG        C:\Users\LucaTixi\AppData\Roaming\PQWBVJPG.exe /infocmdline=k5TjQD+un+9n0xCJ8VnF7/1JhfzPssesLE9jZWXVaiRTdNYW3ab/aYLr12dVldsll0gFbiWaz7sFcl9kkNVaD8sD6ajXVQI7TXK8S3YzBfj2Gln0UmG4pzyDlgIoVLCIP7TUivzXQNaP9Td8967cKokj7dHV69lk3YLI1RLBiAQb7NQ3a77PjLP66TFtigTTao+8tZ47TGJC9L+MUDsy2jR0l21wd/wZHDp736tWWbcjjlBScz+iwZ+Dq6GrkU7JQDo//cnfK/Gcim4uZlj032oYmd3vCo1p5qyf809/bjIbnsXqr+ux3LurnOnJMmSetBJfgG0uM9X26tse+2A2Wb0wyQRhEGNj6Tr3foPSX56+7GpM546Ak5yA6d+7sfVpre/nMolel1dz1FG61NCFLDoxTuKAUz55T7vvj7BgpD+uG8D74PHINZQgX4qmC3uNGMthrId8S1da8XcqwXuvhyvalDgKSHUUiCTeb+++TLo/1Q8uF0UMDbOWcw8OeUeBsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
Yes    Task    Programma di aggiornamento HP online    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes    Task    Synaptics TouchPad Enhancements    Synaptics Incorporated    "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
 

 

Yes    Directory    7-Zip    Igor Pavlov    C:\Program Files (x86)\7-Zip\7-zip.dll
Yes    Directory    Aggiungi alla scaletta del lettore multimediale VLC    VideoLAN    "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Yes    Directory    avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    Directory    DropboxExt    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
Yes    Directory    GDContextMenu    Google    C:\Program Files (x86)\Google\Drive\contextmenu64.dll
Yes    Directory    Riproduci con il lettore multimediale VLC    VideoLAN    "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Yes    File    00avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    File    7-Zip    Igor Pavlov    C:\Program Files (x86)\7-Zip\7-zip.dll
Yes    File    ANotepad++64        C:\Program Files (x86)\Notepad++\NppShell_05.dll
Yes    File    avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    File    DropboxExt    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
Yes    File    Foxit_ConvertToPDF_Reader    Foxit Corporation    C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll
Yes    File    GDContextMenu    Google    C:\Program Files (x86)\Google\Drive\contextmenu64.dll
 



#7 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 02 December 2014 - 05:07 AM

# AdwCleaner v4.103 - Rapporto creato 02/12/2014 in 11:01:58
# Aggiornato 01/12/2014 di Xplode
# Database : 2014-12-01.2 [Live]
# Sistema operativo : Windows 8.1  (64 bits)
# Nome utente : LucaTixi - LUCA
# In esecuzione da : C:\Users\LucaTixi\Desktop\AdwCleaner(1).exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

Cartella Eliminato : C:\Users\LucaTixi\AppData\Local\CrashRpt

***** [ Compiti ] *****


***** [ Collegamenti ] *****


***** [ Registro ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.1 (x86 it)

[em9wvby8.default-1373181426824\prefs.js] - Riga eliminata : user_pref("extensions.aae44639e43f24cd1aa8039d5d2e18fa9gmailcom68153.68153.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]

-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [17326 octets] - [29/04/2014 14:38:08]
AdwCleaner[R1].txt - [1372 octets] - [29/04/2014 14:48:16]
AdwCleaner[R2].txt - [1235 octets] - [29/04/2014 15:36:30]
AdwCleaner[R3].txt - [1270 octets] - [30/04/2014 08:36:35]
AdwCleaner[R4].txt - [16038 octets] - [29/11/2014 21:16:26]
AdwCleaner[R5].txt - [2062 octets] - [30/11/2014 14:08:05]
AdwCleaner[R6].txt - [1951 octets] - [02/12/2014 10:57:22]
AdwCleaner[S0].txt - [14724 octets] - [29/04/2014 14:41:58]
AdwCleaner[S1].txt - [1436 octets] - [29/04/2014 14:50:49]
AdwCleaner[S2].txt - [1296 octets] - [29/04/2014 15:39:41]
AdwCleaner[S3].txt - [1329 octets] - [30/04/2014 08:39:10]
AdwCleaner[S4].txt - [15781 octets] - [29/11/2014 21:21:25]
AdwCleaner[S5].txt - [1775 octets] - [30/11/2014 14:11:55]
AdwCleaner[S6].txt - [1750 octets] - [02/12/2014 11:01:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1810 octets] ##########
 



#8 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 02 December 2014 - 05:22 AM

And here the Junkware post, thanks!!

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by LucaTixi on 02/12/2014 at 11.12.34,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webspades
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webspades



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{027D0A0F-EBF8-4CF7-BEFA-E453817428AE}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{1370EDFB-04C8-417C-8C1A-752108C93200}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{2AAC6013-2A02-4855-9206-22B851241867}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{3A17E5BE-7EE3-4DC7-9DA7-FA2D511D851E}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{5666978A-AFE1-4F8C-A4C5-2135C83F8DF9}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{6CBA65E4-7B25-4C3E-8321-CC95E4770656}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{96778C48-7C64-4D69-8DBC-1DD9FD391836}
Successfully deleted: [Empty Folder] C:\Users\LucaTixi\appdata\local\{EBA9BA5E-41AA-41C4-A0D6-68713B43631A}



~~~ FireFox

Successfully deleted the following from C:\Users\LucaTixi\AppData\Roaming\mozilla\firefox\profiles\em9wvby8.default-1373181426824\prefs.js

user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
Emptied folder: C:\Users\LucaTixi\AppData\Roaming\mozilla\firefox\profiles\em9wvby8.default-1373181426824\minidumps [58 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/12/2014 at 11.20.42,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#9 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 02 December 2014 - 08:55 AM

Disable Items In Bold

 

Yes    HKLM:Run    AvastUI.exe    AVAST Software    "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Yes    HKLM:Run    GrooveMonitor    Microsoft Corporation    "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Yes    HKLM:Run    HP CoolSense    Hewlett-Packard Development Company, L.P.    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
Yes    HKLM:Run    HP Quick Launch    Hewlett-Packard Development Company, L.P.    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
No    HKLM:Run    HP Software Update    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes    HKLM:Run    IgfxTray    Intel Corporation    C:\Windows\system32\igfxtray.exe
Yes    HKLM:Run    MobileBroadband    Vodafone    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
Yes    HKLM:Run    RemoteControl10    CyberLink Corp.    "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" (Unless you use a remote control gadget)
No    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes    HKLM:Run    SysTrayApp    IDT, Inc.    C:\Program Files\IDT\WDM\sttray64.exe
Yes    HKLM:RunOnce    NCPluginUpdater    Hewlett-Packard    "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
Yes    Startup Common    HP Digital Imaging Monitor.lnk    Hewlett-Packard Co.    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Yes    Startup User    Dropbox.lnk    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\Dropbox.exe
Yes    Startup User    EvernoteClipper.lnk    Evernote Corp., 305 Walnut Street, Redwood City, CA 94063    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Yes    Startup User    Ritaglio schermata e avvio di OneNote 2007.lnk    Microsoft Corporation    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Yes    Startup User    Verbatim GREEN BUTTON.lnk        C:\Program Files (x86)\Verbatim GREEN BUTTON\GREEN BUTTON.exe
 

 

Yes    Extension    Aggiungi a Evernote 5        C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Yes    Extension    HP Smart Print    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
Yes    Extension    Inserisci blog    Microsoft Corporation    C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Yes    Extension    Invia a OneNote    Microsoft Corporation    C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
Yes    Extension    Research    Microsoft Corporation    C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Yes    Extension    Skype Click to Call settings    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Yes    Extension    Skype Click to Call settings    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

Yes    Extension    Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
Yes    Helper    avast! Online Security    AVAST Software    C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
Yes    Helper    avast! Online Security    AVAST Software    C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

No    Helper    Evernote extension    Evernote Corp., 305 Walnut Street, Redwood City, CA 94063    C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
No    Helper    Groove GFS Browser Helper    Microsoft Corporation    C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
No    Helper    HP Network Check Helper    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
No    Helper    HP Network Check Helper    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
Yes    Helper    Java™ Plug-In 2 SSV Helper    Oracle Corporation    C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (most users don't need Java)
Yes    Helper    Java™ Plug-In SSV Helper    Oracle Corporation    C:\Program Files (x86)\Java\jre7\bin\ssv.dll

No    Helper    Skype Click to Call for Internet Explorer    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
No    Helper    Skype Click to Call for Internet Explorer    Microsoft Corporation    C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
 

 

No    Extension    avast! Online Security    9.0.2006.53    AVAST Software    default-1373181426824        C:\Program Files\AVAST Software\Avast\WebRep\FF
Yes    Extension    Firebug    1.12.5    Joe Hewitt    default-1373181426824        C:\Users\LucaTixi\AppData\Roaming\Mozilla\Firefox\Profiles\em9wvby8.default-1373181426824\extensions\firebug@software.joehewitt.com.xpi
No    Extension    Skype Click to Call    6.12.0.13601    Skype Technologies S.A.    default-1373181426824        C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
No    Plugin    Foxit Reader Plugin for Mozilla    2.2.3.703    Foxit Corporation    default-1373181426824        C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
No    Plugin    Google Earth Plugin    7.1.2.2041    Google    default-1373181426824        C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
No    Plugin    Google Update    1.3.25.11    Google Inc.    default-1373181426824        C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
No    Plugin    Intel® Identity Protection Technology    2.1.66.0    Intel Corporation    default-1373181426824        C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
No    Plugin    Intel® Identity Protection Technology    2.1.66.0    Intel Corporation    default-1373181426824        C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
No    Plugin    Java Deployment Toolkit 7.0.510.13    10.51.2.13    Oracle Corporation    default-1373181426824        C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
No    Plugin    Java™ Platform SE 7 U51    10.51.2.13    Oracle Corporation    default-1373181426824        C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
No    Plugin    Shockwave Flash    15.0.0.239    Adobe Systems Incorporated    default-1373181426824        C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
No    Plugin    Shockwave for Director    11.6.5.635    Adobe Systems, Inc.    default-1373181426824        C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
No    Plugin    Silverlight Plug-In    5.1.30514.0     Microsoft Corporation    default-1373181426824        c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
No    Plugin    VLC Web Plugin    2.1.3.0    VideoLAN    default-1373181426824        C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
No    Plugin    Windows Live™ Photo Gallery    15.4.3555.308    Microsoft Corporation    default-1373181426824        C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 

 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

Yes    Task    HPCeeScheduleForLUCA$    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLUCA$ (null)
Yes    Task    HPCeeScheduleForLucaTixi    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLucaTixi (null)
Yes    Task    HPCustParticipation HP Deskjet 2540 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
Yes    Task    Installer_geforce        C:\Users\LucaTixi\AppData\Local\Installer\Installgeforce_32534\DC1AB5RN511.exe /S /SCHEDULE /MAG=obrdc /pn=geforce /pixGuid=76e4e8d7-463e-4e1b-962f-7f6644840bd1 /sub=18082 /Reason=Network
Yes    Task    Installer_ytd        C:\Users\LucaTixi\AppData\Local\Installer\Installytd_41\DC1AB5RN511.exe /S /SCHEDULE /MAG=obrdc /pn=ytd /pixGuid=76e4e8d7-463e-4e1b-962f-7f6644840bd1 /sub=18082 /Reason=Version
Yes    Task    Java Update Scheduler    Oracle Corporation    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Yes    Task    JU        C:\Users\LucaTixi\AppData\Roaming\JU.exe /infocmdline=Y1JKL0KNLxKhWUUyXGWMwfAqP26FLcjDBYCfF23KFZDmXC7iFC7Yv/9qWhNtaZjHtJglr+Nz8GlkZEUHOaI1wlodWn9mzyqVM9vCipv0jAhE0YOpksDZXBpCRfu2aG3/8u92oBFC0Spq8wBmJeThIfAhmByoWlft0h8oqNoUZyQK2zDPJ9dl1YtSfyaJM82RjR49wWHHmPAzFifF8596J+2INOmb6FkKuFmxJawE4F9+EErAOen5wyhGQkVMTLXYBm0GKMWs/JN22IqhOYMbV2cbuOQhBAg0Q1coOjIpD1NH5zJpwvTPl/MK9RejZT7Cp9/WkSvaJv4c+jlLwyPz/irbnnMuxnfGFx9B+NZbmHPGLh8QGzP2v+3Nah4krh9ir4wM3FIlGv8j9lzfe8/RJcpQ/kqMl15g8FPMvtpkP9VUW28SvA0mYT40hH72Zqi4RJitzXjv6cxjSBS8M5l64ft3g7eo7i2NdnJGgUBThvO/zUFyI9W6GSiTkCsQkLzZ
Yes    Task    Optimize Start Menu Cache Files-S-1-5-21-565506067-3698530459-4260336734-1002        
Yes    Task    Optimize Start Menu Cache Files-S-1-5-21-565506067-3698530459-4260336734-500        
Yes    Task    PQWBVJPG        C:\Users\LucaTixi\AppData\Roaming\PQWBVJPG.exe /infocmdline=k5TjQD+un+9n0xCJ8VnF7/1JhfzPssesLE9jZWXVaiRTdNYW3ab/aYLr12dVldsll0gFbiWaz7sFcl9kkNVaD8sD6ajXVQI7TXK8S3YzBfj2Gln0UmG4pzyDlgIoVLCIP7TUivzXQNaP9Td8967cKokj7dHV69lk3YLI1RLBiAQb7NQ3a77PjLP66TFtigTTao+8tZ47TGJC9L+MUDsy2jR0l21wd/wZHDp736tWWbcjjlBScz+iwZ+Dq6GrkU7JQDo//cnfK/Gcim4uZlj032oYmd3vCo1p5qyf809/bjIbnsXqr+ux3LurnOnJMmSetBJfgG0uM9X26tse+2A2Wb0wyQRhEGNj6Tr3foPSX56+7GpM546Ak5yA6d+7sfVpre/nMolel1dz1FG61NCFLDoxTuKAUz55T7vvj7BgpD+uG8D74PHINZQgX4qmC3uNGMthrId8S1da8XcqwXuvhyvalDgKSHUUiCTeb+++TLo/1Q8uF0UMDbOWcw8OeUeBsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg= (Adware...uninstall if possible..not just disable)
Yes    Task    Programma di aggiornamento HP online    Hewlett-Packard    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes    Task    Synaptics TouchPad Enhancements    Synaptics Incorporated    "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
 

 

Yes    Directory    7-Zip    Igor Pavlov    C:\Program Files (x86)\7-Zip\7-zip.dll
Yes    Directory    Aggiungi alla scaletta del lettore multimediale VLC    VideoLAN    "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Yes    Directory    avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    Directory    DropboxExt    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
Yes    Directory    GDContextMenu    Google    C:\Program Files (x86)\Google\Drive\contextmenu64.dll
Yes    Directory    Riproduci con il lettore multimediale VLC    VideoLAN    "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Yes    File    00avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    File    7-Zip    Igor Pavlov    C:\Program Files (x86)\7-Zip\7-zip.dll
Yes    File    ANotepad++64        C:\Program Files (x86)\Notepad++\NppShell_05.dll
Yes    File    avast    AVAST Software    C:\Program Files\AVAST Software\Avast\ashShA64.dll
Yes    File    DropboxExt    Dropbox, Inc.    C:\Users\LucaTixi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
Yes    File    Foxit_ConvertToPDF_Reader    Foxit Corporation    C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll
Yes    File    GDContextMenu    Google    C:\Program Files (x86)\Google\Drive\contextmenu64.dll
 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 02 December 2014 - 11:30 AM

Done! What should i do now?



#11 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 02 December 2014 - 11:35 AM

Is there still a problem? If so, describe.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 December 2014 - 08:07 AM

No more problems I think



#13 buddy215

buddy215

  • Moderator
  • 13,301 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:34 PM

Posted 03 December 2014 - 09:40 AM

Good...

Some of the junkware/ adware you had is often distributed by clicking on links in Facebook and in other sites and then it asks you to

install a video player, etc. to view some video or whatever. Avoiding clicking on links and adding codecs or video players will significantly

decrease the chances of being infected again.

Check to make sure that Java (not java script), Flash and Windows have the latest security updates. Check in your Add/ Remove list of

programs and uninstall ALL old Java programs.....malware magnets. Most users don't need Java....

 

Happy surfin' !


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 ltix86

ltix86
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 December 2014 - 12:03 PM

Thanks very very much!

Cheers

Luca






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users