Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

severe virus


  • Please log in to reply
14 replies to this topic

#1 markbrut

markbrut

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 07:03 PM

hello...I somehow have the worst virus I have ever seen on my PC...I can generally figure my way through virus remove but this one has me baffled and has completely sabotaged my system to where it is virtually unusable...severe pop ups and ads of all different kinds, many with sound...system sounds also altered...

 

I use Firefox and have checked the add ons but nothing odd there, have tried uninstall programs and see nothing unusual, have run Adware and Malware Bytes and neither is picking anything up and tried task manager but don't see any .exe files out of the ordinary...

 

I could really use some help with this and this forum has really been great in the past..thanks...



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 13 March 2015 - 07:11 PM

Hi mark, I moved this to the Am I Infected forum.


Can you run these?

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 07:51 PM

THANKS so much for the fast reply...per your request

 

RKILL:

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/13/2015 06:17:35 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\runservice.exe (PID: 2080) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!

  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to !
  * HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 03/13/2015 06:29:44 PM
Execution time: 0 hours(s), 12 minute(s), and 8 seconds(s)


MINI TOOLBOX:

MiniToolBox by Farbar  Version: 09-03-2015
Ran by markbrut (administrator) on 13-03-2015 at 18:31:31
Running from "C:\Users\markbrut\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Inspiron 5520 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1704 802.11b/g/n (2.4GHz) = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.138 metric=1 publish=Yes
set subinterface interface=?2) subinterface=ethernet_12 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : markbrut-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gatlinburginn

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : C0-18-85-B9-B8-22
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
   Physical Address. . . . . . . . . : C2-18-85-B9-38-21
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gatlinburginn
   Description . . . . . . . . . . . : Dell Wireless 1704 802.11b/g/n (2.4GHz)
   Physical Address. . . . . . . . . : C0-18-85-B9-B8-21
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b063:f94:3521:df5b%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.168.11.135(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Friday, March 13, 2015 5:39:01 PM
   Lease Expires . . . . . . . . . . : Friday, March 13, 2015 7:39:02 PM
   Default Gateway . . . . . . . . . : 10.168.8.1
   DHCP Server . . . . . . . . . . . : 10.168.8.1
   DHCPv6 IAID . . . . . . . . . . . : 230692997
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-34-A8-2C-D4-BE-D9-29-40-ED
   DNS Servers . . . . . . . . . . . : 10.168.8.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : D4-BE-D9-29-40-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.co.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 35:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:38d8:39af:f557:f478(Preferred)
   Link-local IPv6 Address . . . . . : fe80::38d8:39af:f557:f478%49(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{35E03823-755E-4B40-869A-599C3F1D3C7B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FF62BD8A-49D4-4095-885F-328E76A23DFE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gatlinburginn:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gatlinburginn
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #11
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2B69AE86-C8B9-4279-94D5-5C40DAF83F29}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #12
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  ats-nc.gatlinburginn
Address:  10.168.8.1

Name:    google.com
Addresses:  2607:f8b0:4002:c03::66
      173.194.219.102
      173.194.219.100
      173.194.219.139
      173.194.219.113
      173.194.219.138
      173.194.219.101


Pinging google.com [173.194.219.101] with 32 bytes of data:
Reply from 173.194.219.101: bytes=32 time=32ms TTL=43
Reply from 173.194.219.101: bytes=32 time=28ms TTL=43

Ping statistics for 173.194.219.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 32ms, Average = 30ms
Server:  ats-nc.gatlinburginn
Address:  10.168.8.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=68ms TTL=47
Reply from 98.138.253.109: bytes=32 time=65ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 68ms, Average = 66ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...c0 18 85 b9 b8 22 ......Bluetooth Device (Personal Area Network)
 14...c2 18 85 b9 38 21 ......Broadcom Virtual Wireless Adapter
 12...c0 18 85 b9 b8 21 ......Dell Wireless 1704 802.11b/g/n (2.4GHz)
 11...d4 be d9 29 40 ed ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 49...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 51...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 52...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
 53...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #11
 54...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #12
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.168.8.1    10.168.11.135     25
       10.168.8.0    255.255.252.0         On-link     10.168.11.135    281
    10.168.11.135  255.255.255.255         On-link     10.168.11.135    281
    10.168.11.255  255.255.255.255         On-link     10.168.11.135    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     10.168.11.135    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     10.168.11.135    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0    192.168.1.138       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 49     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 49     58 2001::/32                On-link
 49    306 2001:0:9d38:6ab8:38d8:39af:f557:f478/128
                                    On-link
 12    281 fe80::/64                On-link
 49    306 fe80::/64                On-link
 49    306 fe80::38d8:39af:f557:f478/128
                                    On-link
 12    281 fe80::b063:f94:3521:df5b/128
                                    On-link
  1    306 ff00::/8                 On-link
 49    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/13/2015 05:37:47 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=F00}
An error occurred while uploading the virtual environment (section: Q:\140066.ENU\SoftGridUserSettings), rc 0FD00D14-00000570

Error: (03/13/2015 05:37:47 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (03/13/2015 05:37:17 PM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (03/13/2015 05:36:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2015 05:35:46 PM) (Source: Application Virtualization Client) (User: )
Description: {tid=F00}
corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (03/13/2015 05:26:42 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.

Error: (03/13/2015 05:22:48 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 24482. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (03/13/2015 05:22:45 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/13/2015 05:22:45 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 24482. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (03/13/2015 05:19:09 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=10E0}
An error occurred while uploading the virtual environment (section: Q:\140066.ENU\SoftGridUserSettings), rc 0FD00D14-00000570


System errors:
=============
Error: (03/13/2015 06:17:37 PM) (Source: Service Control Manager) (User: )
Description: The LicCtrl Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/13/2015 05:42:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (03/13/2015 05:40:33 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (03/13/2015 05:37:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/13/2015 05:35:07 PM) (Source: Service Control Manager) (User: )
Description: The Digidesign MME Refresh Service service failed to start due to the following error:
%%2

Error: (03/13/2015 05:35:06 PM) (Source: Service Control Manager) (User: )
Description: The BingBar Service service failed to start due to the following error:
%%2

Error: (03/13/2015 05:25:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (03/13/2015 05:17:16 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/13/2015 05:15:18 PM) (Source: Service Control Manager) (User: )
Description: The Digidesign MME Refresh Service service failed to start due to the following error:
%%2

Error: (03/13/2015 05:15:08 PM) (Source: Service Control Manager) (User: )
Description: The BingBar Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/13/2015 05:37:47 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=F00}
Q:\140066.ENU\SoftGridUserSettings0FD00D14-00000570

Error: (03/13/2015 05:37:47 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (03/13/2015 05:37:17 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (03/13/2015 05:36:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2015 05:35:46 PM) (Source: Application Virtualization Client)(User: )
Description: {tid=F00}
Q:\140066.enu\osguard.cp

Error: (03/13/2015 05:26:42 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server did not return the file size. The URL might point to dynamic content. The Content-Length header is not available in the server's HTTP reply.

Error: (03/13/2015 05:22:48 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 2448216A25F0000A05F0000A15F0000B8010000

Error: (03/13/2015 05:22:45 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/13/2015 05:22:45 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 2448216A25F0000A05F0000A15F000068010000

Error: (03/13/2015 05:19:09 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=10E0}
Q:\140066.ENU\SoftGridUserSettings0FD00D14-00000570


CodeIntegrity Errors:
===================================
  Date: 2015-03-08 17:55:04.602
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 17:55:04.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 17:12:20.340
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 17:12:20.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 17:12:20.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 17:12:20.182
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 16:37:28.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 16:37:28.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 16:37:28.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-08 16:37:28.535
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avid Effects (HKLM\...\{0faad20d-ad8d-4249-ad93-7f006f2aa54b}) (Version: 11.1.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 11.1.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM\...\{6639EEFC-1096-40B4-9BF6-92046A3D4287}) (Version: 11.1.2 - Avid Technology, Inc.)
Backblaze (HKLM-x32\...\Backblaze) (Version:  - Backblaze, Inc)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}) (Version: 7.1.391.0 - Microsoft Corporation)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bowl Bound College Football Demo (HKLM-x32\...\Bowl Bound College Football Demo) (Version:  - Grey Dog Software)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ?Canon Inc.?)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ?Canon Inc.?)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.00 - Canon Inc.)
Canon MG5400 series On-screen Manual (HKLM-x32\...\Canon MG5400 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG5400 series User Registration (HKLM-x32\...\Canon MG5400 series User Registration) (Version:  - Canon Inc.?)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.29.0 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{03F28B72-0BEC-4998-95D9-4AA9418D0041}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 10.3.0.49 - ELAN Microelectronic Corp.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Digidesign ElevenRack Driver 1.0.8 (x64) (HKLM\...\{DFE96CF0-A611-40C4-AE24-2E4C21E3FF3E}) (Version: 1.0.8 - Digidesign)
Digidesign HFS+ Disk Support (HKLM\...\{5984CE26-CF4A-4564-9511-D49589C8FE9E}) (Version: 8.0.6.52 - Digidesign, A Division of Avid Technology, Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.49 - Dell Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
iBackupBot 5.2.7 (HKLM-x32\...\iBackupBot) (Version: 5.2.7 - VOWSoft, Ltd.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDTE-ID3 Tag Editor (HKCU\...\IDTE-ID3 Tag Editor) (Version: 02.40.00.00 - Team IDTE)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.5 - PACE Anti-Piracy)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Dreamweaver Packages (HKCU\...\Macromedia Dreamweaver Packages) (Version:  - )
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Master Tour (HKLM-x32\...\Master Tour) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20012 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
NHL Eastside Hockey Manager 2007 (HKLM-x32\...\{9DE4E17F-0C99-4A57-8F7D-5B69CC95D7A9}) (Version: 3.0.0 - SEGA)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.2.1.0324 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.2.1.0324 - PACE Anti-Piracy, Inc.) Hidden
PDFBinder (HKLM-x32\...\{8BA03AC2-579F-41CD-A250-740137D86F7A}) (Version: 1.0.0 - Malamute.dk)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Professional Football Simulator (HKLM-x32\...\{AB8AD434-E1D8-4BAA-9D25-574D9B2EF9FF}) (Version: 1.1.114 - BarcodeGames)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.14.010 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.)
Reason 3.0 (HKLM-x32\...\Reason_is1) (Version: 3.0 - Propellerhead Software AB)
Replay Music 7 (7.0.0.30) (HKLM-x32\...\Replay Music 7) (Version: 7.0.0.30 - Applian Technologies)
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SimCity 4 Deluxe (HKLM-x32\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoundToys Little PrimalTap V1 (HKLM\...\Little PrimalTap V1_is1) (Version:  - SoundToys Inc)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Subsonic (HKLM-x32\...\Subsonic) (Version:  - )
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
TurboTax 2011 WinBizFedFormset (x32 Version: 011.000.1467 - Intuit Inc.) Hidden
TurboTax 2011 WinBizReleaseEngine (x32 Version: 011.000.0400 - Intuit Inc.) Hidden
TurboTax 2011 WinBizTaxSupport (x32 Version: 011.000.0924 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0120 - Intuit Inc.) Hidden
TurboTax 2012 wcopbpm (x32 Version: 012.000.0353 - Intuit Inc.) Hidden
TurboTax 2012 WinBizFedFormset (x32 Version: 012.000.1148 - Intuit Inc.) Hidden
TurboTax 2012 WinBizReleaseEngine (x32 Version: 012.000.0402 - Intuit Inc.) Hidden
TurboTax 2012 WinBizTaxSupport (x32 Version: 012.000.1137 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 wcopbpm (x32 Version: 013.000.0294 - Intuit Inc.) Hidden
TurboTax 2013 WinBizFedFormset (x32 Version: 013.000.1230 - Intuit Inc.) Hidden
TurboTax 2013 WinBizReleaseEngine (x32 Version: 013.000.0434 - Intuit Inc.) Hidden
TurboTax 2013 WinBizTaxSupport (x32 Version: 013.000.0899 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
TurboTax Business 2011 (HKLM-x32\...\TurboTax Business 2011) (Version:  - Intuit, Inc)
TurboTax Business 2012 (HKLM-x32\...\TurboTax Business 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax Business 2013 (HKLM-x32\...\TurboTax Business 2013) (Version: 2013.0 - Intuit, Inc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A12F43A5-CF0B-44E3-942F-2441CD442F0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{E762A933-274B-4860-B066-A39FAB0838FD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2956054) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{54F6ECE6-BAB4-4E7D-ADB0-072FC951A280}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8FDB127C-B5F8-459C-B3BF-098C4270201F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{82148027-13B5-4920-97F3-6A44A29B83D0}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8FDB127C-B5F8-459C-B3BF-098C4270201F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DEFF916D-4268-49CF-8FF3-E26253582E13}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{FC666DD5-8A58-401B-9B1E-2CBB451932E8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DF548669-AAED-467B-A074-AE2B72A4A871}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2956129) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{433A91E3-5A83-41A6-828A-DCED3EE9EDA8}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Workspace Desktop (HKCU\...\workspacedesktop) (Version:  - Starfield Technologies)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 6044.36 MB
Available physical RAM: 2286.69 MB
Total Pagefile: 12086.91 MB
Available Pagefile: 8033.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.82 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:684.79 GB) (Free:33.74 GB) NTFS

========================= Users: ========================================

User accounts for \\MARKBRUT-PC

9BEE3DCFE05949878EFE     Administrator            CA48D1EE21D943918CAA     
E6327DC6D45047EC8F76     Guest                    markbrut                 


**** End of log ****

 



#4 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 07:52 PM

TDS report:

 

18:33:20.0150 0x2528  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:33:24.0323 0x2528  ============================================================
18:33:24.0323 0x2528  Current date / time: 2015/03/13 18:33:24.0323
18:33:24.0323 0x2528  SystemInfo:
18:33:24.0323 0x2528  
18:33:24.0323 0x2528  OS Version: 6.1.7601 ServicePack: 1.0
18:33:24.0323 0x2528  Product type: Workstation
18:33:24.0323 0x2528  ComputerName: MARKBRUT-PC
18:33:24.0323 0x2528  UserName: markbrut
18:33:24.0323 0x2528  Windows directory: C:\Windows
18:33:24.0323 0x2528  System windows directory: C:\Windows
18:33:24.0323 0x2528  Running under WOW64
18:33:24.0323 0x2528  Processor architecture: Intel x64
18:33:24.0323 0x2528  Number of processors: 4
18:33:24.0323 0x2528  Page size: 0x1000
18:33:24.0323 0x2528  Boot type: Normal boot
18:33:24.0324 0x2528  ============================================================
18:33:26.0265 0x2528  KLMD registered as C:\Windows\system32\drivers\08354099.sys
18:33:27.0562 0x2528  System UUID: {2303131A-204A-5C34-5684-9756C6292B41}
18:33:28.0600 0x2528  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:28.0619 0x2528  ============================================================
18:33:28.0619 0x2528  \Device\Harddisk0\DR0:
18:33:28.0631 0x2528  MBR partitions:
18:33:28.0631 0x2528  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1B9F000
18:33:28.0631 0x2528  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BB3000, BlocksNum 0x55992800
18:33:28.0631 0x2528  ============================================================
18:33:28.0693 0x2528  C: <-> \Device\Harddisk0\DR0\Partition2
18:33:28.0693 0x2528  ============================================================
18:33:28.0693 0x2528  Initialize success
18:33:28.0693 0x2528  ============================================================
18:33:45.0663 0x08a8  ============================================================
18:33:45.0663 0x08a8  Scan started
18:33:45.0664 0x08a8  Mode: Manual;
18:33:45.0664 0x08a8  ============================================================
18:33:45.0664 0x08a8  KSN ping started
18:33:48.0523 0x08a8  KSN ping finished: true
18:33:51.0660 0x08a8  ================ Scan system memory ========================
18:33:51.0660 0x08a8  System memory - ok
18:33:51.0660 0x08a8  ================ Scan services =============================
18:33:52.0356 0x08a8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:33:52.0369 0x08a8  1394ohci - ok
18:33:52.0465 0x08a8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:33:52.0472 0x08a8  ACPI - ok
18:33:52.0583 0x08a8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:33:52.0597 0x08a8  AcpiPmi - ok
18:33:52.0873 0x08a8  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:33:52.0882 0x08a8  Adobe LM Service - ok
18:33:53.0100 0x08a8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:53.0116 0x08a8  AdobeARMservice - ok
18:33:53.0739 0x08a8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:53.0751 0x08a8  AdobeFlashPlayerUpdateSvc - ok
18:33:53.0966 0x08a8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:33:53.0998 0x08a8  adp94xx - ok
18:33:54.0161 0x08a8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:33:54.0183 0x08a8  adpahci - ok
18:33:54.0295 0x08a8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:33:54.0311 0x08a8  adpu320 - ok
18:33:54.0338 0x08a8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:33:54.0357 0x08a8  AeLookupSvc - ok
18:33:54.0630 0x08a8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:33:54.0640 0x08a8  AFD - ok
18:33:54.0750 0x08a8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:33:54.0760 0x08a8  agp440 - ok
18:33:54.0832 0x08a8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:33:54.0838 0x08a8  ALG - ok
18:33:54.0981 0x08a8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:33:54.0984 0x08a8  aliide - ok
18:33:55.0392 0x08a8  [ FF6F0F6A2D72065AE4300426FA414693, 124FEB2AFA0050D3418FB1E341FC8A5E8EE8D6EDEFE4A192BE948057CE5EB74E ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
18:33:55.0418 0x08a8  Amazon Download Agent - ok
18:33:55.0551 0x08a8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:33:55.0560 0x08a8  amdide - ok
18:33:55.0669 0x08a8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:33:55.0684 0x08a8  AmdK8 - ok
18:33:55.0707 0x08a8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:33:55.0721 0x08a8  AmdPPM - ok
18:33:55.0827 0x08a8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:33:55.0840 0x08a8  amdsata - ok
18:33:55.0940 0x08a8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:33:55.0955 0x08a8  amdsbs - ok
18:33:55.0998 0x08a8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:33:56.0026 0x08a8  amdxata - ok
18:33:56.0198 0x08a8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:33:56.0217 0x08a8  AppID - ok
18:33:56.0331 0x08a8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:33:56.0353 0x08a8  AppIDSvc - ok
18:33:56.0517 0x08a8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:33:56.0519 0x08a8  Appinfo - ok
18:33:56.0957 0x08a8  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:33:56.0974 0x08a8  Apple Mobile Device - ok
18:33:57.0116 0x08a8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:33:57.0142 0x08a8  arc - ok
18:33:57.0218 0x08a8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:33:57.0231 0x08a8  arcsas - ok
18:33:57.0614 0x08a8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:33:57.0648 0x08a8  aspnet_state - ok
18:33:57.0734 0x08a8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:57.0735 0x08a8  AsyncMac - ok
18:33:57.0844 0x08a8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:33:57.0845 0x08a8  atapi - ok
18:33:58.0090 0x08a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:58.0144 0x08a8  AudioEndpointBuilder - ok
18:33:58.0210 0x08a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:33:58.0224 0x08a8  AudioSrv - ok
18:33:58.0376 0x08a8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:33:58.0388 0x08a8  AxInstSV - ok
18:33:58.0600 0x08a8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:33:58.0610 0x08a8  b06bdrv - ok
18:33:58.0724 0x08a8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:58.0730 0x08a8  b57nd60a - ok
18:33:58.0923 0x08a8  BBSvc - ok
18:33:58.0961 0x08a8  BBUpdate - ok
18:33:59.0089 0x08a8  [ BC9E4469FE2CE605902D4C8BB09E8236, 13C906DEE487E46037F6DAB82CD65B49CECCA8A7BAC9E1FFD34767AA288A9B76 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
18:33:59.0098 0x08a8  bcbtums - ok
18:33:59.0138 0x08a8  [ 1986D4C2C13FE5D38C20F8F9A43FA1E0, F7897C328E10430C23237B80FBB6E23FC42A9CA7FD0F75B3D991404F67C91E67 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
18:33:59.0149 0x08a8  BCM42RLY - ok
18:34:00.0262 0x08a8  [ 67E781B84740939F0F61B05789BF7347, 445C8F9181FDFCDA6DF75C8D581B52EA742EF060DE541B6B4D2EEEFBA3023818 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:34:00.0450 0x08a8  BCM43XX - ok
18:34:00.0653 0x08a8  [ 52752A34FE0D4105CC814F5CC539132B, CCB3A4DDC6DD18B17613220E6DF09A43032362EFD22EA1058C5A6E9C6CED63EE ] BcmVWL          C:\Windows\system32\DRIVERS\bcmvwl64.sys
18:34:00.0666 0x08a8  BcmVWL - ok
18:34:00.0713 0x08a8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:34:00.0745 0x08a8  BDESVC - ok
18:34:00.0848 0x08a8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:34:00.0849 0x08a8  Beep - ok
18:34:01.0048 0x08a8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:34:01.0080 0x08a8  BFE - ok
18:34:01.0249 0x08a8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:34:01.0267 0x08a8  BITS - ok
18:34:01.0370 0x08a8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:34:01.0375 0x08a8  blbdrive - ok
18:34:01.0793 0x08a8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:34:01.0806 0x08a8  Bonjour Service - ok
18:34:01.0918 0x08a8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:34:01.0920 0x08a8  bowser - ok
18:34:02.0089 0x08a8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:34:02.0103 0x08a8  BrFiltLo - ok
18:34:02.0159 0x08a8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:34:02.0173 0x08a8  BrFiltUp - ok
18:34:02.0326 0x08a8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:34:02.0329 0x08a8  BridgeMP - ok
18:34:02.0514 0x08a8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:34:02.0517 0x08a8  Browser - ok
18:34:02.0576 0x08a8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:34:02.0582 0x08a8  Brserid - ok
18:34:02.0699 0x08a8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:34:02.0701 0x08a8  BrSerWdm - ok
18:34:02.0783 0x08a8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:34:02.0783 0x08a8  BrUsbMdm - ok
18:34:02.0872 0x08a8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:34:02.0873 0x08a8  BrUsbSer - ok
18:34:02.0986 0x08a8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:34:02.0987 0x08a8  BthEnum - ok
18:34:03.0103 0x08a8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:34:03.0105 0x08a8  BTHMODEM - ok
18:34:03.0149 0x08a8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:34:03.0152 0x08a8  BthPan - ok
18:34:03.0337 0x08a8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
18:34:03.0349 0x08a8  BTHPORT - ok
18:34:03.0413 0x08a8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:34:03.0432 0x08a8  bthserv - ok
18:34:03.0517 0x08a8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
18:34:03.0530 0x08a8  BTHUSB - ok
18:34:03.0747 0x08a8  [ 93F0E54C65EF7FCB56287FA685E4C4B7, FF8644C2F9DC4CDB1BDBD7C25968225769B2DAE7E063BE0FEDCD51809C48CB4D ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
18:34:03.0778 0x08a8  btwampfl - ok
18:34:03.0924 0x08a8  [ D1F3C58892C621935947C0261BAEF3C0, AEDAF86A78F615C9124A968568FAA41AA145E6AAE910AB16E370B83BC67BB603 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
18:34:03.0939 0x08a8  btwaudio - ok
18:34:04.0034 0x08a8  [ 9C7A3858D87F3A2574C1D326CA6C1461, EA98D1DE3E1BF3BB952FC11511082EC1D398B448C712141B7FC35AFB7E40C4E5 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
18:34:04.0039 0x08a8  btwavdt - ok
18:34:04.0474 0x08a8  [ CE6AD9E2874D19069569F03C819B558C, 719326983BC442B416651DB51DD20AA32455B93A79C48B386913296F65B50E6F ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:34:04.0537 0x08a8  btwdins - ok
18:34:04.0556 0x08a8  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
18:34:04.0558 0x08a8  btwl2cap - ok
18:34:04.0582 0x08a8  [ BB892C59D453E127797F8C5B203678DC, 9ED6E44B1E1050F275BEDE733970F455867147F6EC08CD6522E5AA2F55CB5B71 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
18:34:04.0582 0x08a8  btwrchid - ok
18:34:04.0950 0x08a8  [ 07F135A94B04E61B1AACBEDF008FC797, 8B8AD28FB9A81EA80473AD2AE03003706E979E540FF193CC485CC5A41266F515 ] bzserv          C:\Program Files (x86)\Backblaze\bzserv.exe
18:34:04.0959 0x08a8  bzserv - ok
18:34:05.0518 0x08a8  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:34:05.0630 0x08a8  c2cautoupdatesvc - ok
18:34:06.0210 0x08a8  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:34:06.0299 0x08a8  c2cpnrsvc - ok
18:34:06.0367 0x08a8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:34:06.0369 0x08a8  cdfs - ok
18:34:06.0469 0x08a8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:34:06.0472 0x08a8  cdrom - ok
18:34:06.0585 0x08a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:34:06.0597 0x08a8  CertPropSvc - ok
18:34:06.0706 0x08a8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:34:06.0707 0x08a8  circlass - ok
18:34:06.0760 0x08a8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:34:06.0768 0x08a8  CLFS - ok
18:34:06.0981 0x08a8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:06.0982 0x08a8  clr_optimization_v2.0.50727_32 - ok
18:34:07.0128 0x08a8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:34:07.0130 0x08a8  clr_optimization_v2.0.50727_64 - ok
18:34:07.0881 0x08a8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:07.0884 0x08a8  clr_optimization_v4.0.30319_32 - ok
18:34:07.0945 0x08a8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:34:07.0948 0x08a8  clr_optimization_v4.0.30319_64 - ok
18:34:08.0003 0x08a8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:34:08.0003 0x08a8  CmBatt - ok
18:34:08.0073 0x08a8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:34:08.0073 0x08a8  cmdide - ok
18:34:08.0211 0x08a8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:34:08.0221 0x08a8  CNG - ok
18:34:08.0592 0x08a8  [ 97238AC8006C14EAF80E374D3B81C2B3, 1E1BE4D4211055CFB7DA88C259D10749AEE389392D31E52ADF5A55F21294998D ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:34:08.0625 0x08a8  CnxtHdAudService - ok
18:34:08.0746 0x08a8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:34:08.0747 0x08a8  Compbatt - ok
18:34:08.0849 0x08a8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:34:08.0850 0x08a8  CompositeBus - ok
18:34:08.0881 0x08a8  COMSysApp - ok
18:34:09.0706 0x08a8  [ 596D0FF60A26F320AA38875ED089EF22, 5F480D616885E8B7215E623D640E8906BB4C528006C1B86FAAE0E080EE347BE2 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:34:09.0712 0x08a8  cphs - ok
18:34:09.0757 0x08a8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:34:09.0758 0x08a8  crcdisk - ok
18:34:09.0948 0x08a8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:34:09.0952 0x08a8  CryptSvc - ok
18:34:10.0055 0x08a8  [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:34:10.0061 0x08a8  CtClsFlt - ok
18:34:10.0485 0x08a8  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:34:10.0505 0x08a8  cvhsvc - ok
18:34:10.0652 0x08a8  [ 9A59DF2CA690019FEA3B265D5A7EB619, F15D51B3C78A213BA6D6FF7CEA58549673CEAFE97C0A6C90C93591637CE4D5B2 ] CxUtilSvc       C:\Program Files\Conexant\SA3\CxUtilSvc.exe
18:34:10.0661 0x08a8  CxUtilSvc - ok
18:34:10.0878 0x08a8  [ E6CE7188CC47AE5DAFDAF552D370C52F, D68E48F137BF8C6CD0BE4248F9F9D7C68F273C34304641756A76364E915BF428 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
18:34:10.0881 0x08a8  dc3d - ok
18:34:11.0100 0x08a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:34:11.0112 0x08a8  DcomLaunch - ok
18:34:11.0269 0x08a8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:34:11.0283 0x08a8  defragsvc - ok
18:34:11.0363 0x08a8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:34:11.0365 0x08a8  DfsC - ok
18:34:11.0586 0x08a8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:34:11.0598 0x08a8  Dhcp - ok
18:34:11.0761 0x08a8  [ D248065B996C1B19ACE906839C5AF3DA, D55077D892E7C58ECE9AE37434E464363C889616B88DF16103D126DB4B52C509 ] DigiNet         C:\Windows\system32\DRIVERS\diginet.sys
18:34:11.0762 0x08a8  DigiNet - ok
18:34:11.0893 0x08a8  DigiRefresh - ok
18:34:12.0395 0x08a8  [ E1885060B3946B7560E38440B97004D8, 5E4C3AD554FAD20F3E2C121719068EF7C64CFC01BA0C69F72AD5B84A483CDF06 ] digiSPTIService64 C:\Program Files\Avid\Pro Tools\digisptiservice64.exe
18:34:12.0599 0x08a8  digiSPTIService64 - ok
18:34:12.0642 0x08a8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:34:12.0643 0x08a8  discache - ok
18:34:12.0790 0x08a8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:34:12.0792 0x08a8  Disk - ok
18:34:12.0914 0x08a8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:34:12.0926 0x08a8  Dnscache - ok
18:34:13.0006 0x08a8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:34:13.0031 0x08a8  dot3svc - ok
18:34:13.0147 0x08a8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:34:13.0166 0x08a8  DPS - ok
18:34:13.0314 0x08a8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:34:13.0314 0x08a8  drmkaud - ok
18:34:13.0627 0x08a8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:34:13.0647 0x08a8  DXGKrnl - ok
18:34:13.0749 0x08a8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:34:13.0763 0x08a8  EapHost - ok
18:34:14.0424 0x08a8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:34:14.0489 0x08a8  ebdrv - ok
18:34:14.0566 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
18:34:14.0567 0x08a8  EFS - ok
18:34:14.0868 0x08a8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:34:14.0882 0x08a8  ehRecvr - ok
18:34:14.0953 0x08a8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:34:14.0956 0x08a8  ehSched - ok
18:34:15.0075 0x08a8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:34:15.0086 0x08a8  elxstor - ok
18:34:15.0131 0x08a8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:34:15.0132 0x08a8  ErrDev - ok
18:34:15.0245 0x08a8  [ 9F819F324CC4141FAFD5F44B0EAFB1C2, F4309CD898DF3CF4FEDBFB05ACE82C200D460E2A6E548703A344878631BD5178 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
18:34:15.0249 0x08a8  ETD - ok
18:34:15.0418 0x08a8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:34:15.0427 0x08a8  EventSystem - ok
18:34:15.0509 0x08a8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:34:15.0513 0x08a8  exfat - ok
18:34:15.0612 0x08a8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:34:15.0617 0x08a8  fastfat - ok
18:34:15.0769 0x08a8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:34:15.0784 0x08a8  Fax - ok
18:34:15.0822 0x08a8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:34:15.0823 0x08a8  fdc - ok
18:34:15.0869 0x08a8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:34:15.0883 0x08a8  fdPHost - ok
18:34:15.0909 0x08a8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:34:15.0925 0x08a8  FDResPub - ok
18:34:16.0200 0x08a8  [ 09E439E0BB8970A2A8E639EE10A693D5, 050ADA714DE6487055798D799B1005B8F639394D5892644D65E5FA05C3DE058A ] File Backup     C:\Program Files (x86)\Workspace\offSyncService.exe
18:34:16.0221 0x08a8  File Backup - ok
18:34:16.0248 0x08a8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:34:16.0249 0x08a8  FileInfo - ok
18:34:16.0272 0x08a8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:34:16.0272 0x08a8  Filetrace - ok
18:34:16.0321 0x08a8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:34:16.0322 0x08a8  flpydisk - ok
18:34:16.0392 0x08a8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:34:16.0398 0x08a8  FltMgr - ok
18:34:16.0713 0x08a8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:34:16.0762 0x08a8  FontCache - ok
18:34:16.0917 0x08a8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:34:16.0919 0x08a8  FontCache3.0.0.0 - ok
18:34:16.0947 0x08a8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:34:16.0949 0x08a8  FsDepends - ok
18:34:17.0035 0x08a8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:34:17.0036 0x08a8  Fs_Rec - ok
18:34:17.0175 0x08a8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:34:17.0179 0x08a8  fvevol - ok
18:34:17.0272 0x08a8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:34:17.0274 0x08a8  gagp30kx - ok
18:34:17.0450 0x08a8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:34:17.0454 0x08a8  GamesAppService - ok
18:34:17.0551 0x08a8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:34:17.0552 0x08a8  GEARAspiWDM - ok
18:34:17.0726 0x08a8  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
18:34:17.0726 0x08a8  gfibto - ok
18:34:17.0884 0x08a8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:34:17.0911 0x08a8  gpsvc - ok
18:34:17.0980 0x08a8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:34:17.0981 0x08a8  hcw85cir - ok
18:34:18.0061 0x08a8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:34:18.0064 0x08a8  HDAudBus - ok
18:34:18.0119 0x08a8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:34:18.0120 0x08a8  HidBatt - ok
18:34:18.0144 0x08a8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:34:18.0146 0x08a8  HidBth - ok
18:34:18.0201 0x08a8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:34:18.0202 0x08a8  HidIr - ok
18:34:18.0246 0x08a8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:34:18.0255 0x08a8  hidserv - ok
18:34:18.0447 0x08a8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:34:18.0448 0x08a8  HidUsb - ok
18:34:18.0488 0x08a8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:34:18.0491 0x08a8  hkmsvc - ok
18:34:18.0590 0x08a8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:34:18.0608 0x08a8  HomeGroupListener - ok
18:34:18.0646 0x08a8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:34:18.0655 0x08a8  HomeGroupProvider - ok
18:34:18.0737 0x08a8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:34:18.0752 0x08a8  HpSAMD - ok
18:34:18.0855 0x08a8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:34:18.0870 0x08a8  HTTP - ok
18:34:18.0936 0x08a8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:34:18.0937 0x08a8  hwpolicy - ok
18:34:19.0051 0x08a8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:34:19.0054 0x08a8  i8042prt - ok
18:34:19.0267 0x08a8  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:34:19.0278 0x08a8  iaStor - ok
18:34:19.0546 0x08a8  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:34:19.0567 0x08a8  IAStorDataMgrSvc - ok
18:34:19.0673 0x08a8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:34:19.0688 0x08a8  iaStorV - ok
18:34:19.0984 0x08a8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:34:20.0001 0x08a8  idsvc - ok
18:34:20.0108 0x08a8  IEEtwCollectorService - ok
18:34:23.0084 0x08a8  [ 11BA677667432A99CA261A472A2C29B8, EFC8D490E4971A5E944C5E1F849179AB46423EE664322780DA57BB7C3714A2EF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:34:23.0388 0x08a8  igfx - ok
18:34:23.0469 0x08a8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:34:23.0471 0x08a8  iirsp - ok
18:34:23.0703 0x08a8  [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:34:23.0706 0x08a8  IJPLMSVC - ok
18:34:23.0827 0x08a8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:34:23.0866 0x08a8  IKEEXT - ok
18:34:23.0933 0x08a8  [ BEF622DCE5FC16655100B9C6ABAA4C9C, E81440B179F4D5BCF965BA73F050EB7766D8C7AF8B924D231FEAAA2DD6E1ECDA ] iLokDrvr        C:\Windows\system32\DRIVERS\iLokDrvr.sys
18:34:23.0934 0x08a8  iLokDrvr - ok
18:34:24.0066 0x08a8  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:34:24.0073 0x08a8  IntcDAud - ok
18:34:24.0375 0x08a8  [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
18:34:24.0391 0x08a8  Intel® Capability Licensing Service Interface - ok
18:34:24.0451 0x08a8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:34:24.0452 0x08a8  intelide - ok
18:34:24.0497 0x08a8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:34:24.0499 0x08a8  intelppm - ok
18:34:24.0837 0x08a8  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:34:24.0838 0x08a8  IntuitUpdateServiceV4 - ok
18:34:24.0895 0x08a8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:34:24.0905 0x08a8  IPBusEnum - ok
18:34:24.0931 0x08a8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:24.0933 0x08a8  IpFilterDriver - ok
18:34:25.0106 0x08a8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:34:25.0128 0x08a8  iphlpsvc - ok
18:34:25.0173 0x08a8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:34:25.0175 0x08a8  IPMIDRV - ok
18:34:25.0237 0x08a8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:34:25.0240 0x08a8  IPNAT - ok
18:34:25.0536 0x08a8  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:34:25.0560 0x08a8  iPod Service - ok
18:34:25.0625 0x08a8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:34:25.0626 0x08a8  IRENUM - ok
18:34:25.0651 0x08a8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:34:25.0652 0x08a8  isapnp - ok
18:34:25.0780 0x08a8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:34:25.0786 0x08a8  iScsiPrt - ok
18:34:25.0868 0x08a8  [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
18:34:25.0877 0x08a8  iusb3hcs - ok
18:34:26.0001 0x08a8  [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:34:26.0013 0x08a8  iusb3hub - ok
18:34:26.0312 0x08a8  [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:34:26.0348 0x08a8  iusb3xhc - ok
18:34:26.0432 0x08a8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:26.0433 0x08a8  kbdclass - ok
18:34:26.0488 0x08a8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:34:26.0505 0x08a8  kbdhid - ok
18:34:26.0525 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
18:34:26.0526 0x08a8  KeyIso - ok
18:34:26.0606 0x08a8  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:34:26.0609 0x08a8  KSecDD - ok
18:34:26.0722 0x08a8  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:34:26.0731 0x08a8  KSecPkg - ok
18:34:26.0803 0x08a8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:34:26.0818 0x08a8  ksthunk - ok
18:34:26.0912 0x08a8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:34:26.0925 0x08a8  KtmRm - ok
18:34:27.0034 0x08a8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:34:27.0052 0x08a8  LanmanServer - ok
18:34:27.0104 0x08a8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:34:27.0120 0x08a8  LanmanWorkstation - ok
18:34:27.0235 0x08a8  [ 29FAB5363138F6E322F4CD780ED9D337, 39AE6E21D116AEC9EA65632F3325E848FFBEC6169A88ADC4814639F97A290D91 ] LicCtrlService  C:\Windows\runservice.exe
18:34:27.0236 0x08a8  LicCtrlService - ok
18:34:27.0311 0x08a8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:34:27.0327 0x08a8  lltdio - ok
18:34:27.0467 0x08a8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:34:27.0477 0x08a8  lltdsvc - ok
18:34:27.0505 0x08a8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:34:27.0515 0x08a8  lmhosts - ok
18:34:27.0761 0x08a8  [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:34:27.0771 0x08a8  LMS - ok
18:34:27.0856 0x08a8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:34:27.0868 0x08a8  LSI_FC - ok
18:34:27.0892 0x08a8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:34:27.0903 0x08a8  LSI_SAS - ok
18:34:27.0982 0x08a8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:34:27.0998 0x08a8  LSI_SAS2 - ok
18:34:28.0063 0x08a8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:34:28.0070 0x08a8  LSI_SCSI - ok
18:34:28.0095 0x08a8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:34:28.0109 0x08a8  luafv - ok
18:34:28.0350 0x08a8  [ 0633546736E7816165ADFA5009251CFA, DC8270821D43F72FC64FDD9B51629E92602A5ED4518FEF9B8A8065E13C9928C6 ] MacDrive8ServiceD C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe
18:34:28.0361 0x08a8  MacDrive8ServiceD - ok
18:34:28.0618 0x08a8  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:34:28.0631 0x08a8  MBAMSwissArmy - ok
18:34:28.0857 0x08a8  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
18:34:28.0865 0x08a8  McComponentHostService - ok
18:34:28.0907 0x08a8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:34:28.0918 0x08a8  Mcx2Svc - ok
18:34:29.0133 0x08a8  [ 1F2A22E735646F72BEA9D6E454DE2F57, DAA37ABDFCCB096242C8F495D0F0E261F919CC3B4131F442756841AD08510954 ] MDFSYSNT        C:\Windows\system32\drivers\MDFSYSNT.sys
18:34:29.0142 0x08a8  MDFSYSNT - ok
18:34:29.0289 0x08a8  [ E742557A08EABCCC897D79717DB2D5FE, 09F2245890D890CBB4EA22BB99BC988166D0B873867970C09EA6DE2EDFE3198F ] MDPMGRNT        C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
18:34:29.0301 0x08a8  MDPMGRNT - ok
18:34:29.0337 0x08a8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:34:29.0338 0x08a8  megasas - ok
18:34:29.0402 0x08a8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:34:29.0422 0x08a8  MegaSR - ok
18:34:29.0517 0x08a8  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:34:29.0518 0x08a8  MEIx64 - ok
18:34:30.0118 0x08a8  Microsoft SharePoint Workspace Audit Service - ok
18:34:30.0172 0x08a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:34:30.0180 0x08a8  MMCSS - ok
18:34:30.0235 0x08a8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:34:30.0236 0x08a8  Modem - ok
18:34:30.0260 0x08a8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:34:30.0261 0x08a8  monitor - ok
18:34:30.0345 0x08a8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:34:30.0346 0x08a8  mouclass - ok
18:34:30.0395 0x08a8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:34:30.0396 0x08a8  mouhid - ok
18:34:30.0478 0x08a8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:34:30.0480 0x08a8  mountmgr - ok
18:34:30.0677 0x08a8  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:34:30.0680 0x08a8  MozillaMaintenance - ok
18:34:30.0733 0x08a8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:34:30.0736 0x08a8  mpio - ok
18:34:30.0825 0x08a8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:34:30.0834 0x08a8  mpsdrv - ok
18:34:31.0077 0x08a8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:34:31.0112 0x08a8  MpsSvc - ok
18:34:31.0225 0x08a8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:34:31.0228 0x08a8  MRxDAV - ok
18:34:31.0296 0x08a8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:31.0299 0x08a8  mrxsmb - ok
18:34:31.0376 0x08a8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:31.0382 0x08a8  mrxsmb10 - ok
18:34:31.0408 0x08a8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:31.0410 0x08a8  mrxsmb20 - ok
18:34:31.0485 0x08a8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:34:31.0500 0x08a8  msahci - ok
18:34:31.0570 0x08a8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:34:31.0587 0x08a8  msdsm - ok
18:34:31.0663 0x08a8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:34:31.0672 0x08a8  MSDTC - ok
18:34:31.0699 0x08a8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:34:31.0700 0x08a8  Msfs - ok
18:34:31.0770 0x08a8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:34:31.0781 0x08a8  mshidkmdf - ok
18:34:31.0834 0x08a8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:34:31.0848 0x08a8  msisadrv - ok
18:34:31.0944 0x08a8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:34:31.0961 0x08a8  MSiSCSI - ok
18:34:31.0966 0x08a8  msiserver - ok
18:34:32.0032 0x08a8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:34:32.0033 0x08a8  MSKSSRV - ok
18:34:32.0093 0x08a8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:32.0094 0x08a8  MSPCLOCK - ok
18:34:32.0148 0x08a8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:34:32.0149 0x08a8  MSPQM - ok
18:34:32.0258 0x08a8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:34:32.0267 0x08a8  MsRPC - ok
18:34:32.0290 0x08a8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:34:32.0291 0x08a8  mssmbios - ok
18:34:32.0343 0x08a8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:34:32.0356 0x08a8  MSTEE - ok
18:34:32.0383 0x08a8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:34:32.0396 0x08a8  MTConfig - ok
18:34:32.0417 0x08a8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:34:32.0419 0x08a8  Mup - ok
18:34:32.0546 0x08a8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:34:32.0565 0x08a8  napagent - ok
18:34:32.0722 0x08a8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:34:32.0732 0x08a8  NativeWifiP - ok
18:34:33.0102 0x08a8  [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
18:34:33.0132 0x08a8  NAUpdate - ok
18:34:33.0442 0x08a8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:34:33.0462 0x08a8  NDIS - ok
18:34:33.0522 0x08a8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:34:33.0542 0x08a8  NdisCap - ok
18:34:33.0592 0x08a8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:33.0592 0x08a8  NdisTapi - ok
18:34:33.0612 0x08a8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:33.0612 0x08a8  Ndisuio - ok
18:34:33.0682 0x08a8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:33.0692 0x08a8  NdisWan - ok
18:34:33.0702 0x08a8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:34:33.0702 0x08a8  NDProxy - ok
18:34:33.0832 0x08a8  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
18:34:33.0852 0x08a8  Netaapl - ok
18:34:33.0912 0x08a8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:34:33.0912 0x08a8  NetBIOS - ok
18:34:33.0962 0x08a8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:34:33.0962 0x08a8  NetBT - ok
18:34:33.0992 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
18:34:34.0002 0x08a8  Netlogon - ok
18:34:34.0102 0x08a8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:34:34.0102 0x08a8  Netman - ok
18:34:34.0822 0x08a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0832 0x08a8  NetMsmqActivator - ok
18:34:34.0842 0x08a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0852 0x08a8  NetPipeActivator - ok
18:34:34.0982 0x08a8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:34:35.0002 0x08a8  netprofm - ok
18:34:35.0042 0x08a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:35.0042 0x08a8  NetTcpActivator - ok
18:34:35.0052 0x08a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:35.0062 0x08a8  NetTcpPortSharing - ok
18:34:35.0112 0x08a8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:34:35.0122 0x08a8  nfrd960 - ok
18:34:35.0242 0x08a8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:34:35.0262 0x08a8  NlaSvc - ok
18:34:36.0132 0x08a8  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:34:36.0232 0x08a8  NOBU - ok
18:34:36.0272 0x08a8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:34:36.0272 0x08a8  Npfs - ok
18:34:36.0312 0x08a8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:34:36.0332 0x08a8  nsi - ok
18:34:36.0353 0x08a8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:34:36.0363 0x08a8  nsiproxy - ok
18:34:36.0793 0x08a8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:34:36.0823 0x08a8  Ntfs - ok
18:34:36.0873 0x08a8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:34:36.0873 0x08a8  Null - ok
18:34:36.0933 0x08a8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:34:36.0953 0x08a8  nvraid - ok
18:34:37.0053 0x08a8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:34:37.0063 0x08a8  nvstor - ok
18:34:37.0093 0x08a8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:34:37.0103 0x08a8  nv_agp - ok
18:34:37.0143 0x08a8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:34:37.0163 0x08a8  ohci1394 - ok
18:34:37.0263 0x08a8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:37.0273 0x08a8  ose - ok
18:34:38.0663 0x08a8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:34:38.0843 0x08a8  osppsvc - ok
18:34:38.0913 0x08a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:34:38.0923 0x08a8  p2pimsvc - ok
18:34:38.0973 0x08a8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:34:38.0993 0x08a8  p2psvc - ok
18:34:42.0754 0x08a8  [ E9C9E3C98664D0ACA55E4CEAA8868B94, 444B2BE9B48FB17F05E3FB29919C3D65BDD535756AD2463F3702645B73336C92 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:34:43.0354 0x08a8  PaceLicenseDServices - ok
18:34:43.0445 0x08a8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:34:43.0445 0x08a8  Parport - ok
18:34:43.0525 0x08a8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:34:43.0525 0x08a8  partmgr - ok
18:34:43.0635 0x08a8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:34:43.0645 0x08a8  PcaSvc - ok
18:34:43.0745 0x08a8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:34:43.0745 0x08a8  pci - ok
18:34:43.0815 0x08a8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:34:43.0825 0x08a8  pciide - ok
18:34:43.0905 0x08a8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:34:43.0915 0x08a8  pcmcia - ok
18:34:43.0935 0x08a8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:34:43.0945 0x08a8  pcw - ok
18:34:44.0195 0x08a8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:34:44.0235 0x08a8  PEAUTH - ok
18:34:44.0436 0x08a8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:34:44.0446 0x08a8  PerfHost - ok
18:34:44.0796 0x08a8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:34:44.0836 0x08a8  pla - ok
18:34:44.0976 0x08a8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:34:44.0986 0x08a8  PlugPlay - ok
18:34:45.0016 0x08a8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:34:45.0026 0x08a8  PNRPAutoReg - ok
18:34:45.0116 0x08a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:34:45.0126 0x08a8  PNRPsvc - ok
18:34:45.0276 0x08a8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:34:45.0286 0x08a8  PolicyAgent - ok
18:34:45.0386 0x08a8  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
18:34:45.0396 0x08a8  Power - ok
18:34:45.0456 0x08a8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:34:45.0456 0x08a8  PptpMiniport - ok
18:34:45.0486 0x08a8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:34:45.0486 0x08a8  Processor - ok
18:34:45.0606 0x08a8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:34:45.0626 0x08a8  ProfSvc - ok
18:34:45.0656 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:34:45.0656 0x08a8  ProtectedStorage - ok
18:34:45.0756 0x08a8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:34:45.0766 0x08a8  Psched - ok
18:34:46.0196 0x08a8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:34:46.0226 0x08a8  ql2300 - ok
18:34:46.0266 0x08a8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:34:46.0276 0x08a8  ql40xx - ok
18:34:46.0356 0x08a8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:34:46.0376 0x08a8  QWAVE - ok
18:34:46.0396 0x08a8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:34:46.0406 0x08a8  QWAVEdrv - ok
18:34:46.0436 0x08a8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:34:46.0436 0x08a8  RasAcd - ok
18:34:46.0516 0x08a8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:34:46.0536 0x08a8  RasAgileVpn - ok
18:34:46.0596 0x08a8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:34:46.0596 0x08a8  RasAuto - ok
18:34:46.0636 0x08a8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:46.0636 0x08a8  Rasl2tp - ok
18:34:46.0736 0x08a8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:34:46.0766 0x08a8  RasMan - ok
18:34:46.0786 0x08a8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:46.0786 0x08a8  RasPppoe - ok
18:34:46.0846 0x08a8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:34:46.0846 0x08a8  RasSstp - ok
18:34:46.0956 0x08a8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:34:46.0966 0x08a8  rdbss - ok
18:34:46.0986 0x08a8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:34:47.0006 0x08a8  rdpbus - ok
18:34:47.0036 0x08a8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:47.0036 0x08a8  RDPCDD - ok
18:34:47.0106 0x08a8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:34:47.0116 0x08a8  RDPENCDD - ok
18:34:47.0126 0x08a8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:34:47.0126 0x08a8  RDPREFMP - ok
18:34:47.0246 0x08a8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:34:47.0246 0x08a8  RDPWD - ok
18:34:47.0296 0x08a8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:34:47.0316 0x08a8  rdyboost - ok
18:34:47.0416 0x08a8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:34:47.0426 0x08a8  RemoteAccess - ok
18:34:47.0496 0x08a8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:34:47.0506 0x08a8  RemoteRegistry - ok
18:34:47.0586 0x08a8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:34:47.0596 0x08a8  RFCOMM - ok
18:34:47.0656 0x08a8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:34:47.0676 0x08a8  RpcEptMapper - ok
18:34:47.0726 0x08a8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:34:47.0736 0x08a8  RpcLocator - ok
18:34:47.0846 0x08a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:34:47.0856 0x08a8  RpcSs - ok
18:34:47.0906 0x08a8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:34:47.0916 0x08a8  rspndr - ok
18:34:48.0046 0x08a8  [ 40817D2DA49866C55781DB7601ABCEC1, 6E92573A4CFA701C5359849BD7502D2716165A154B2FC3BE0EDD1CF7D9452ABB ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
18:34:48.0056 0x08a8  RSUSBVSTOR - ok
18:34:48.0236 0x08a8  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:34:48.0266 0x08a8  RTL8167 - ok
18:34:48.0286 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
18:34:48.0286 0x08a8  SamSs - ok
18:34:48.0326 0x08a8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:34:48.0336 0x08a8  sbp2port - ok
18:34:48.0446 0x08a8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:34:48.0476 0x08a8  SCardSvr - ok
18:34:48.0586 0x08a8  [ DD8C29C96307FDBD2DFA6F1730FBCE9A, C0B5DA32EF9913634C0ABFDADA371AC4A909CD83ED174B311EF00AFFA13B3A38 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:34:48.0596 0x08a8  SCDEmu - ok
18:34:48.0646 0x08a8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:34:48.0656 0x08a8  scfilter - ok
18:34:48.0736 0x08a8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:34:48.0766 0x08a8  Schedule - ok
18:34:48.0816 0x08a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:34:48.0816 0x08a8  SCPolicySvc - ok
18:34:48.0956 0x08a8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:34:48.0976 0x08a8  SDRSVC - ok
18:34:49.0046 0x08a8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:34:49.0066 0x08a8  secdrv - ok
18:34:49.0166 0x08a8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:34:49.0166 0x08a8  seclogon - ok
18:34:49.0196 0x08a8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:34:49.0196 0x08a8  SENS - ok
18:34:49.0236 0x08a8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:34:49.0246 0x08a8  SensrSvc - ok
18:34:49.0266 0x08a8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:34:49.0276 0x08a8  Serenum - ok
18:34:49.0296 0x08a8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:34:49.0296 0x08a8  Serial - ok
18:34:49.0316 0x08a8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:34:49.0316 0x08a8  sermouse - ok
18:34:49.0356 0x08a8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:34:49.0366 0x08a8  SessionEnv - ok
18:34:49.0396 0x08a8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:34:49.0396 0x08a8  sffdisk - ok
18:34:49.0417 0x08a8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:34:49.0417 0x08a8  sffp_mmc - ok
18:34:49.0447 0x08a8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:34:49.0447 0x08a8  sffp_sd - ok
18:34:49.0467 0x08a8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:34:49.0467 0x08a8  sfloppy - ok
18:34:49.0577 0x08a8  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
18:34:49.0597 0x08a8  Sftfs - ok
18:34:49.0727 0x08a8  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:34:49.0747 0x08a8  sftlist - ok
18:34:49.0817 0x08a8  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:34:49.0827 0x08a8  Sftplay - ok
18:34:49.0887 0x08a8  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:34:49.0887 0x08a8  Sftredir - ok
18:34:50.0017 0x08a8  [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:34:50.0097 0x08a8  SftService - ok
18:34:50.0117 0x08a8  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
18:34:50.0127 0x08a8  Sftvol - ok
18:34:50.0217 0x08a8  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:34:50.0217 0x08a8  sftvsa - ok
18:34:50.0277 0x08a8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:34:50.0287 0x08a8  SharedAccess - ok
18:34:50.0337 0x08a8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:50.0347 0x08a8  ShellHWDetection - ok
18:34:50.0397 0x08a8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:34:50.0397 0x08a8  SiSRaid2 - ok
18:34:50.0417 0x08a8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:34:50.0417 0x08a8  SiSRaid4 - ok
18:34:50.0667 0x08a8  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:50.0667 0x08a8  SkypeUpdate - ok
18:34:50.0717 0x08a8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:34:50.0737 0x08a8  Smb - ok
18:34:50.0807 0x08a8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:34:50.0817 0x08a8  SNMPTRAP - ok
18:34:50.0857 0x08a8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:34:50.0867 0x08a8  spldr - ok
18:34:50.0977 0x08a8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:34:50.0987 0x08a8  Spooler - ok
18:34:51.0247 0x08a8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:34:51.0387 0x08a8  sppsvc - ok
18:34:51.0487 0x08a8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:34:51.0677 0x08a8  sppuinotify - ok
18:34:51.0737 0x08a8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:34:51.0747 0x08a8  srv - ok
18:34:51.0787 0x08a8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:34:51.0797 0x08a8  srv2 - ok
18:34:51.0827 0x08a8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:34:51.0837 0x08a8  srvnet - ok
18:34:51.0897 0x08a8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:34:51.0907 0x08a8  SSDPSRV - ok
18:34:51.0947 0x08a8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:34:51.0947 0x08a8  SstpSvc - ok
18:34:51.0987 0x08a8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:34:51.0997 0x08a8  stexstor - ok
18:34:52.0057 0x08a8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:34:52.0067 0x08a8  stisvc - ok
18:34:52.0237 0x08a8  [ EFA2DB02EE5292C103B97F615C0BDCA2, 64DBE2D880A3C6F2A20ECAB494D4AB7135DBCC8AC8DADF3158772DE32DB83494 ] Subsonic        C:\Program Files (x86)\Subsonic\subsonic-service.exe
18:34:52.0247 0x08a8  Subsonic - ok
18:34:52.0277 0x08a8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:34:52.0287 0x08a8  swenum - ok
18:34:52.0367 0x08a8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:34:52.0377 0x08a8  swprv - ok
18:34:52.0457 0x08a8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:34:52.0517 0x08a8  SysMain - ok
18:34:52.0577 0x08a8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:52.0577 0x08a8  TabletInputService - ok
18:34:52.0687 0x08a8  [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
18:34:52.0687 0x08a8  taphss6 - ok
18:34:52.0747 0x08a8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:34:52.0757 0x08a8  TapiSrv - ok
18:34:52.0787 0x08a8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:34:52.0797 0x08a8  TBS - ok
18:34:52.0927 0x08a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:34:52.0987 0x08a8  Tcpip - ok
18:34:53.0037 0x08a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:34:53.0087 0x08a8  TCPIP6 - ok
18:34:53.0127 0x08a8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:34:53.0127 0x08a8  tcpipreg - ok
18:34:53.0237 0x08a8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:34:53.0237 0x08a8  TDPIPE - ok
18:34:53.0267 0x08a8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:34:53.0267 0x08a8  TDTCP - ok
18:34:53.0327 0x08a8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:34:53.0327 0x08a8  tdx - ok
18:34:53.0417 0x08a8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:34:53.0427 0x08a8  TermDD - ok
18:34:53.0497 0x08a8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:34:53.0517 0x08a8  TermService - ok
18:34:53.0547 0x08a8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:34:53.0547 0x08a8  Themes - ok
18:34:53.0587 0x08a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:34:53.0587 0x08a8  THREADORDER - ok
18:34:53.0647 0x08a8  [ D154DD00C8F12D94C9CC94027356B6E4, 501026564147DC43D0764521816B8D20576DA8F5D9DB0D2D8D3A16AA48A534A3 ] Tpkd            C:\Windows\system32\drivers\Tpkd.sys
18:34:53.0647 0x08a8  Tpkd - ok
18:34:53.0687 0x08a8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:34:53.0697 0x08a8  TrkWks - ok
18:34:53.0817 0x08a8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:53.0827 0x08a8  TrustedInstaller - ok
18:34:53.0887 0x08a8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:53.0887 0x08a8  tssecsrv - ok
18:34:53.0997 0x08a8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:34:54.0007 0x08a8  TsUsbFlt - ok
18:34:54.0027 0x08a8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:34:54.0027 0x08a8  TsUsbGD - ok
18:34:54.0067 0x08a8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:34:54.0067 0x08a8  tunnel - ok
18:34:54.0097 0x08a8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:34:54.0097 0x08a8  uagp35 - ok
18:34:54.0127 0x08a8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:34:54.0137 0x08a8  udfs - ok
18:34:54.0217 0x08a8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:34:54.0227 0x08a8  UI0Detect - ok
18:34:54.0237 0x08a8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:34:54.0247 0x08a8  uliagpkx - ok
18:34:54.0257 0x08a8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:34:54.0267 0x08a8  umbus - ok
18:34:54.0297 0x08a8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:34:54.0297 0x08a8  UmPass - ok
18:34:54.0417 0x08a8  [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:34:54.0437 0x08a8  UNS - ok
18:34:54.0547 0x08a8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:34:54.0557 0x08a8  upnphost - ok
18:34:54.0597 0x08a8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:34:54.0597 0x08a8  USBAAPL64 - ok
18:34:54.0707 0x08a8  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:54.0707 0x08a8  usbccgp - ok
18:34:54.0777 0x08a8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:34:54.0777 0x08a8  usbcir - ok
18:34:54.0887 0x08a8  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:34:54.0887 0x08a8  usbehci - ok
18:34:54.0977 0x08a8  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:34:54.0987 0x08a8  usbhub - ok
18:34:55.0047 0x08a8  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:34:55.0057 0x08a8  usbohci - ok
18:34:55.0087 0x08a8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:34:55.0087 0x08a8  usbprint - ok
18:34:55.0157 0x08a8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:34:55.0157 0x08a8  usbscan - ok
18:34:55.0187 0x08a8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:55.0187 0x08a8  USBSTOR - ok
18:34:55.0257 0x08a8  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:34:55.0257 0x08a8  usbuhci - ok
18:34:55.0347 0x08a8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:34:55.0357 0x08a8  usbvideo - ok
18:34:55.0397 0x08a8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:34:55.0397 0x08a8  UxSms - ok
18:34:55.0417 0x08a8  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
18:34:55.0417 0x08a8  VaultSvc - ok
18:34:55.0437 0x08a8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:34:55.0437 0x08a8  vdrvroot - ok
18:34:55.0487 0x08a8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:34:55.0497 0x08a8  vds - ok
18:34:55.0527 0x08a8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:55.0527 0x08a8  vga - ok
18:34:55.0547 0x08a8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:34:55.0547 0x08a8  VgaSave - ok
18:34:55.0567 0x08a8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:34:55.0577 0x08a8  vhdmp - ok
18:34:55.0637 0x08a8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:34:55.0637 0x08a8  viaide - ok
18:34:55.0657 0x08a8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:34:55.0657 0x08a8  volmgr - ok
18:34:55.0687 0x08a8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:34:55.0687 0x08a8  volmgrx - ok
18:34:55.0717 0x08a8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:34:55.0727 0x08a8  volsnap - ok
18:34:55.0747 0x08a8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:34:55.0757 0x08a8  vsmraid - ok
18:34:55.0827 0x08a8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:34:55.0867 0x08a8  VSS - ok
18:34:55.0907 0x08a8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:55.0907 0x08a8  vwifibus - ok
18:34:55.0917 0x08a8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:55.0917 0x08a8  vwififlt - ok
18:34:55.0967 0x08a8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:34:55.0987 0x08a8  W32Time - ok
18:34:55.0997 0x08a8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:34:56.0007 0x08a8  WacomPen - ok
18:34:56.0027 0x08a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:34:56.0027 0x08a8  WANARP - ok
18:34:56.0037 0x08a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:34:56.0037 0x08a8  Wanarpv6 - ok
18:34:56.0167 0x08a8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:34:56.0217 0x08a8  WatAdminSvc - ok
18:34:56.0287 0x08a8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:34:56.0337 0x08a8  wbengine - ok
18:34:56.0367 0x08a8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:34:56.0377 0x08a8  WbioSrvc - ok
18:34:56.0397 0x08a8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:34:56.0407 0x08a8  wcncsvc - ok
18:34:56.0437 0x08a8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:56.0437 0x08a8  WcsPlugInService - ok
18:34:56.0467 0x08a8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:34:56.0477 0x08a8  Wd - ok
18:34:56.0517 0x08a8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:34:56.0517 0x08a8  WDC_SAM - ok
18:34:56.0597 0x08a8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:34:56.0617 0x08a8  Wdf01000 - ok
18:34:56.0687 0x08a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:34:56.0687 0x08a8  WdiServiceHost - ok
18:34:56.0697 0x08a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:34:56.0697 0x08a8  WdiSystemHost - ok
18:34:56.0757 0x08a8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:34:56.0767 0x08a8  WebClient - ok
18:34:56.0807 0x08a8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:34:56.0817 0x08a8  Wecsvc - ok
18:34:56.0837 0x08a8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:34:56.0837 0x08a8  wercplsupport - ok
18:34:56.0887 0x08a8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:34:56.0887 0x08a8  WerSvc - ok
18:34:56.0927 0x08a8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:56.0927 0x08a8  WfpLwf - ok
18:34:56.0987 0x08a8  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:34:56.0987 0x08a8  WimFltr - ok
18:34:57.0007 0x08a8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:34:57.0007 0x08a8  WIMMount - ok
18:34:57.0047 0x08a8  WinDefend - ok
18:34:57.0077 0x08a8  WinHttpAutoProxySvc - ok
18:34:57.0157 0x08a8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:34:57.0167 0x08a8  Winmgmt - ok
18:34:57.0468 0x08a8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:34:57.0528 0x08a8  WinRM - ok
18:34:57.0588 0x08a8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:57.0608 0x08a8  WinUsb - ok
18:34:57.0708 0x08a8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:34:57.0738 0x08a8  Wlansvc - ok
18:34:57.0808 0x08a8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:34:57.0808 0x08a8  wlcrasvc - ok
18:34:58.0368 0x08a8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:34:58.0498 0x08a8  wlidsvc - ok
18:34:58.0648 0x08a8  [ 2C5A3F8988129D315FEFF2DE79CB0B1D, 24BA824154DC661CB25541749E30D2D5E63C4732C44C1F9835A32B8DB2FC9B51 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
18:34:58.0658 0x08a8  wltrysvc - ok
18:34:58.0768 0x08a8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:34:58.0808 0x08a8  WmiAcpi - ok
18:34:58.0838 0x08a8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:34:58.0848 0x08a8  wmiApSrv - ok
18:34:58.0928 0x08a8  WMPNetworkSvc - ok
18:34:58.0978 0x08a8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:34:58.0988 0x08a8  WPCSvc - ok
18:34:59.0038 0x08a8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:34:59.0058 0x08a8  WPDBusEnum - ok
18:34:59.0158 0x08a8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:34:59.0158 0x08a8  ws2ifsl - ok
18:34:59.0468 0x08a8  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
18:34:59.0468 0x08a8  WsAudioDevice_383S(1) - ok
18:34:59.0508 0x08a8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:34:59.0518 0x08a8  wscsvc - ok
18:34:59.0608 0x08a8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:34:59.0618 0x08a8  WSDPrintDevice - ok
18:34:59.0708 0x08a8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
18:34:59.0828 0x08a8  WSDScan - ok
18:34:59.0838 0x08a8  WSearch - ok
18:34:59.0978 0x08a8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:35:00.0048 0x08a8  wuauserv - ok
18:35:00.0108 0x08a8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:35:00.0118 0x08a8  WudfPf - ok
18:35:00.0128 0x08a8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:00.0138 0x08a8  WUDFRd - ok
18:35:00.0158 0x08a8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:35:00.0158 0x08a8  wudfsvc - ok
18:35:00.0228 0x08a8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:35:00.0238 0x08a8  WwanSvc - ok
18:35:00.0258 0x08a8  ================ Scan global ===============================
18:35:00.0288 0x08a8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:35:00.0368 0x08a8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:00.0378 0x08a8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:00.0418 0x08a8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:35:00.0458 0x08a8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:35:00.0468 0x08a8  [ Global ] - ok
18:35:00.0468 0x08a8  ================ Scan MBR ==================================
18:35:00.0478 0x08a8  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:35:00.0628 0x08a8  \Device\Harddisk0\DR0 - ok
18:35:00.0628 0x08a8  ================ Scan VBR ==================================
18:35:00.0638 0x08a8  [ F80361B9C460473CC5CFD80B47ACAC68 ] \Device\Harddisk0\DR0\Partition1
18:35:00.0638 0x08a8  \Device\Harddisk0\DR0\Partition1 - ok
18:35:00.0638 0x08a8  [ 2F6F8880C09395F15804CD97F7E9957E ] \Device\Harddisk0\DR0\Partition2
18:35:00.0638 0x08a8  \Device\Harddisk0\DR0\Partition2 - ok
18:35:00.0648 0x08a8  ================ Scan generic autorun ======================
18:35:01.0378 0x08a8  [ 5D5A1EB211F2A6B044FB5E578D0E4A89, FA28C5E7FBC2E70D432AD0DD2CCB9930F77C796A5324AEEBEAB9D7FC7F19B954 ] C:\Program Files\Elantech\ETDCtrl.exe
18:35:01.0459 0x08a8  ETDCtrl - ok
18:35:01.0619 0x08a8  [ 453D907648E6DECB03CDD5CAA576374E, 88409BA82A1284B5C6A678DFBF639A7C230FB121A23112059397E30DF8BE7D6E ] C:\Windows\system32\igfxtray.exe
18:35:01.0629 0x08a8  IgfxTray - ok
18:35:01.0649 0x08a8  [ 4DDDE62E3EA6791054E774E583C02B4F, F956D69D26202A58417869045585D4EBC713DCEA156F30B0B4241747B72EFEB9 ] C:\Windows\system32\hkcmd.exe
18:35:01.0659 0x08a8  HotKeysCmds - ok
18:35:01.0709 0x08a8  [ 7BD4EC619DCBA031C43E628FBF60CEF0, 45D6F61E4D61A0CFC5D90C44D091127A27B28ACB5CAD37E921F0FB80B52C9056 ] C:\Windows\system32\igfxpers.exe
18:35:01.0719 0x08a8  Persistence - ok
18:35:01.0969 0x08a8  [ B3F2D117CC3A5DC3456D8FCAACCC9426, 62E883D10184E3347C8CEC7C1F5C95C330D87BED8F7FDAE3C5841583EFDA6453 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
18:35:02.0169 0x08a8  QuickSet - ok
18:35:02.0299 0x08a8  [ CEA9CC9F13E82893327CBCE5FAA90D1A, 1E33ECF11841CEAC20BB26C05356180E31A4C1030BBA0E69F2952117BA02A946 ] C:\Program Files\CONEXANT\SA3\SACpl.exe
18:35:02.0349 0x08a8  SmartAudio - ok
18:35:02.0619 0x08a8  [ 0D11F5CFC330A32D3E9EB51BBD135208, 80A04EB9B4EF3A71519E6C95EA9880AADB9926236FAB9B5230477146F4EFEFE0 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
18:35:02.0859 0x08a8  Broadcom Wireless Manager UI - ok
18:35:03.0009 0x08a8  [ 1136B11FB4B6A598051BD9648A798F7C, 9019F8479325959F8DC7415E5607AE7B90B6755F435D4E3D0E90D44CD25C2BCD ] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
18:35:03.0059 0x08a8  Stage Remote - ok
18:35:03.0199 0x08a8  [ 812DD9FBA5EF2136AEF738CAA499D47C, 239BF6A71916512FD3979DB334491C4FF399F5E95BE02F25A1DF81C171D17C42 ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
18:35:03.0259 0x08a8  DellStage - ok
18:35:03.0329 0x08a8  [ 0BE8EFCEE5813F60CD2D3D67088143D7, C6CC9AFFA9926EF4DC4DD421F86ACECE8F80013FB36B5FD14C19DF330B2171BE ] C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe
18:35:03.0339 0x08a8  MacDrive 8 application for Digidesign - ok
18:35:03.0389 0x08a8  [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
18:35:03.0399 0x08a8  IAStorIcon - ok
18:35:03.0479 0x08a8  [ 2A510D5500FD4C50A9E38DF85478F862, 88F3B45169CE181F6F5BF923ACDB27D19D5FE8553DEE8E9DD0090E69D721BC5D ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:35:03.0489 0x08a8  USB3MON - ok
18:35:03.0779 0x08a8  [ 2EF0B3C51971F51ED700C01CFBC5B82A, 5EF6CEFA0D7F38EDBE8A3BB518E49B82CDCDD8BC76E6019FD142A28A08D01223 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
18:35:03.0799 0x08a8  Dell Webcam Central - ok
18:35:04.0179 0x08a8  [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
18:35:04.0219 0x08a8  Dell DataSafe Online - ok
18:35:04.0269 0x08a8  Adobe Reader Speed Launcher - ok
18:35:04.0539 0x08a8  [ 918850CDD168605454665D160B034837, 1D2E61C72DD8854837281A618A7DD7F47054EFF912DF4736690304B3794918A3 ] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
18:35:04.0559 0x08a8  NeroLauncher - ok
18:35:04.0879 0x08a8  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:35:04.0879 0x08a8  APSDaemon - ok
18:35:04.0959 0x08a8  [ 53EDBE9C1D6B0CEC11A573852B5B6DAD, E4A6B00AA93F2E8BBA7149601A37D7388E0A5EC48CD95A0BD94939FD96726811 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
18:35:04.0989 0x08a8  AccuWeatherWidget - ok
18:35:05.0419 0x08a8  [ CDFFB0058BA113ED8C6099DE11FAAD49, D258D1F340734113C1E538C32DF15011009C19A9E88E0F471E3D8387D4EA7AEB ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
18:35:05.0459 0x08a8  CanonQuickMenu - ok
18:35:05.0549 0x08a8  [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
18:35:05.0559 0x08a8  IJNetworkScannerSelectorEX - ok
18:35:05.0699 0x08a8  [ D5864EA9DE2E9C2EA8777A564E3E4408, 708BACADE4B873E14A9DB5EC9E7C68055348E2D0909BA0B83036DC002D161C10 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
18:35:05.0709 0x08a8  AmazonGSDownloaderTray - ok
18:35:05.0779 0x08a8  DigidesignMMERefresh - ok
18:35:05.0869 0x08a8  SearchProtection - ok
18:35:06.0279 0x08a8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:35:06.0379 0x08a8  Adobe ARM - ok
18:35:06.0500 0x08a8  [ 355A719E6B7531B1EC0BDBC5F68AEFDD, BB18669FCCFFE50882F5FE8D4444B31F59D661A30CC784E989A10F96A8DE3678 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
18:35:06.0510 0x08a8  PWRISOVM.EXE - ok
18:35:06.0660 0x08a8  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:35:06.0670 0x08a8  BCSSync - ok
18:35:06.0810 0x08a8  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
18:35:06.0820 0x08a8  QuickTime Task - ok
18:35:06.0960 0x08a8  [ D2E3E6D94A9E1CFA1561D9C748136FD0, C8CD851F1872086D18A329B47C7DEFAD2CE2E3A8F4321411247D06D07B2DB1D3 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:35:06.0960 0x08a8  iTunesHelper - ok
18:35:07.0050 0x08a8  [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:35:07.0070 0x08a8  SunJavaUpdateSched - ok
18:35:07.0230 0x08a8  [ 9C2078437D6FC541BD268BA903F6AEB4, CB622E82C65E0E4E9E52381BEAAB784AB6A3893BE34476D69B89F012CC1AC3C9 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
18:35:07.0270 0x08a8  Wondershare Helper Compact.exe - ok
18:35:07.0540 0x08a8  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\markbrut\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:35:07.0570 0x08a8  Spotify Web Helper - ok
18:35:07.0700 0x08a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\markbrut\AppData\Local\Google\Update\GoogleUpdate.exe
18:35:07.0700 0x08a8  Google Update - ok
18:35:07.0780 0x08a8  [ 8BBDBEBCF62898D56AB584A373A461E7, 627F24C96576C51255794DCD4DFAA39C0F0334F5E1EF69EC552DE357C2C16228 ] C:\Users\markbrut\AppData\Local\Workspace\WorkspaceUpdate.exe
18:35:07.0780 0x08a8  Starfield Updater - ok
18:35:07.0880 0x08a8  [ EF781AFBC36024FDB024D67ED8EFB44A, FC91AB3C391695456B5849987E73DCF1CFBD1B31675B25E5B01D3865270A8CFB ] C:\Program Files (x86)\Backblaze\bzbui.exe
18:35:07.0890 0x08a8  Backblaze - ok
18:35:07.0960 0x08a8  [ 9253A2AD7AB3BA4D421755E30A101197, 6B43731F9D4AA2AC950BF0219ECD4F79FC4D88109C116C038EC9CD7AA08ABFCE ] C:\Users\markbrut\AppData\Local\Workspace\wben.exe
18:35:07.0980 0x08a8  wben - ok
18:35:08.0080 0x08a8  [ 9CA3F552644E7FB6A318FAE7C314DC5C, 1720FF5BFD58F96CD05546B02F214F7371EA85997000F36E243CAB9C6E00DF34 ] C:\Users\markbrut\AppData\Local\Workspace\workspacestatus.exe
18:35:08.0100 0x08a8  Workspace Status - ok
18:35:08.0100 0x08a8  Waiting for KSN requests completion. In queue: 220
18:35:09.0100 0x08a8  Waiting for KSN requests completion. In queue: 220
18:35:10.0101 0x08a8  Waiting for KSN requests completion. In queue: 220
18:35:11.0111 0x08a8  Win FW state via NFP2: enabled
18:35:14.0392 0x08a8  ============================================================
18:35:14.0392 0x08a8  Scan finished
18:35:14.0392 0x08a8  ============================================================
18:35:14.0392 0x0124  Detected object count: 0
18:35:14.0392 0x0124  Actual detected object count: 0A

 

ADW CLEANER:

 

# AdwCleaner v4.111 - Logfile created 08/03/2015 at 15:11:22
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : markbrut - MARKBRUT-PC
# Running from : C:\Users\markbrut\Downloads\adwcleaner_4.111.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\markbrut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
File Found : C:\Users\markbrut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
File Found : C:\Users\markbrut\AppData\Roaming\Mozilla\Firefox\Profiles\lo9a5kzz.default\invalidprefs.js
File Found : C:\Users\markbrut\AppData\Roaming\Mozilla\Firefox\Profiles\lo9a5kzz.default\user.js
File Found : C:\Users\markbrut\Desktop\jZip.lnk
Folder Found : C:\Program Files (x86)\jZip
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\WebConnect
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\markbrut\AppData\Local\jZip
Folder Found : C:\Users\markbrut\AppData\Local\Temp\jZip
Folder Found : C:\Users\markbrut\AppData\Roaming\DigitalSites
Folder Found : C:\Users\markbrut\AppData\Roaming\download Manager
Folder Found : C:\Users\markbrut\Documents\Optimizer Pro
Folder Found : C:\Users\markbrut\Documents\Updater

***** [ Scheduled tasks ] *****

Task Found : Digital Sites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1;127.0.0.1:9421;<local>;*.local
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\AppDataLow\Software\HappyLyrics
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\jZip
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\jZip
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186608}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\jZip.file
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik
Key Found : HKLM\SOFTWARE\InfoAtoms
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\jZip
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186608}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtection]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v36.0.1 (x86 en-US)

[lo9a5kzz.default] - Line Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [6901 bytes] - [08/03/2015 15:11:22]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6960 bytes] ##########
# AdwCleaner v4.112 - Logfile created 13/03/2015 at 18:37:56
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : markbrut - MARKBRUT-PC
# Running from : C:\Users\markbrut\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****

Task Found : Digital Sites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186608}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\jZip.file
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik
Key Found : HKLM\SOFTWARE\InfoAtoms
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\jZip
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186608}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtection]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [11819 bytes] - [08/03/2015 15:11:22]
AdwCleaner[R1].txt - [6932 bytes] - [08/03/2015 15:42:23]
AdwCleaner[R2].txt - [970 bytes] - [08/03/2015 17:51:50]
AdwCleaner[R3].txt - [1028 bytes] - [08/03/2015 19:06:12]
AdwCleaner[S0].txt - [7002 bytes] - [08/03/2015 15:45:29]
AdwCleaner[S1].txt - [1095 bytes] - [08/03/2015 19:10:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12173 bytes] ##########



#5 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 08:30 PM

the various pop ups are making it very difficult for me to respond to this thread...



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 13 March 2015 - 08:35 PM

Ok good remove what ADW found...

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • >>>
    lv0mVRW.pngJunkware Removal Tool
    • Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    cvMlKv6.pngESET Online Scanner
    • Hold down Control and click on this link to open ESET Online Scanner in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 09:09 PM

# AdwCleaner v4.111 - Logfile created 08/03/2015 at 19:10:40
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : markbrut - MARKBRUT-PC
# Running from : C:\Users\markbrut\Downloads\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [7095 bytes] - [08/03/2015 15:11:22]
AdwCleaner[R1].txt - [6932 bytes] - [08/03/2015 15:42:23]
AdwCleaner[R2].txt - [970 bytes] - [08/03/2015 17:51:50]
AdwCleaner[R3].txt - [1028 bytes] - [08/03/2015 19:06:12]
AdwCleaner[S0].txt - [7002 bytes] - [08/03/2015 15:45:29]
AdwCleaner[S1].txt - [957 bytes] - [08/03/2015 19:10:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1015  bytes] ##########
# AdwCleaner v4.112 - Logfile created 13/03/2015 at 19:48:02
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : markbrut - MARKBRUT-PC
# Running from : C:\Users\markbrut\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [12293 bytes] - [08/03/2015 15:11:22]
AdwCleaner[R1].txt - [8017 bytes] - [08/03/2015 15:42:23]
AdwCleaner[R2].txt - [970 bytes] - [08/03/2015 17:51:50]
AdwCleaner[R3].txt - [1028 bytes] - [08/03/2015 19:06:12]
AdwCleaner[S0].txt - [12308 bytes] - [08/03/2015 15:45:29]
AdwCleaner[S1].txt - [2048 bytes] - [08/03/2015 19:10:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2107  bytes] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by markbrut on Fri 03/13/2015 at 19:59:42.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\markbrut\AppData\Roaming\pcdr"



~~~ FireFox

Emptied folder: C:\Users\markbrut\AppData\Roaming\mozilla\firefox\profiles\lo9a5kzz.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/13/2015 at 20:05:16.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#8 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 13 March 2015 - 09:22 PM

ESET scan running now will post shortly



#9 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 15 March 2015 - 10:01 AM

ESET results:

C:\Users\markbrut\AppData\Local\Mozilla\Firefox\Profiles\lo9a5kzz.default\cache2\entries\062E04D1D3FFBB8A4629F1CAFFD866B9978DFE59    JS/Kryptik.I trojan    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Helper.dll.vir    a variant of Win32/Toolbar.SearchSuite.W potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Uninstall.exe.vir    a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe    a variant of Win32/Systweak.L potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll    a variant of Win32/Systweak.N potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe    a variant of Win32/Systweak.L potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe    a variant of Win32/Systweak potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe    a variant of Win32/Systweak.L potentially unwanted application    deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe    a variant of Win32/Systweak.L potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe    a variant of Win32/HiddenStart.A potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe    a variant of Win32/HiddenStart.A potentially unsafe application    deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\AutocompletePro\AutocompletePro.dll.vir    a variant of Win32/Complitly.A potentially unwanted application    deleted - quarantined
C:\Users\markbrut\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\24506af0-4238a3ea    multiple threats    cleaned by deleting - quarantined
C:\Users\markbrut\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB\Macromedia Dreamweaver Packages\uninstaller.exe    Win32/InstallCore.AZ potentially unwanted application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\Process.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\Process0.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\Process1.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\Process2.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\SmitfraudFix.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\DoctorWeb\Quarantine\smitRem.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\markbrut\Downloads\audio-recorder-free.exe    Win32/Somoto.E potentially unwanted application    deleted - quarantined
C:\Users\markbrut\Downloads\CuteWriter.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Users\markbrut\Downloads\dffsetup-msvcr71.exe    a variant of Win32/Systweak potentially unwanted application    deleted - quarantined
C:\Users\markbrut\Downloads\winzip.exe    MSIL/Solimba.L potentially unwanted application    deleted - quarantined
C:\Users\markbrut\Downloads\WinZip170.exe    a variant of Win32/OpenInstall potentially unwanted application    deleted - quarantined
C:\Windows\Installer\a609b.msi    a variant of Win32/Systweak.L potentially unwanted application    deleted - quarantined



 



#10 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 16 March 2015 - 10:39 AM

still having issues look forward to your response....



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 16 March 2015 - 01:02 PM

OK, lets scan for rootkits.

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Double click on downloaded file. OK self extracting prompt.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 16 March 2015 - 01:53 PM

I just ran this and no Malware was found...



#13 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 16 March 2015 - 02:04 PM

also of note on this, I am getting random double underlined words pretty much on every web page I pull up in addition to the pop ups...thanks...



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:04 PM

Posted 16 March 2015 - 02:17 PM

Do you see any programs like this or other unknown ones you can Uninstall in the Control Panel/ Uninstal??\\


uninstall New Player, HostSecure, Videos Media Players, Browsers_Apps_Pro, Save Pass,

Do the same in your browser

check for and disable or remove any unwanted add-ons from your browser:There are also more suggestion in these articles:Reboot after..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 markbrut

markbrut
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 16 March 2015 - 02:27 PM

I checked both of those before I here...just checked again I do not see any programs that look suspicious...the only plug in I see that I am not 100% sure on is Open H264 Video Codec...






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users