Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by adultcameras.info Popup


  • Please log in to reply
15 replies to this topic

#1 stemi

stemi

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 06 February 2015 - 02:59 PM

Hi everyone.

This is my first post. Thank you in advance for any help.

 

I have been infected by adultcameras.info popup. Very often, when I click on several links in various sites, a popup window or new tab of adultcameras.info is displayed. The problem affects mainly Google Chrome. I don't remember if Internet Explorer and Mozilla showed the same problem, but even if this has happened the occurance is much more rare.

I have used several spyware removal tools, I have changed the DchpNameServer in registry, I have reset my router, I have unistall and reistall Google Chrome, but nothing is working. The problem persists (and so I have blocked my kids Internet access). I had also many problem opening pages since error 404 was coming too often. It seems now that this is resolved after the reseting of my router.

 

So, is there anyone that can help?

Thank you ...

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 06 February 2015 - 03:10 PM

Hello Stemi. I moved this to the Am I Infected forum to run some tools and see how it is.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 06 February 2015 - 03:49 PM

Thank you for your reply.

 

HERE IS THE LOG FROM MiniToolBox:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by user (administrator) on 06-02-2015 at 22:18:13
Running from "C:\Users\user\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1 localhost
 
127.0.0.1 localhost
 
========================= IP Configuration: ================================
 
Atheros AR8131 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : user-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 6C-62-6D-CE-49-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8c20:1e53:5c48:e9fe%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : , 6 妬 2015 9:15:52
   Lease Expires . . . . . . . . . . : ⨘, 9 妬 2015 9:15:52
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 241984109
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-17-9A-F2-6C-62-6D-CE-49-64
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2a00:1450:4001:80c::1004
 173.194.116.101
 173.194.116.102
 173.194.116.105
 173.194.116.97
 173.194.116.100
 173.194.116.98
 173.194.116.99
 173.194.116.96
 173.194.116.103
 173.194.116.104
 173.194.116.110
 
 
Pinging google.com [173.194.116.105] with 32 bytes of data:
Reply from 173.194.116.105: bytes=32 time=99ms TTL=57
Reply from 173.194.116.105: bytes=32 time=99ms TTL=57
 
Ping statistics for 173.194.116.105:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 99ms, Maximum = 99ms, Average = 99ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=249ms TTL=51
Reply from 206.190.36.45: bytes=32 time=249ms TTL=51
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 249ms, Maximum = 249ms, Average = 249ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...6c 62 6d ce 49 64 ......Atheros AR8131 PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.100    276
    192.168.0.100  255.255.255.255         On-link     192.168.0.100    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.100    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::8c20:1e53:5c48:e9fe/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/06/2015 09:12:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/06/2015 08:53:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/06/2015 08:41:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/06/2015 01:58:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 07:20:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 04:52:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: xnview.exe, version: 1.98.0.0, time stamp: 0x4e259822
Faulting module name: QuickTime.qts, version: 4.1.0.63, time stamp: 0x38598e82
Exception code: 0xc0000005
Fault offset: 0x002a3156
Faulting process id: 0x12a8
Faulting application start time: 0xxnview.exe0
Faulting application path: xnview.exe1
Faulting module path: xnview.exe2
Report Id: xnview.exe3
 
Error: (02/05/2015 04:42:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 00:42:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 00:38:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/05/2015 00:33:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (02/06/2015 09:12:35 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/06/2015 09:12:20 PM) (Source: Service Control Manager) (User: )
Description: The sbapifs service failed to start due to the following error: 
%%2
 
Error: (02/06/2015 08:53:47 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/06/2015 08:53:36 PM) (Source: Service Control Manager) (User: )
Description: The sbapifs service failed to start due to the following error: 
%%2
 
Error: (02/06/2015 08:52:26 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/06/2015 08:49:26 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/06/2015 08:47:03 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/06/2015 08:47:03 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/06/2015 08:46:36 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/06/2015 08:46:36 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (12/21/2014 11:52:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10911 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error: (09/23/2014 11:01:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5031 seconds with 2640 seconds of active time.  This session ended with a crash.
 
Error: (07/20/2014 03:34:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 267 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (05/18/2014 08:09:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 198 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error: (05/18/2014 08:05:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4255 seconds with 2640 seconds of active time.  This session ended with a crash.
 
Error: (05/11/2014 06:07:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2645 seconds with 2040 seconds of active time.  This session ended with a crash.
 
Error: (04/04/2014 06:04:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5618 seconds with 2280 seconds of active time.  This session ended with a crash.
 
Error: (03/30/2014 09:07:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4238 seconds with 2220 seconds of active time.  This session ended with a crash.
 
Error: (02/28/2014 10:19:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 919 seconds with 720 seconds of active time.  This session ended with a crash.
 
Error: (02/27/2014 11:52:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1295 seconds with 720 seconds of active time.  This session ended with a crash.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKLM\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.)
AceMoney (HKLM\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM\...\Akamai) (Version:  - )
Any Video Converter 5.5.2 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Design Review 2012 (HKLM\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CambridgeSoft Activation Client (HKLM\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemDraw Ultra 12.0 (HKLM\...\{48DEAAF2-8276-4BBD-B7B6-91E454938476}) (Version: 12.0 - CambridgeSoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
ConvertXtoDVD 4.0.10.324 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.10.324 - )
Coupon Printer (HKLM\...\Coupon Printer2.2.0.9) (Version: 2.2.0.9 - Coupons.com Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPUB File Reader (HKLM\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FormatFactory 2.80 (HKLM\...\FormatFactory) (Version: 2.80 - Free Time)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.4.2.901 - Foxit Corporation)
GetRight (HKLM\...\GetRight_is1) (Version:  - Headlight Software, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Graph 4.3 (HKLM\...\Graph_is1) (Version:  - Ivan Johansen)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2413 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2063897) (HKLM\...\A-WIN-Extras 8.0.1 2063897_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
MestReNova 8.1.1-11591 (HKLM\...\MestReNova) (Version: 8.1.1-11591 - Mestrelab Research S.L.)
MestReNova LITE 5.2.5-5780 (HKLM\...\MestReNova LITE) (Version: 5.2.5-5780 - Mestrelab Research S.L.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Greek) 2007 (Version: 12.0.4818.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 el) (HKLM\...\Mozilla Firefox 35.0.1 (x86 el)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{235BBFC6-D863-4066-A01A-3BD504C31032}) (Version: 7.02.2620 - Nero AG)
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.00.03.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM\...\pandasecuritytb) (Version: 4.2.0.10 - Panda Security)
Panda Security URL Filtering (HKLM\...\Panda Security URL Filtering) (Version: 2.0.1.4 - Panda Security)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Pinnacle Studio 15 (HKLM\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime (HKLM\...\QuickTime) (Version:  - )
Reader for PC (HKLM\...\{91605026-DBBF-48FF-B703-F7719CE3F703}) (Version: 1.1.05.13310 - Sony Corporation)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RoboForm 7-5-7 (All Users) (HKLM\...\AI RoboForm) (Version: 7-5-7 - Siber Systems)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype™ 6.1 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SPSS Statistics 17.0 (HKLM\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Stellarium 0.11.4 (HKLM\...\Stellarium_is1) (Version: 0.11.4 - Stellarium team)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}) (Version: 4.4.24.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Ultra Screen Capture Expert 2.0 (HKLM\...\Ultra Screen Capture Expert_is1) (Version:  - Ultra Shareware, Inc.)
VIA Διαχειριστής Συσκευών Πλατφόρμας (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990) (HKLM\...\M-WIN-L 8.0.1 2063990_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 42%
Total physical RAM: 3293.18 MB
Available physical RAM: 1881.28 MB
Total Pagefile: 6584.65 MB
Available Pagefile: 4842.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.13 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:199.58 GB) NTFS
4 Drive f: () (Fixed) (Total:150.07 GB) (Free:57.39 GB) NTFS
5 Drive g: (New Volume) (Fixed) (Total:148.02 GB) (Free:53.03 GB) NTFS
6 Drive i: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\USER-PC
 
Administrator            Guest                    user                     
 
 
**** End of log ****

 

 
 
=================================================
=================================================
=================================================
 

HERE IS THE LOG FROM TDSSKiller:

 

22:21:37.0779 0x08c4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

22:21:49.0527 0x08c4  ============================================================
22:21:49.0527 0x08c4  Current date / time: 2015/02/06 22:21:49.0527
22:21:49.0527 0x08c4  SystemInfo:
22:21:49.0527 0x08c4  
22:21:49.0527 0x08c4  OS Version: 6.1.7601 ServicePack: 1.0
22:21:49.0527 0x08c4  Product type: Workstation
22:21:49.0527 0x08c4  ComputerName: USER-PC
22:21:49.0528 0x08c4  UserName: user
22:21:49.0528 0x08c4  Windows directory: C:\Windows
22:21:49.0528 0x08c4  System windows directory: C:\Windows
22:21:49.0528 0x08c4  Processor architecture: Intel x86
22:21:49.0528 0x08c4  Number of processors: 2
22:21:49.0528 0x08c4  Page size: 0x1000
22:21:49.0528 0x08c4  Boot type: Normal boot
22:21:49.0528 0x08c4  ============================================================
22:21:53.0513 0x08c4  KLMD registered as C:\Windows\system32\drivers\31968948.sys
22:21:54.0887 0x08c4  System UUID: {B9E3EC03-A9A3-C130-641B-A1C4A1413CDE}
22:21:57.0383 0x08c4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:21:57.0406 0x08c4  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:21:57.0436 0x08c4  ============================================================
22:21:57.0436 0x08c4  \Device\Harddisk0\DR0:
22:21:57.0436 0x08c4  MBR partitions:
22:21:57.0436 0x08c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:21:57.0436 0x08c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
22:21:57.0436 0x08c4  \Device\Harddisk1\DR1:
22:21:57.0437 0x08c4  MBR partitions:
22:21:57.0437 0x08c4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12C21FC1
22:21:57.0437 0x08c4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12C22000, BlocksNum 0x1280C000
22:21:57.0437 0x08c4  ============================================================
22:21:57.0464 0x08c4  C: <-> \Device\Harddisk0\DR0\Partition2
22:21:57.0481 0x08c4  F: <-> \Device\Harddisk1\DR1\Partition1
22:21:57.0526 0x08c4  G: <-> \Device\Harddisk1\DR1\Partition2
22:21:57.0593 0x08c4  I: <-> \Device\Harddisk0\DR0\Partition1
22:21:57.0939 0x08c4  ============================================================
22:21:57.0939 0x08c4  Initialize success
22:21:57.0939 0x08c4  ============================================================
22:22:03.0851 0x1308  ============================================================
22:22:03.0851 0x1308  Scan started
22:22:03.0851 0x1308  Mode: Manual; 
22:22:03.0851 0x1308  ============================================================
22:22:03.0851 0x1308  KSN ping started
22:22:06.0649 0x1308  KSN ping finished: true
22:22:09.0233 0x1308  ================ Scan system memory ========================
22:22:09.0233 0x1308  System memory - ok
22:22:09.0234 0x1308  ================ Scan services =============================
22:22:09.0391 0x1308  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:22:09.0399 0x1308  !SASCORE - ok
22:22:09.0588 0x1308  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:22:09.0598 0x1308  1394ohci - ok
22:22:09.0635 0x1308  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:22:09.0647 0x1308  ACPI - ok
22:22:09.0674 0x1308  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:22:09.0676 0x1308  AcpiPmi - ok
22:22:09.0876 0x1308  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:22:09.0881 0x1308  AdobeARMservice - ok
22:22:09.0991 0x1308  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:22:10.0004 0x1308  AdobeFlashPlayerUpdateSvc - ok
22:22:10.0049 0x1308  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:22:10.0061 0x1308  adp94xx - ok
22:22:10.0148 0x1308  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:22:10.0160 0x1308  adpahci - ok
22:22:10.0223 0x1308  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:22:10.0231 0x1308  adpu320 - ok
22:22:10.0284 0x1308  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:22:10.0288 0x1308  AeLookupSvc - ok
22:22:10.0358 0x1308  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
22:22:10.0370 0x1308  AFD - ok
22:22:10.0384 0x1308  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:22:10.0387 0x1308  agp440 - ok
22:22:10.0421 0x1308  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:22:10.0439 0x1308  aic78xx - ok
22:22:10.0637 0x1308  [ 11F424D02AEA63A3A53445087072FDD0, 134AC357035EE976403656402DE81AA35194F2195BAEE82D59A389628A19E5FE ] aksfridge       C:\Windows\system32\DRIVERS\aksfridge.sys
22:22:10.0656 0x1308  aksfridge - ok
22:22:10.0752 0x1308  [ 64FC197D24A2B240598F29CE0A6660C0, 95B94289F1FEB663C60CA4AA1533C3A42D64735A6565A67F5CF1479CF6D7FEF1 ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
22:22:10.0763 0x1308  akshasp - ok
22:22:10.0842 0x1308  [ 147B61B81BE1FFC38939EA47E5CFB51F, C464F31D3F884541F872D425A59F0C2AAB3F6B617F81E47C67D65A776084C57D ] akshhl          C:\Windows\system32\DRIVERS\akshhl.sys
22:22:10.0847 0x1308  akshhl - ok
22:22:10.0930 0x1308  [ CCE6C56F18D214DE8D66F3F2A774CD5B, 0AE781A620701F39583721B90AE8644327BF14E78DADE19A73DDA01364808782 ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
22:22:10.0939 0x1308  aksusb - ok
22:22:10.0985 0x1308  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
22:22:10.0988 0x1308  ALG - ok
22:22:11.0041 0x1308  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:22:11.0044 0x1308  aliide - ok
22:22:11.0064 0x1308  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:22:11.0068 0x1308  amdagp - ok
22:22:11.0088 0x1308  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:22:11.0090 0x1308  amdide - ok
22:22:11.0118 0x1308  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:22:11.0122 0x1308  AmdK8 - ok
22:22:11.0133 0x1308  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:22:11.0137 0x1308  AmdPPM - ok
22:22:11.0168 0x1308  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:22:11.0172 0x1308  amdsata - ok
22:22:11.0217 0x1308  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:22:11.0228 0x1308  amdsbs - ok
22:22:11.0258 0x1308  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:22:11.0275 0x1308  amdxata - ok
22:22:11.0307 0x1308  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
22:22:11.0311 0x1308  AppID - ok
22:22:11.0335 0x1308  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:22:11.0338 0x1308  AppIDSvc - ok
22:22:11.0385 0x1308  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
22:22:11.0387 0x1308  Appinfo - ok
22:22:11.0528 0x1308  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:22:11.0531 0x1308  Apple Mobile Device - ok
22:22:11.0561 0x1308  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:22:11.0568 0x1308  AppMgmt - ok
22:22:11.0586 0x1308  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
22:22:11.0590 0x1308  arc - ok
22:22:11.0612 0x1308  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:22:11.0615 0x1308  arcsas - ok
22:22:11.0800 0x1308  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:22:11.0825 0x1308  aspnet_state - ok
22:22:11.0861 0x1308  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:22:11.0864 0x1308  AsyncMac - ok
22:22:11.0908 0x1308  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:22:11.0910 0x1308  atapi - ok
22:22:11.0978 0x1308  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:22:11.0994 0x1308  AudioEndpointBuilder - ok
22:22:12.0013 0x1308  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:22:12.0024 0x1308  Audiosrv - ok
22:22:12.0095 0x1308  [ 1992C2A1867D95AA3A0802539358D162, 795E62858A103A6213B314832032A0E7B45B62919CA67115549069C8C7D52B3F ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
22:22:12.0099 0x1308  Autodesk Content Service - ok
22:22:12.0280 0x1308  [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
22:22:12.0287 0x1308  Avgdiskx - ok
22:22:12.0653 0x1308  [ B6E2D865C5936A4FEE68F11E97DF6B82, 02807C38BF6DF72BF49636371BA9CDBC1C531C239DF26930F320ABD937AA1B9D ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
22:22:12.0720 0x1308  AVGIDSAgent - ok
22:22:12.0777 0x1308  [ 8F07F27A2954775823A89C5976BF4F36, 232B10ECFD420B1BCB390FC495670FE092AAE9726185D2B50CBF6A5DD5D5C7A6 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
22:22:12.0783 0x1308  AVGIDSDriver - ok
22:22:12.0808 0x1308  [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
22:22:12.0813 0x1308  AVGIDSHX - ok
22:22:12.0824 0x1308  [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
22:22:12.0827 0x1308  AVGIDSShim - ok
22:22:12.0881 0x1308  [ FA868D5784DE755DD8A1B4B1A80574E4, 9300B4ACBDA96FA4FEE9265ED0E50F750C2B6F7BE854953B8FB73904679DBCA3 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
22:22:12.0895 0x1308  Avgldx86 - ok
22:22:12.0957 0x1308  [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
22:22:12.0983 0x1308  Avglogx - ok
22:22:13.0019 0x1308  [ 3AC9661AB1624F322B20844DDE8EBC14, 56239D0998CAEDC3160A0BDAB58FDA729328716850BB17DD8FDB4F7CE0D7FCB3 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
22:22:13.0023 0x1308  Avgmfx86 - ok
22:22:13.0063 0x1308  [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
22:22:13.0065 0x1308  Avgrkx86 - ok
22:22:13.0091 0x1308  [ ACFEE559442E1FCD48EC74C7D3452608, 536E36CD59BB1E0F5732D8BF57208A07C88A51D02FA016F844648CA0B44F0073 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
22:22:13.0098 0x1308  Avgtdix - ok
22:22:13.0227 0x1308  [ D7CBEEA4500BFDC63E99B06A1C512BE8, F8408E339AD022DD78D6C856A330F5A40CAF21F3B0C69FA352D66E3B8E75AA0F ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
22:22:13.0239 0x1308  avgwd - ok
22:22:13.0277 0x1308  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:22:13.0281 0x1308  AxInstSV - ok
22:22:13.0327 0x1308  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
22:22:13.0339 0x1308  b06bdrv - ok
22:22:13.0373 0x1308  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:22:13.0380 0x1308  b57nd60x - ok
22:22:13.0428 0x1308  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
22:22:13.0432 0x1308  BDESVC - ok
22:22:13.0451 0x1308  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:22:13.0453 0x1308  Beep - ok
22:22:13.0572 0x1308  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
22:22:13.0586 0x1308  BFE - ok
22:22:13.0642 0x1308  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
22:22:13.0660 0x1308  BITS - ok
22:22:13.0685 0x1308  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:22:13.0687 0x1308  blbdrive - ok
22:22:13.0775 0x1308  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:22:13.0788 0x1308  Bonjour Service - ok
22:22:13.0819 0x1308  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:22:13.0822 0x1308  bowser - ok
22:22:13.0835 0x1308  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:22:13.0837 0x1308  BrFiltLo - ok
22:22:13.0848 0x1308  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:22:13.0850 0x1308  BrFiltUp - ok
22:22:13.0903 0x1308  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
22:22:13.0907 0x1308  Browser - ok
22:22:13.0937 0x1308  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:22:13.0946 0x1308  Brserid - ok
22:22:13.0964 0x1308  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:22:13.0967 0x1308  BrSerWdm - ok
22:22:13.0987 0x1308  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:22:13.0989 0x1308  BrUsbMdm - ok
22:22:14.0010 0x1308  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:22:14.0012 0x1308  BrUsbSer - ok
22:22:14.0030 0x1308  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:22:14.0038 0x1308  BTHMODEM - ok
22:22:14.0074 0x1308  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
22:22:14.0077 0x1308  bthserv - ok
22:22:14.0108 0x1308  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:22:14.0111 0x1308  cdfs - ok
22:22:14.0147 0x1308  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:22:14.0151 0x1308  cdrom - ok
22:22:14.0177 0x1308  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:22:14.0180 0x1308  CertPropSvc - ok
22:22:14.0201 0x1308  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:22:14.0204 0x1308  circlass - ok
22:22:14.0334 0x1308  [ 85F1DDEA3C10921190CDBA107B22590C, 1B3BD413256BA1F06B3A7C06ADDEFF5823A68F8FEC058DB02023791B4D87A540 ] cleanhlp        C:\EEK\Run\cleanhlp32.sys
22:22:14.0338 0x1308  cleanhlp - ok
22:22:14.0366 0x1308  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
22:22:14.0379 0x1308  CLFS - ok
22:22:14.0466 0x1308  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:22:14.0473 0x1308  clr_optimization_v2.0.50727_32 - ok
22:22:14.0606 0x1308  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:22:14.0850 0x1308  clr_optimization_v4.0.30319_32 - ok
22:22:14.0868 0x1308  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:22:14.0872 0x1308  CmBatt - ok
22:22:14.0958 0x1308  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:22:14.0969 0x1308  cmdide - ok
22:22:15.0087 0x1308  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:22:15.0103 0x1308  CNG - ok
22:22:15.0133 0x1308  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:22:15.0135 0x1308  Compbatt - ok
22:22:15.0158 0x1308  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:22:15.0161 0x1308  CompositeBus - ok
22:22:15.0175 0x1308  COMSysApp - ok
22:22:15.0197 0x1308  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:22:15.0199 0x1308  crcdisk - ok
22:22:15.0256 0x1308  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:22:15.0264 0x1308  CryptSvc - ok
22:22:15.0325 0x1308  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
22:22:15.0346 0x1308  CSC - ok
22:22:15.0405 0x1308  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
22:22:15.0420 0x1308  CscService - ok
22:22:15.0538 0x1308  [ 0D11A47BD3380A5BD671DEA5C794F46C, 9824BEC96F8C2CE673B045E65580297099C0CA45E13B337A67A47E61AF67961B ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
22:22:15.0543 0x1308  dc3d - ok
22:22:15.0622 0x1308  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:22:15.0646 0x1308  DcomLaunch - ok
22:22:15.0706 0x1308  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
22:22:15.0726 0x1308  defragsvc - ok
22:22:15.0775 0x1308  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:22:15.0785 0x1308  DfsC - ok
22:22:15.0901 0x1308  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:22:15.0914 0x1308  Dhcp - ok
22:22:15.0942 0x1308  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
22:22:15.0953 0x1308  discache - ok
22:22:16.0008 0x1308  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
22:22:16.0012 0x1308  Disk - ok
22:22:16.0058 0x1308  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
22:22:16.0070 0x1308  dmvsc - ok
22:22:16.0131 0x1308  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:22:16.0146 0x1308  Dnscache - ok
22:22:16.0173 0x1308  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:22:16.0193 0x1308  dot3svc - ok
22:22:16.0263 0x1308  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
22:22:16.0278 0x1308  DPS - ok
22:22:16.0359 0x1308  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:22:16.0367 0x1308  drmkaud - ok
22:22:16.0458 0x1308  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:22:16.0486 0x1308  DXGKrnl - ok
22:22:16.0512 0x1308  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
22:22:16.0516 0x1308  EapHost - ok
22:22:16.0545 0x17b0  Object required for P2P: [ 338C86357871C167A96AB976519BF59E ] atapi
22:22:16.0734 0x1308  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
22:22:16.0865 0x1308  ebdrv - ok
22:22:16.0929 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
22:22:16.0932 0x1308  EFS - ok
22:22:17.0041 0x1308  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:22:17.0066 0x1308  ehRecvr - ok
22:22:17.0123 0x1308  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
22:22:17.0129 0x1308  ehSched - ok
22:22:17.0243 0x1308  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:22:17.0278 0x1308  elxstor - ok
22:22:17.0372 0x1308  [ B92F2B3247F0A99490C1298A1D3D7B4C, ABEF71FE2B6EE12F67F1D29D7977D779BED178B292D57B6850488095CFCBCF33 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
22:22:17.0379 0x1308  EPSON_EB_RPCV4_04 - ok
22:22:17.0396 0x1308  [ 651336B99C75FB54E4B5971CF458F9BD, EAE41E576B4C30989B3705C81ECDC0B164216D177C26D4C69EEB67CC153F3D5D ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
22:22:17.0399 0x1308  EPSON_PM_RPCV4_04 - ok
22:22:17.0425 0x1308  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:22:17.0435 0x1308  ErrDev - ok
22:22:17.0511 0x1308  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
22:22:17.0526 0x1308  EventSystem - ok
22:22:17.0564 0x1308  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:22:17.0570 0x1308  exfat - ok
22:22:17.0593 0x1308  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:22:17.0599 0x1308  fastfat - ok
22:22:17.0739 0x1308  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
22:22:17.0756 0x1308  Fax - ok
22:22:17.0785 0x1308  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
22:22:17.0800 0x1308  fdc - ok
22:22:17.0831 0x1308  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
22:22:17.0833 0x1308  fdPHost - ok
22:22:17.0856 0x1308  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:22:17.0858 0x1308  FDResPub - ok
22:22:17.0877 0x1308  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:22:17.0880 0x1308  FileInfo - ok
22:22:17.0903 0x1308  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:22:17.0905 0x1308  Filetrace - ok
22:22:17.0984 0x1308  [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:22:18.0007 0x1308  FLEXnet Licensing Service - ok
22:22:18.0049 0x1308  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:22:18.0054 0x1308  flpydisk - ok
22:22:18.0153 0x1308  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:22:18.0163 0x1308  FltMgr - ok
22:22:18.0262 0x1308  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
22:22:18.0302 0x1308  FontCache - ok
22:22:18.0396 0x1308  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:22:18.0409 0x1308  FontCache3.0.0.0 - ok
22:22:18.0440 0x1308  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:22:18.0470 0x1308  FsDepends - ok
22:22:18.0545 0x1308  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:22:18.0568 0x1308  Fs_Rec - ok
22:22:18.0635 0x1308  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:22:18.0646 0x1308  fvevol - ok
22:22:18.0678 0x1308  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:22:18.0683 0x1308  gagp30kx - ok
22:22:18.0746 0x1308  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:22:18.0750 0x1308  GEARAspiWDM - ok
22:22:18.0808 0x1308  [ 483924F92E55A5F9423201EC635E2CED, FEDAC3616709F081A0FA48E2BF521CBCC35E11E523EBADDEACA7308AD14338B3 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
22:22:18.0829 0x1308  gfibto - ok
22:22:18.0896 0x1308  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:22:19.0044 0x1308  gpsvc - ok
22:22:19.0216 0x1308  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:19.0301 0x1308  gupdate - ok
22:22:19.0470 0x1308  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:19.0476 0x1308  gupdatem - ok
22:22:19.0639 0x1308  [ 995178A443B07FA9EEAEA041D7B4B5CA, 02E409360BFA5EA5C4FBF05BB58465223BCD3EE657E32473935770883A9F9907 ] hardlock        C:\Windows\system32\drivers\hardlock.sys
22:22:19.0677 0x1308  hardlock - ok
22:22:19.0687 0x1308  hasplms - ok
22:22:19.0703 0x1308  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:22:19.0706 0x1308  hcw85cir - ok
22:22:19.0757 0x1308  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:22:19.0766 0x1308  HdAudAddService - ok
22:22:19.0799 0x1308  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:22:19.0803 0x1308  HDAudBus - ok
22:22:19.0817 0x1308  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:22:19.0820 0x1308  HidBatt - ok
22:22:19.0836 0x1308  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:22:19.0850 0x1308  HidBth - ok
22:22:19.0907 0x1308  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:22:19.0918 0x1308  HidIr - ok
22:22:19.0938 0x1308  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
22:22:19.0946 0x1308  hidserv - ok
22:22:20.0078 0x1308  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:22:20.0083 0x1308  HidUsb - ok
22:22:20.0099 0x1308  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:22:20.0113 0x1308  hkmsvc - ok
22:22:20.0159 0x1308  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:22:20.0172 0x1308  HomeGroupListener - ok
22:22:20.0234 0x1308  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:22:20.0245 0x1308  HomeGroupProvider - ok
22:22:20.0267 0x1308  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:22:20.0273 0x1308  HpSAMD - ok
22:22:20.0320 0x1308  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:22:20.0334 0x1308  HTTP - ok
22:22:20.0371 0x1308  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:22:20.0373 0x1308  hwpolicy - ok
22:22:20.0407 0x1308  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:22:20.0410 0x1308  i8042prt - ok
22:22:20.0476 0x1308  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:22:20.0511 0x1308  iaStorV - ok
22:22:20.0860 0x1308  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:22:20.0886 0x1308  idsvc - ok
22:22:20.0909 0x1308  IEEtwCollectorService - ok
22:22:21.0240 0x1308  [ 37F7E45253000AC41A1F520A62D4EBE2, 1C59D9981C147E104961EFC4CC0CC2A2B03643DB98619B61A97A92AFC4151464 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:22:21.0573 0x1308  igfx - ok
22:22:21.0662 0x1308  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:22:21.0671 0x1308  iirsp - ok
22:22:21.0816 0x1308  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:22:21.0841 0x1308  IKEEXT - ok
22:22:21.0908 0x1308  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:22:21.0917 0x1308  intelide - ok
22:22:21.0975 0x1308  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:22:21.0977 0x1308  intelppm - ok
22:22:22.0014 0x1308  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:22:22.0045 0x1308  IPBusEnum - ok
22:22:22.0116 0x1308  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:22:22.0155 0x1308  IpFilterDriver - ok
22:22:22.0281 0x1308  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:22:22.0344 0x1308  iphlpsvc - ok
22:22:22.0441 0x1308  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:22:22.0501 0x1308  IPMIDRV - ok
22:22:22.0543 0x1308  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:22:22.0599 0x1308  IPNAT - ok
22:22:23.0065 0x1308  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:22:23.0110 0x1308  iPod Service - ok
22:22:23.0145 0x1308  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:22:23.0147 0x1308  IRENUM - ok
22:22:23.0171 0x1308  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:22:23.0174 0x1308  isapnp - ok
22:22:23.0232 0x1308  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:22:23.0246 0x1308  iScsiPrt - ok
22:22:23.0289 0x1308  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:22:23.0292 0x1308  kbdclass - ok
22:22:23.0317 0x1308  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:22:23.0319 0x1308  kbdhid - ok
22:22:23.0338 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
22:22:23.0341 0x1308  KeyIso - ok
22:22:23.0382 0x1308  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:22:23.0385 0x1308  KSecDD - ok
22:22:23.0434 0x1308  [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:22:23.0439 0x1308  KSecPkg - ok
22:22:23.0481 0x1308  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:22:23.0492 0x1308  KtmRm - ok
22:22:23.0547 0x1308  [ 315351B16DC698477490CA0B37A7332A, 66351827E767B4E7B4000258B880DD0EEEE2DC4EF3464DFEB6B9E32244F6F54F ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
22:22:23.0550 0x1308  L1C - ok
22:22:23.0582 0x1308  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:22:23.0589 0x1308  LanmanServer - ok
22:22:23.0615 0x1308  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:22:23.0621 0x1308  LanmanWorkstation - ok
22:22:23.0654 0x1308  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:22:23.0657 0x1308  lltdio - ok
22:22:23.0681 0x1308  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:22:23.0689 0x1308  lltdsvc - ok
22:22:23.0703 0x1308  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:22:23.0706 0x1308  lmhosts - ok
22:22:23.0733 0x1308  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:22:23.0737 0x1308  LSI_FC - ok
22:22:23.0756 0x1308  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:22:23.0760 0x1308  LSI_SAS - ok
22:22:23.0798 0x1308  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:22:23.0815 0x1308  LSI_SAS2 - ok
22:22:23.0850 0x1308  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:22:23.0866 0x1308  LSI_SCSI - ok
22:22:23.0893 0x1308  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:22:23.0905 0x1308  luafv - ok
22:22:24.0004 0x1308  [ A3E700D78EEC390F1208098CDCA5C6B6, 37D92D4AF24C43B4C468974CBBD55B6DF3AB92780560285039A0B078E566985A ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus.sys
22:22:24.0014 0x1308  MarvinBus - ok
22:22:24.0051 0x1308  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:22:24.0066 0x1308  Mcx2Svc - ok
22:22:24.0202 0x1308  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:22:24.0222 0x1308  MDM - ok
22:22:24.0274 0x1308  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:22:24.0276 0x1308  megasas - ok
22:22:24.0322 0x1308  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:22:24.0340 0x1308  MegaSR - ok
22:22:24.0423 0x1308  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:22:24.0427 0x1308  Microsoft Office Groove Audit Service - ok
22:22:24.0471 0x1308  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
22:22:24.0478 0x1308  MMCSS - ok
22:22:24.0497 0x1308  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
22:22:24.0499 0x1308  Modem - ok
22:22:24.0513 0x1308  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:22:24.0515 0x1308  monitor - ok
22:22:24.0549 0x1308  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:22:24.0685 0x1308  mouclass - ok
22:22:24.0719 0x1308  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:22:24.0735 0x1308  mouhid - ok
22:22:24.0775 0x1308  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:22:24.0793 0x1308  mountmgr - ok
22:22:24.0895 0x1308  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:22:24.0902 0x1308  MozillaMaintenance - ok
22:22:24.0931 0x1308  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:22:24.0937 0x1308  mpio - ok
22:22:24.0967 0x1308  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:22:24.0971 0x1308  mpsdrv - ok
22:22:25.0030 0x1308  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:22:25.0065 0x1308  MpsSvc - ok
22:22:25.0141 0x1308  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:22:25.0174 0x1308  MRxDAV - ok
22:22:25.0248 0x1308  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:22:25.0254 0x1308  mrxsmb - ok
22:22:25.0281 0x1308  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:22:25.0303 0x1308  mrxsmb10 - ok
22:22:25.0322 0x1308  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:22:25.0327 0x1308  mrxsmb20 - ok
22:22:25.0386 0x1308  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:22:25.0388 0x1308  msahci - ok
22:22:25.0411 0x1308  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:22:25.0416 0x1308  msdsm - ok
22:22:25.0441 0x1308  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
22:22:25.0447 0x1308  MSDTC - ok
22:22:25.0480 0x1308  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:22:25.0483 0x1308  Msfs - ok
22:22:25.0497 0x1308  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:22:25.0499 0x1308  mshidkmdf - ok
22:22:25.0519 0x1308  MSICDSetup - ok
22:22:25.0542 0x1308  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:22:25.0558 0x1308  msisadrv - ok
22:22:25.0607 0x1308  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:22:25.0612 0x1308  MSiSCSI - ok
22:22:25.0618 0x1308  msiserver - ok
22:22:25.0628 0x1308  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:22:25.0630 0x1308  MSKSSRV - ok
22:22:25.0655 0x1308  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:22:25.0657 0x1308  MSPCLOCK - ok
22:22:25.0669 0x1308  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:22:25.0672 0x1308  MSPQM - ok
22:22:25.0693 0x1308  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:22:25.0699 0x1308  MsRPC - ok
22:22:25.0712 0x1308  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:22:25.0713 0x1308  mssmbios - ok
22:22:25.0734 0x1308  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:22:25.0736 0x1308  MSTEE - ok
22:22:25.0748 0x1308  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:22:25.0750 0x1308  MTConfig - ok
22:22:25.0772 0x1308  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:22:25.0785 0x1308  Mup - ok
22:22:25.0913 0x1308  [ 0FC64133A8FB5342C6876982B01FA37F, FCF8CE0D3095ECB25242E1A18F16A70BA1D0BC64C6525D4497672AF1F0043C9E ] NanoServiceMain C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
22:22:25.0921 0x1308  NanoServiceMain - ok
22:22:25.0962 0x1308  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
22:22:25.0973 0x1308  napagent - ok
22:22:26.0005 0x1308  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:22:26.0014 0x1308  NativeWifiP - ok
22:22:26.0230 0x1308  [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B, 5D568AD63FC8D24439C3DEA7AF5240BBEE8136542FDE7030816795F8D7A5EC73 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
22:22:26.0252 0x1308  NBService - ok
22:22:26.0324 0x1308  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:22:26.0360 0x1308  NDIS - ok
22:22:26.0377 0x1308  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:22:26.0379 0x1308  NdisCap - ok
22:22:26.0416 0x1308  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:22:26.0419 0x1308  NdisTapi - ok
22:22:26.0438 0x1308  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:22:26.0452 0x1308  Ndisuio - ok
22:22:26.0469 0x1308  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:22:26.0473 0x1308  NdisWan - ok
22:22:26.0484 0x1308  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:22:26.0486 0x1308  NDProxy - ok
22:22:26.0538 0x1308  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
22:22:26.0540 0x1308  Netaapl - ok
22:22:26.0564 0x1308  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:22:26.0567 0x1308  NetBIOS - ok
22:22:26.0578 0x1308  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:22:26.0584 0x1308  NetBT - ok
22:22:26.0602 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
22:22:26.0606 0x1308  Netlogon - ok
22:22:26.0646 0x1308  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
22:22:26.0656 0x1308  Netman - ok
22:22:26.0795 0x1308  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:22:26.0906 0x1308  NetMsmqActivator - ok
22:22:26.0937 0x1308  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:22:26.0943 0x1308  NetPipeActivator - ok
22:22:26.0975 0x1308  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
22:22:26.0987 0x1308  netprofm - ok
22:22:26.0996 0x1308  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:22:27.0000 0x1308  NetTcpActivator - ok
22:22:27.0024 0x1308  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:22:27.0027 0x1308  NetTcpPortSharing - ok
22:22:27.0065 0x1308  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:22:27.0081 0x1308  nfrd960 - ok
22:22:27.0176 0x1308  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:22:27.0202 0x1308  NlaSvc - ok
22:22:27.0279 0x1308  [ 864515F6B73440C334A9B835753C63D0, F49144AC0BC6A8935266AA4580147E42314619E15CF4E1B6F8B4285F8F3FB6C9 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
22:22:27.0286 0x1308  NNSALPC - ok
22:22:27.0325 0x1308  [ 0CF11BD87B8BAD0A5D7E28C94E5B9052, DB5B3D06A6739CA819A23E1A68E7CD8467AF696B46F94C09CF6FBABB64470B11 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
22:22:27.0334 0x1308  NNSHTTP - ok
22:22:27.0372 0x1308  [ 21C48BAA1B5EBA59FADEB9476E066DB0, 12ECABDFED8D1D42E8E0C1C604CE7954B56686B514B4275412EAF1F4800432B7 ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
22:22:27.0376 0x1308  NNSHTTPS - ok
22:22:27.0398 0x1308  [ E48F32473BE824FDEF107D54AE60F83A, 31E27BF431D1B881C50247E292B5985FC25C5C689748D688BF0B7AA4BD5A0617 ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
22:22:27.0403 0x1308  NNSIDS - ok
22:22:27.0452 0x1308  [ 294D1D52C02E27494CB84F0ED6C0079C, EA8853C450A3DE3BC9BDB4507005AFC561D6B4991BECA6BAA707F83E2941EF5F ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
22:22:27.0470 0x1308  NNSNAHSL - ok
22:22:27.0494 0x1308  [ FA3BDE5E900EAC1B12E57F19C33AF74C, 59B97917CB21DB4CE34E4F7365A056F9A4591DA5A1C8FF2282B042B72E0AB9FE ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
22:22:27.0500 0x1308  NNSPICC - ok
22:22:27.0565 0x1308  [ BE3B1D8DB8EACB4DAE995E8DEB3EC4D8, BD47D327FEA7D2786976E8348E6D577A12472AF976A48D4AC56F4DB2AEF8D311 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
22:22:27.0568 0x1308  NNSPIHSW - ok
22:22:27.0588 0x1308  [ 9E1E19F30A8760E5D7F6DB907B5297A5, 1187C9FCA85C7C6D48B0EC32123D6B9DE4B98A1C9536FDA53C8BD81C3E52EE54 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
22:22:27.0592 0x1308  NNSPOP3 - ok
22:22:27.0617 0x1308  [ ADDB104F28A80DD0732F2A2039C7C9A0, 87D7CEEE054DDBE7546AB7A0C2F78F8257FB7E6260E2AAC31674DB622CEBF83D ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
22:22:27.0626 0x1308  NNSPROT - ok
22:22:27.0650 0x1308  [ D9865534B4A9F2E71A689DE13DDF6B56, CF5AE92A4153D8E1FD8DC96D29BCE66816DB88FAE79E1333FF4FAF8D91C6B7AB ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
22:22:27.0656 0x1308  NNSPRV - ok
22:22:27.0682 0x1308  [ BD626B29D484ABA2C39F4F4A47C24FED, 68E59308D13E881604400A71106E176033D3B4C898DED771323A07BA6F7A81A7 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
22:22:27.0692 0x1308  NNSSMTP - ok
22:22:27.0725 0x1308  [ 9FC72F79D73364CCF234AFE9A351DBF6, 6B18B213B0E16738E1B4D9C869237698FA8A4E3AF71D48B81CB11BACDC027E6E ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
22:22:27.0738 0x1308  NNSSTRM - ok
22:22:27.0754 0x1308  [ DAF1393E6CB67753553A6515D9ABD98C, 950E4BB7075692CF311BF628E19B32E40FACA8AC7FA8AB2936AD305061459289 ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
22:22:27.0758 0x1308  NNSTLSC - ok
22:22:27.0778 0x1308  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:22:27.0780 0x1308  Npfs - ok
22:22:27.0809 0x1308  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
22:22:27.0813 0x1308  nsi - ok
22:22:27.0838 0x1308  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:22:27.0840 0x1308  nsiproxy - ok
22:22:27.0988 0x1308  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:22:28.0049 0x1308  Ntfs - ok
22:22:28.0114 0x1308  [ 37BE10FF10A92031FC5A01E8363925CC, CB07869ABAC2FD2B052CB05810B6B0987A38DD63C90FD5377121E027FAD0312A ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
22:22:28.0117 0x1308  NuidFltr - ok
22:22:28.0132 0x1308  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
22:22:28.0134 0x1308  Null - ok
22:22:28.0143 0x1308  nvlddmkm - ok
22:22:28.0191 0x1308  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:22:28.0206 0x1308  nvraid - ok
22:22:28.0236 0x1308  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:22:28.0242 0x1308  nvstor - ok
22:22:28.0261 0x1308  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:22:28.0265 0x1308  nv_agp - ok
22:22:28.0340 0x1308  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:22:28.0357 0x1308  odserv - ok
22:22:28.0402 0x1308  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:22:28.0407 0x1308  ohci1394 - ok
22:22:28.0459 0x1308  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:22:28.0463 0x1308  ose - ok
22:22:28.0512 0x1308  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:22:28.0522 0x1308  p2pimsvc - ok
22:22:28.0556 0x1308  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:22:28.0567 0x1308  p2psvc - ok
22:22:28.0655 0x1308  [ A6B78F395F57E927A0F981D51A00CC5D, D06BFDCF435F80F64F97D225159AFCD3BD77D7D0D9FD6C90E7B89FF47BAC47F0 ] PandaAgent      C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
22:22:28.0668 0x1308  PandaAgent - ok
22:22:28.0799 0x1308  [ 196EB2F8384FDB902EEDDB15BB592338, 1B8F6F8C432B0DC1031C68BB70D5699A3C691B6C27F60BDB255C74CF72C30FCB ] panda_url_filteringd C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys
22:22:28.0802 0x1308  panda_url_filteringd - ok
22:22:28.0808 0x1308  panda_url_filteringService - ok
22:22:28.0866 0x1308  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:22:28.0871 0x1308  Parport - ok
22:22:28.0923 0x1308  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:22:28.0928 0x1308  partmgr - ok
22:22:28.0944 0x1308  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:22:28.0945 0x1308  Parvdm - ok
22:22:28.0960 0x1308  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:22:28.0967 0x1308  PcaSvc - ok
22:22:28.0989 0x1308  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
22:22:28.0994 0x1308  pci - ok
22:22:29.0047 0x1308  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:22:29.0049 0x1308  pciide - ok
22:22:29.0111 0x1308  [ 1BEBE7DE8508A02650CDCE45C664C2A2, 67841EA7F1F6B7F19ABD38A004B23610A21AD5BD5E508EED16CC7856CBE44D9C ] PCLEPCI         C:\Windows\system32\drivers\pclepci.sys
22:22:29.0120 0x1308  PCLEPCI - ok
22:22:29.0147 0x1308  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:22:29.0154 0x1308  pcmcia - ok
22:22:29.0202 0x1308  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
22:22:29.0205 0x1308  pcouffin - ok
22:22:29.0213 0x1308  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:22:29.0217 0x1308  pcw - ok
22:22:29.0248 0x1308  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:22:29.0264 0x1308  PEAUTH - ok
22:22:29.0362 0x1308  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:22:29.0390 0x1308  PeerDistSvc - ok
22:22:29.0491 0x1308  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
22:22:29.0577 0x1308  pla - ok
22:22:29.0707 0x1308  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:22:29.0727 0x1308  PlugPlay - ok
22:22:29.0792 0x1308  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:22:29.0803 0x1308  PNRPAutoReg - ok
22:22:29.0858 0x1308  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:22:29.0982 0x1308  PNRPsvc - ok
22:22:30.0072 0x1308  [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32         C:\Windows\system32\DRIVERS\point32.sys
22:22:30.0076 0x1308  Point32 - ok
22:22:30.0143 0x1308  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:22:30.0159 0x1308  PolicyAgent - ok
22:22:30.0208 0x1308  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
22:22:30.0214 0x1308  Power - ok
22:22:30.0254 0x1308  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:22:30.0258 0x1308  PptpMiniport - ok
22:22:30.0272 0x1308  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
22:22:30.0275 0x1308  Processor - ok
22:22:30.0324 0x1308  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:22:30.0335 0x1308  ProfSvc - ok
22:22:30.0358 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:22:30.0368 0x1308  ProtectedStorage - ok
22:22:30.0413 0x1308  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:22:30.0417 0x1308  Psched - ok
22:22:30.0481 0x1308  [ 154028E2D6DD73AAF37C781393512705, 54CB92F94EEEF5A13540676BF5EFB2B817FE32988228B0DA4A27E029AD8BA981 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
22:22:30.0490 0x1308  PSINAflt - ok
22:22:30.0523 0x1308  [ F4B845F63D4F4B95C657662ED65CDC3E, 442FB1E9B66BD0662760C105C4A35A0AC941584920633E7C310601A3CC51E467 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
22:22:30.0528 0x1308  PSINFile - ok
22:22:30.0577 0x1308  [ B6F85CE721274CC524FB40E0821B10E9, 4F8CD69BE38C855D3459971F3940A4CAA56E53A4BF00DFE54E564CA33B962244 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
22:22:30.0584 0x1308  PSINKNC - ok
22:22:30.0602 0x1308  [ 564D3729B232769CE3035FEB287B2041, EB3BB2BB7A5DE658E801C23319FE20F9895D6F03907E9696D8674117AEB3163C ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
22:22:30.0608 0x1308  PSINProc - ok
22:22:30.0622 0x1308  [ D50C654C15549335DF8D028AE3B45782, 1F69AA321E7723DADA556C6E6A4DB5BB39C512B1539308756CF7973705835174 ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
22:22:30.0626 0x1308  PSINProt - ok
22:22:30.0678 0x1308  [ 1CD0302E5FA6D5296E6FB3E44ABB0091, 13BC3D3385CA0EC9D8EEC5849D9430F37A652E4BF76F483419C6F78BCEB859B5 ] PSINReg         C:\Windows\system32\DRIVERS\PSINReg.sys
22:22:30.0684 0x1308  PSINReg - ok
22:22:30.0821 0x1308  [ 4DBBAECB855EC9CB3A5D960B96686C33, C875BAA53A7D89BC531446863D86F53E0BA1094138E9CDB555649A4AE107A515 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
22:22:30.0839 0x1308  PSKMAD - ok
22:22:30.0979 0x1308  [ 586823A8CF9F975CE994EA5E05569156, B4AFA337417001CCE867EB809D3F766B2C6B14C53D1C59DE649068557702F88E ] PSUAService     C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
22:22:30.0983 0x1308  PSUAService - ok
22:22:31.0076 0x1308  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:22:31.0125 0x1308  ql2300 - ok
22:22:31.0154 0x1308  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:22:31.0164 0x1308  ql40xx - ok
22:22:31.0219 0x1308  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
22:22:31.0228 0x1308  QWAVE - ok
22:22:31.0245 0x1308  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:22:31.0247 0x1308  QWAVEdrv - ok
22:22:31.0270 0x1308  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:22:31.0272 0x1308  RasAcd - ok
22:22:31.0314 0x1308  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:22:31.0317 0x1308  RasAgileVpn - ok
22:22:31.0339 0x1308  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
22:22:31.0344 0x1308  RasAuto - ok
22:22:31.0367 0x1308  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:22:31.0371 0x1308  Rasl2tp - ok
22:22:31.0397 0x1308  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
22:22:31.0407 0x1308  RasMan - ok
22:22:31.0425 0x1308  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:22:31.0429 0x1308  RasPppoe - ok
22:22:31.0458 0x1308  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:22:31.0465 0x1308  RasSstp - ok
22:22:31.0493 0x1308  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:22:31.0501 0x1308  rdbss - ok
22:22:31.0518 0x1308  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:22:31.0520 0x1308  rdpbus - ok
22:22:31.0528 0x1308  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:22:31.0530 0x1308  RDPCDD - ok
22:22:31.0565 0x1308  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:22:31.0570 0x1308  RDPDR - ok
22:22:31.0601 0x1308  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:22:31.0603 0x1308  RDPENCDD - ok
22:22:31.0616 0x1308  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:22:31.0618 0x1308  RDPREFMP - ok
22:22:31.0682 0x1308  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:22:31.0692 0x1308  RDPWD - ok
22:22:31.0704 0x1308  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:22:31.0710 0x1308  rdyboost - ok
22:22:31.0775 0x1308  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:22:31.0794 0x1308  RemoteAccess - ok
22:22:31.0828 0x1308  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:22:31.0839 0x1308  RemoteRegistry - ok
22:22:31.0861 0x1308  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:22:31.0865 0x1308  RpcEptMapper - ok
22:22:31.0905 0x1308  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
22:22:31.0910 0x1308  RpcLocator - ok
22:22:32.0003 0x1308  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
22:22:32.0022 0x1308  RpcSs - ok
22:22:32.0045 0x1308  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:22:32.0065 0x1308  rspndr - ok
22:22:32.0097 0x1308  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:22:32.0099 0x1308  s3cap - ok
22:22:32.0122 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
22:22:32.0125 0x1308  SamSs - ok
22:22:32.0219 0x1308  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:22:32.0222 0x1308  SASDIFSV - ok
22:22:32.0262 0x1308  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:22:32.0266 0x1308  SASKUTIL - ok
22:22:32.0319 0x1308  sbapifs - ok
22:22:32.0372 0x1308  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:22:32.0392 0x1308  sbp2port - ok
22:22:32.0452 0x1308  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:22:32.0461 0x1308  SCardSvr - ok
22:22:32.0475 0x1308  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:22:32.0478 0x1308  scfilter - ok
22:22:32.0598 0x1308  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
22:22:32.0708 0x1308  Schedule - ok
22:22:32.0815 0x1308  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:22:32.0819 0x1308  SCPolicySvc - ok
22:22:32.0841 0x1308  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:22:32.0847 0x1308  SDRSVC - ok
22:22:32.0864 0x1308  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:22:32.0867 0x1308  secdrv - ok
22:22:32.0887 0x1308  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
22:22:32.0891 0x1308  seclogon - ok
22:22:32.0907 0x1308  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
22:22:32.0912 0x1308  SENS - ok
22:22:32.0934 0x1308  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:22:32.0939 0x1308  SensrSvc - ok
22:22:32.0967 0x1308  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:22:32.0970 0x1308  Serenum - ok
22:22:32.0984 0x1308  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:22:32.0988 0x1308  Serial - ok
22:22:33.0002 0x1308  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:22:33.0005 0x1308  sermouse - ok
22:22:33.0036 0x1308  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:22:33.0042 0x1308  SessionEnv - ok
22:22:33.0060 0x1308  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:22:33.0071 0x1308  sffdisk - ok
22:22:33.0090 0x1308  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:22:33.0092 0x1308  sffp_mmc - ok
22:22:33.0100 0x1308  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:22:33.0103 0x1308  sffp_sd - ok
22:22:33.0114 0x1308  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:22:33.0116 0x1308  sfloppy - ok
22:22:33.0162 0x1308  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:22:33.0172 0x1308  SharedAccess - ok
22:22:33.0207 0x1308  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:22:33.0219 0x1308  ShellHWDetection - ok
22:22:33.0241 0x1308  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:22:33.0243 0x1308  sisagp - ok
22:22:33.0263 0x1308  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:22:33.0266 0x1308  SiSRaid2 - ok
22:22:33.0286 0x1308  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:22:33.0289 0x1308  SiSRaid4 - ok
22:22:33.0456 0x1308  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:22:33.0471 0x1308  SkypeUpdate - ok
22:22:33.0499 0x1308  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:22:33.0523 0x1308  Smb - ok
22:22:33.0579 0x1308  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:22:33.0584 0x1308  SNMPTRAP - ok
22:22:33.0642 0x1308  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
22:22:33.0646 0x1308  Sony SCSI Helper Service - ok
22:22:33.0668 0x1308  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:22:33.0671 0x1308  spldr - ok
22:22:33.0726 0x1308  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
22:22:33.0749 0x1308  Spooler - ok
22:22:33.0965 0x1308  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
22:22:34.0110 0x1308  sppsvc - ok
22:22:34.0145 0x1308  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:22:34.0164 0x1308  sppuinotify - ok
22:22:34.0212 0x1308  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:22:34.0226 0x1308  srv - ok
22:22:34.0256 0x1308  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:22:34.0266 0x1308  srv2 - ok
22:22:34.0302 0x1308  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:22:34.0306 0x1308  srvnet - ok
22:22:34.0324 0x1308  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:22:34.0331 0x1308  SSDPSRV - ok
22:22:34.0347 0x1308  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:22:34.0353 0x1308  SstpSvc - ok
22:22:34.0491 0x1308  [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
22:22:34.0507 0x1308  StarWindServiceAE - ok
22:22:34.0558 0x1308  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:22:34.0562 0x1308  stexstor - ok
22:22:34.0624 0x1308  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:22:34.0643 0x1308  StiSvc - ok
22:22:34.0691 0x1308  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:22:34.0704 0x1308  storflt - ok
22:22:34.0756 0x1308  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
22:22:34.0775 0x1308  StorSvc - ok
22:22:34.0801 0x1308  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:22:34.0812 0x1308  storvsc - ok
22:22:34.0834 0x1308  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:22:34.0837 0x1308  swenum - ok
22:22:34.0860 0x1308  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
22:22:34.0889 0x1308  swprv - ok
22:22:34.0975 0x1308  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
22:22:35.0243 0x1308  SysMain - ok
22:22:35.0278 0x1308  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:22:35.0349 0x1308  TabletInputService - ok
22:22:35.0483 0x1308  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:22:35.0499 0x1308  TapiSrv - ok
22:22:35.0555 0x1308  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
22:22:35.0563 0x1308  TBS - ok
22:22:35.0633 0x1308  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:22:35.0697 0x1308  Tcpip - ok
22:22:35.0807 0x1308  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:22:35.0850 0x1308  TCPIP6 - ok
22:22:35.0921 0x1308  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:22:35.0937 0x1308  tcpipreg - ok
22:22:36.0002 0x1308  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:22:36.0022 0x1308  TDPIPE - ok
22:22:36.0068 0x1308  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:22:36.0085 0x1308  TDTCP - ok
22:22:36.0188 0x1308  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:22:36.0308 0x1308  tdx - ok
22:22:36.0550 0x17b0  Object send P2P result: false
22:22:38.0078 0x1308  [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
22:22:38.0300 0x1308  TeamViewer9 - ok
22:22:38.0388 0x1308  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:22:38.0403 0x1308  TermDD - ok
22:22:38.0497 0x1308  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
22:22:38.0515 0x1308  TermService - ok
22:22:38.0595 0x1308  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
22:22:38.0600 0x1308  Themes - ok
22:22:38.0619 0x1308  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:22:38.0623 0x1308  THREADORDER - ok
22:22:38.0670 0x1308  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
22:22:38.0675 0x1308  TrkWks - ok
22:22:38.0739 0x1308  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:22:38.0749 0x1308  TrustedInstaller - ok
22:22:38.0812 0x1308  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:22:38.0828 0x1308  tssecsrv - ok
22:22:38.0850 0x1308  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:22:38.0858 0x1308  TsUsbFlt - ok
22:22:38.0886 0x1308  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:22:38.0898 0x1308  TsUsbGD - ok
22:22:38.0924 0x1308  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:22:38.0932 0x1308  tunnel - ok
22:22:38.0955 0x1308  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:22:38.0970 0x1308  uagp35 - ok
22:22:39.0000 0x1308  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:22:39.0016 0x1308  udfs - ok
22:22:39.0073 0x1308  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:22:39.0081 0x1308  UI0Detect - ok
22:22:39.0146 0x1308  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:22:39.0163 0x1308  uliagpkx - ok
22:22:39.0202 0x1308  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:22:39.0216 0x1308  umbus - ok
22:22:39.0236 0x1308  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:22:39.0257 0x1308  UmPass - ok
22:22:39.0307 0x1308  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:22:39.0325 0x1308  UmRdpService - ok
22:22:39.0384 0x1308  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
22:22:39.0401 0x1308  upnphost - ok
22:22:39.0487 0x1308  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:22:39.0491 0x1308  USBAAPL - ok
22:22:39.0543 0x1308  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:22:39.0547 0x1308  usbccgp - ok
22:22:39.0644 0x1308  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:22:39.0653 0x1308  usbcir - ok
22:22:39.0710 0x1308  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:22:39.0719 0x1308  usbehci - ok
22:22:39.0809 0x1308  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:22:39.0825 0x1308  usbhub - ok
22:22:39.0891 0x1308  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:22:39.0894 0x1308  usbohci - ok
22:22:39.0964 0x1308  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:22:39.0968 0x1308  usbprint - ok
22:22:40.0030 0x1308  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:22:40.0033 0x1308  usbscan - ok
22:22:40.0087 0x1308  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:22:40.0099 0x1308  USBSTOR - ok
22:22:40.0146 0x1308  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:22:40.0148 0x1308  usbuhci - ok
22:22:40.0169 0x1308  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
22:22:40.0173 0x1308  UxSms - ok
22:22:40.0187 0x1308  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
22:22:40.0190 0x1308  VaultSvc - ok
22:22:40.0202 0x1308  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:22:40.0206 0x1308  vdrvroot - ok
22:22:40.0235 0x1308  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
22:22:40.0251 0x1308  vds - ok
22:22:40.0311 0x1308  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:22:40.0315 0x1308  vga - ok
22:22:40.0333 0x1308  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:22:40.0336 0x1308  VgaSave - ok
22:22:40.0376 0x1308  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:22:40.0391 0x1308  vhdmp - ok
22:22:40.0469 0x1308  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:22:40.0538 0x1308  viaagp - ok
22:22:40.0561 0x1308  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:22:40.0590 0x1308  ViaC7 - ok
22:22:40.0768 0x1308  [ 0F0C96A570AB2B0164E04AB22CC8676A, F29685FAD9A7013389171C1F832A23B838216D0ADE2E710A6DD567D97366853A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:22:40.0801 0x1308  VIAHdAudAddService - ok
22:22:40.0870 0x1308  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:22:40.0883 0x1308  viaide - ok
22:22:40.0933 0x1308  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:22:40.0945 0x1308  vmbus - ok
22:22:40.0959 0x1308  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:22:40.0961 0x1308  VMBusHID - ok
22:22:40.0968 0x1308  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:22:40.0972 0x1308  volmgr - ok
22:22:41.0006 0x1308  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:22:41.0016 0x1308  volmgrx - ok
22:22:41.0033 0x1308  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:22:41.0040 0x1308  volsnap - ok
22:22:41.0082 0x1308  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:22:41.0087 0x1308  vsmraid - ok
22:22:41.0163 0x1308  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
22:22:41.0220 0x1308  VSS - ok
22:22:41.0245 0x1308  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:22:41.0248 0x1308  vwifibus - ok
22:22:41.0303 0x1308  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
22:22:41.0317 0x1308  W32Time - ok
22:22:41.0355 0x1308  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:22:41.0373 0x1308  WacomPen - ok
22:22:41.0575 0x1308  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:22:41.0661 0x1308  WANARP - ok
22:22:41.0698 0x1308  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:22:41.0702 0x1308  Wanarpv6 - ok
22:22:41.0793 0x1308  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:22:41.0842 0x1308  WatAdminSvc - ok
22:22:41.0935 0x1308  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
22:22:41.0969 0x1308  wbengine - ok
22:22:41.0996 0x1308  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:22:42.0004 0x1308  WbioSrvc - ok
22:22:42.0025 0x1308  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:22:42.0036 0x1308  wcncsvc - ok
22:22:42.0060 0x1308  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:22:42.0065 0x1308  WcsPlugInService - ok
22:22:42.0076 0x1308  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
22:22:42.0078 0x1308  Wd - ok
22:22:42.0134 0x1308  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:22:42.0148 0x1308  Wdf01000 - ok
22:22:42.0174 0x1308  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:22:42.0180 0x1308  WdiServiceHost - ok
22:22:42.0185 0x1308  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:22:42.0191 0x1308  WdiSystemHost - ok
22:22:42.0235 0x1308  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
22:22:42.0251 0x1308  WebClient - ok
22:22:42.0272 0x1308  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:22:42.0280 0x1308  Wecsvc - ok
22:22:42.0302 0x1308  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:22:42.0307 0x1308  wercplsupport - ok
22:22:42.0347 0x1308  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
22:22:42.0352 0x1308  WerSvc - ok
22:22:42.0379 0x1308  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:22:42.0381 0x1308  WfpLwf - ok
22:22:42.0398 0x1308  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:22:42.0400 0x1308  WIMMount - ok
22:22:42.0555 0x1308  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:22:42.0575 0x1308  WinDefend - ok
22:22:42.0596 0x1308  WinHttpAutoProxySvc - ok
22:22:42.0659 0x1308  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:22:42.0669 0x1308  Winmgmt - ok
22:22:43.0015 0x1308  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:22:43.0049 0x1308  WinRM - ok
22:22:43.0140 0x1308  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:22:43.0153 0x16f4  Object required for P2P: [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC
22:22:43.0157 0x1308  WinUsb - ok
22:22:43.0218 0x1308  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:22:43.0249 0x1308  Wlansvc - ok
22:22:43.0269 0x1308  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:22:43.0272 0x1308  WmiAcpi - ok
22:22:43.0299 0x1308  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:22:43.0320 0x1308  wmiApSrv - ok
22:22:43.0557 0x1308  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:22:43.0586 0x1308  WMPNetworkSvc - ok
22:22:43.0614 0x1308  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:22:43.0619 0x1308  WPCSvc - ok
22:22:43.0636 0x1308  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:22:43.0643 0x1308  WPDBusEnum - ok
22:22:43.0663 0x1308  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:22:43.0665 0x1308  ws2ifsl - ok
22:22:43.0685 0x1308  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:22:43.0691 0x1308  wscsvc - ok
22:22:43.0697 0x1308  WSearch - ok
22:22:43.0901 0x096c  Object required for P2P: [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs
22:22:43.0947 0x1308  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
22:22:44.0001 0x1308  wuauserv - ok
22:22:44.0059 0x1308  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:22:44.0071 0x1308  WudfPf - ok
22:22:44.0178 0x1308  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:22:44.0194 0x1308  WUDFRd - ok
22:22:44.0254 0x1308  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:22:44.0264 0x1308  wudfsvc - ok
22:22:44.0320 0x1308  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:22:44.0334 0x1308  WwanSvc - ok
22:22:44.0366 0x1308  ================ Scan global ===============================
22:22:44.0389 0x1308  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
22:22:44.0489 0x1308  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:22:44.0518 0x1308  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:22:44.0573 0x1308  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:22:44.0613 0x1308  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
22:22:44.0625 0x1308  [ Global ] - ok
22:22:44.0625 0x1308  ================ Scan MBR ==================================
22:22:44.0643 0x1308  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:22:44.0908 0x1308  \Device\Harddisk0\DR0 - ok
22:22:44.0912 0x1308  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
22:22:45.0093 0x1308  \Device\Harddisk1\DR1 - ok
22:22:45.0093 0x1308  ================ Scan VBR ==================================
22:22:45.0098 0x1308  [ D6905BC905B930EE9817AEEA3E6A21FB ] \Device\Harddisk0\DR0\Partition1
22:22:45.0100 0x1308  \Device\Harddisk0\DR0\Partition1 - ok
22:22:45.0106 0x1308  [ 9406F62F49DA078C94E8EE5FFF375E9A ] \Device\Harddisk0\DR0\Partition2
22:22:45.0108 0x1308  \Device\Harddisk0\DR0\Partition2 - ok
22:22:45.0114 0x1308  [ E1C1AB295BB752D74FB53DB1B034826C ] \Device\Harddisk1\DR1\Partition1
22:22:45.0143 0x1308  \Device\Harddisk1\DR1\Partition1 - ok
22:22:45.0147 0x1308  [ A4631AD708DE1E7CA8393325817038BD ] \Device\Harddisk1\DR1\Partition2
22:22:45.0185 0x1308  \Device\Harddisk1\DR1\Partition2 - ok
22:22:45.0186 0x1308  ================ Scan generic autorun ======================
22:22:45.0300 0x1308  [ CEC11C45A2728C8D8F1C7EC4638956E5, 95797690E5FC096422ACDBB0578FB9DA9AE4D652CDCE6D7AAE342D3B55A86BA8 ] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
22:22:45.0366 0x1308  HDAudDeck - ok
22:22:45.0526 0x1308  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
22:22:45.0534 0x1308  GrooveMonitor - ok
22:22:45.0573 0x1308  [ 51D0B663036D3B1E165DAEF3F3D9592E, 794D0820686854DFF19931B774220B016854E7D82F7ADC63FAAF27715990BC2B ] C:\Windows\system32\igfxtray.exe
22:22:45.0591 0x1308  IgfxTray - ok
22:22:45.0625 0x1308  [ 41512BE016A84B94874149EB801CAA99, 46AE9D1C1953E0C1541EBCE1E4880B1EF7027E0216ECB0762CC8222BDB55D293 ] C:\Windows\system32\hkcmd.exe
22:22:45.0643 0x1308  HotKeysCmds - ok
22:22:45.0669 0x1308  [ E43FD1EFDA88447AB96F9A4EBCDD2AD7, F15ED1AC19CED392F36FCB8994EAB88C37FA981616652688FDE06CA294CD2912 ] C:\Windows\system32\igfxpers.exe
22:22:45.0679 0x1308  Persistence - ok
22:22:46.0081 0x1308  [ E774F875819DEE4A312A921A88F779FE, 793AE0F4C6173EAABC6A0B533735984ECFAFF7715D5BA8F0CF3F467660DFFC1B ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
22:22:46.0124 0x1308  IntelliPoint - ok
22:22:46.0225 0x1308  [ CFE4BD7C25A750D71A5BD2390953BEB6, AA536AFAEC82EF3C29C3EF36E32DCFE5646B0EDE0E8D84F7B9FB9D3294D55E9B ] c:\Program Files\Microsoft IntelliType Pro\itype.exe
22:22:46.0272 0x1308  itype - ok
22:22:46.0449 0x1308  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:22:46.0458 0x1308  SunJavaUpdateSched - ok
22:22:46.0509 0x1308  [ BF52C0C77799E091AC68D339BED0C11D, 9590A875598BAA16BAE2DC1C0C4A2C57A249C1E86DE53B97CCA0913DA46DFA28 ] C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
22:22:46.0514 0x1308  PSUAMain - ok
22:22:46.0584 0x1308  [ A05602FCF939A0A051D0CDF8C5CEDA98, A7FD36FAC8366D5B71854934E0B0CC2752C9C2B7173B31C6BDE4010864065189 ] C:\Program Files\Real\RealPlayer\update\realsched.exe
22:22:46.0597 0x1308  TkBellExe - ok
22:22:46.0699 0x1308  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:22:46.0727 0x1308  Sidebar - ok
22:22:46.0758 0x1308  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:22:46.0763 0x1308  mctadmin - ok
22:22:46.0801 0x1308  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:22:46.0828 0x1308  Sidebar - ok
22:22:46.0839 0x1308  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:22:46.0842 0x1308  mctadmin - ok
22:22:46.0853 0x096c  Object send P2P result: true
22:22:46.0913 0x1308  [ 9B6CEAC58C51AB0BD6F4FB9CFE5E20FF, 8FECE05F92A593369D0500DE2073DCC82ACBCAB8C10FB3CE65577F6C2D631DDF ] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
22:22:46.0925 0x1308  RoboForm - ok
22:22:47.0276 0x1308  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\user\AppData\Local\Akamai\netsession_win.exe
22:22:47.0447 0x1308  Akamai NetSession Interface - ok
22:22:47.0461 0x1308  Waiting for KSN requests completion. In queue: 341
22:22:48.0461 0x1308  Waiting for KSN requests completion. In queue: 341
22:22:49.0461 0x1308  Waiting for KSN requests completion. In queue: 341
22:22:50.0461 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:51.0461 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:52.0461 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:53.0461 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:54.0461 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:55.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:56.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:57.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:58.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:22:59.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:23:00.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:23:01.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:23:02.0462 0x1308  Waiting for KSN requests completion. In queue: 281
22:23:03.0159 0x16f4  Object send P2P result: false
22:23:03.0180 0x16f4  Object required for P2P: [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service
22:23:03.0462 0x1308  Waiting for KSN requests completion. In queue: 175
22:23:04.0462 0x1308  Waiting for KSN requests completion. In queue: 175
22:23:05.0462 0x1308  Waiting for KSN requests completion. In queue: 175
22:23:06.0126 0x16f4  Object send P2P result: true
22:23:06.0127 0x16f4  Object required for P2P: [ 03F899F521D2AAED1C55008F734DF252 ] MRxDAV
22:23:06.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:07.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:08.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:09.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:10.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:11.0462 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:12.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:13.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:14.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:15.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:16.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:17.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:18.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:19.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:20.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:21.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:22.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:23.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:24.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:25.0463 0x1308  Waiting for KSN requests completion. In queue: 163
22:23:26.0131 0x16f4  Object send P2P result: false
22:23:26.0140 0x16f4  Object required for P2P: [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc
22:23:26.0463 0x1308  Waiting for KSN requests completion. In queue: 90
22:23:27.0463 0x1308  Waiting for KSN requests completion. In queue: 90
22:23:28.0463 0x1308  Waiting for KSN requests completion. In queue: 90
22:23:29.0111 0x16f4  Object send P2P result: true
22:23:29.0610 0x1308  AV detected via SS2: Panda Free Antivirus, C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71000 ( enabled : updated )
22:23:29.0647 0x1308  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4765 ), 0x40000 ( disabled : updated )
22:23:29.0650 0x1308  FW detected via SS2: Panda Firewall, C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70010 ( disabled )
22:23:29.0657 0x1308  Win FW state via NFP2: enabled
22:23:32.0448 0x1308  ============================================================
22:23:32.0448 0x1308  Scan finished
22:23:32.0448 0x1308  ============================================================
22:23:32.0465 0x0a4c  Detected object count: 0
22:23:32.0465 0x0a4c  Actual detected object count: 0
22:25:24.0370 0x14d4  Deinitialize success
 
 
 
====================================================
====================================================
====================================================
 
 
 
 
 

HERE IS THE LOG FROM AdwCleaner:

 

 

 

# AdwCleaner v4.110 - Logfile created 06/02/2015 at 22:29:07

# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Program Files\Coupon Printer
Folder Found : C:\Program Files\PANDORA.TV
Folder Found : C:\Program Files\Toolbar Cleaner
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupon Printer
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;127.0.0.1:9421;<local>
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer2.2.0.9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\SOFTWARE\Toolbar Cleaner
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v35.0.1 (x86 el)
 
 
-\\ Google Chrome v40.0.2214.111
 
*************************
 
AdwCleaner[R0].txt - [25371 bytes] - [25/09/2013 22:09:01]
AdwCleaner[R1].txt - [1901 bytes] - [10/05/2014 12:51:47]
AdwCleaner[R2].txt - [2362 bytes] - [10/05/2014 13:11:26]
AdwCleaner[R3].txt - [1920 bytes] - [06/02/2015 22:29:07]
AdwCleaner[S0].txt - [25993 bytes] - [25/09/2013 22:10:28]
AdwCleaner[S1].txt - [2455 bytes] - [10/05/2014 13:23:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [2098 bytes] ##########
 
 
 
=======================================
=======================================
=======================================
 
 

HERE IS THE LOG FROM Junkware Removal Tool:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x86
Ran by user on ¨ 06/02/2015 at 22:37:04,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\Users\user\Local Settings\Application Data\adawarebp"
Successfully deleted: [Folder] "C:\Program Files\toolbar cleaner"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\83nt5rft.default\minidumps [3 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ¨ 06/02/2015 at 22:42:26,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 
 
I will post the results from the online scan soon ...
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 06 February 2015 - 04:03 PM

Ok, a couple things to do after we see ESET.. It may take a couple hours..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 07 February 2015 - 02:32 AM

After problems with downloading and a long long run here are the results from the online ESET scan.

 

C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\Program Files\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Program Files\pandasecuritytb\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\Program Files\pandasecuritytb\pandasecurityDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Program Files\pandasecuritytb\pandasecuritytb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\Users\user\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\user\Downloads\imf-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
G:\AUTODESK.AUTOCAD.V2014.WIN64-ISO\acad2014_x64.iso a variant of Win32/Keygen.HA potentially unsafe application deleted - quarantined


#6 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 08 February 2015 - 04:17 AM

After searching and reading some replies it this forum, I did the follow actions.
 
My Anti-malware check found the trojan DNSChanger, which I cleaned.
Here is the part of the log:
 
Registry Data: 2
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, 91.212.124.159 8.8.8.8, Good: (), Bad: (91.212.124.159),Replaced,[3ad8021837530630c6db823658add828]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{9D797350-5AA4-4624-AC7F-12A5E95AE0C2}|DhcpNameServer, 91.212.124.159 8.8.8.8, Good: (), Bad: (91.212.124.159),Replaced,[27eb54c68cfe85b1227ff2c6788dd030]
 
 
I don't lnow if it is relevant but it found it after I had change by hand the value of DhcpNameServer from 91.212.124.159 to my router's ip. The path is: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters
 
Then I change the Primary DNS of my router to 8.8.8.8 and the Secondary to 8.8.4.4.
 
The scan with SUPERAntiSpyware also found some relevant cookies that I deleted:
.adultcameras.info [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultcameras.info [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adultcameras.info [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adultcameras.info [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 
Hope that now I am clean. Let's see ...

Edited by stemi, 08 February 2015 - 04:20 AM.


#7 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 08 February 2015 - 10:22 AM

Unfortunately, it doesn't work. The popups are back. Strangely, the registry entry has the value: 8.8.8.8 and 8.8.4.4. At least, now I can open all the web pages without problem.


Edited by stemi, 08 February 2015 - 10:52 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 09 February 2015 - 01:38 PM

Hi, are you in Greece?
What is your Browser?
Have you run HitMAn lately?

Uninstall these ,,,
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java™ 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 09 February 2015 - 02:24 PM

Hi boopme,

Yes I am from Greece, Rhodes island.

 

My browser is Chrome  40.0.2214.111 m. I occassionaly use Firefox and IE. Firefox seems not to be affected by the problem. I don't remember if IE is affected. I think occasionally, it also faces problems.

 

I haven't run Hitman lately. Should I?

 

I have installed some hours before, Java 8 update 31, which prompted me to unistall any previous versions. I did it.

I am not sure how to unistall the updater. I have just changed the value of the EnableJavaUpdate in the registry from 1 to 0. Is that enough?

 

I will now do the TFC cleaning...



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 09 February 2015 - 02:40 PM

Ok as I saw some items in Greek and if you weren't Greek they weren't staying LOL.

That's good on the Java.

You can Run HitMan after this...
check for and disable or remove any unwanted add-ons from your browser:There are also more suggestion in these articles:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 09 February 2015 - 03:30 PM

Ok,

I did all the above.

 

I run HitmanPro. It didn't found any threats, just 49 traces. Here is the log:

 

HitmanPro 3.7.9.234
www.hitmanpro.com
 
   Computer name . . . . : USER-PC
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : user-PC\user
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2015-02-09 22:07:36
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 10m 40s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 49
 
   Objects scanned . . . : 1.707.616
   Files scanned . . . . : 123.420
   Remnants scanned  . . : 640.434 files / 943.762 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\user\Desktop\MiniToolBox.exe
      Size . . . . . . . : 401.920 bytes
      Age  . . . . . . . : 3.0 days (2015-02-06 22:16:52)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 520E765E9043243127BE3D7B7210D32E2D1994866DC7A0F57EC05FA480D6D062
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
   C:\Users\user\Downloads\MiniToolBox.exe
      Size . . . . . . . : 401.920 bytes
      Age  . . . . . . . : 3.0 days (2015-02-06 22:14:59)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 520E765E9043243127BE3D7B7210D32E2D1994866DC7A0F57EC05FA480D6D062
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
 
Potential Unwanted Programs _________________________________________________
 
   HKLM\SOFTWARE\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193}\ (iMesh)
 
Cookies _____________________________________________________________________
 
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.polmontventures.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ar.atwola.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:atwola.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
   C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:ad.360yield.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:adtech.de
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:adtechus.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:advertising.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:at.atwola.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:burstnet.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:casalemedia.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:doubleclick.net
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:fastclick.net
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:media6degrees.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:revsci.net
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:ru4.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:serving-sys.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:smartadserver.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:www.burstnet.com
   C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\83nt5rft.default\cookies.sqlite:www.etracker.de
 
 


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 09 February 2015 - 03:57 PM

Hi, OK this , the registry entry has the value: 8.8.8.8 and 8.8.4.4. Is probably Google Public DNS and you may want that.. But lets get a deeper look and see where those pop ups are from.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 09 February 2015 - 04:12 PM

Thank you boopme. It is a couple of hours now that my pc runs without problem. I will wait and if the problem persists, I hill follow the guide.

 

Thank you!



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:07 PM

Posted 09 February 2015 - 04:21 PM

OK, Fair enough.. Topic will stay open. Have a great day!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 stemi

stemi
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 13 February 2015 - 03:21 PM

It is now some days without the virus! It seems tha the unistall of previous versions of Java (and maybe the TFC) were the solution! Also, the DNS change of the router may have played a role! Thank you.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users