Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarbytes: PC infected. Should I format my OS Drive?


  • Please log in to reply
8 replies to this topic

#1 person721

person721

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 02 June 2015 - 10:28 AM

Hi everyone :)

 

I would really like your advice and guidness.

 

First things first, my Windows 7 Ultimate (SP1) is not genuine. When I first installed the OS I used a hacktool (loader) to "Activate" it. And believe me, I'm now ashame of that.

Until recentely I was used to download and install pirated/cracked games and softwares. Now I want to have a clean PC that is legit and secure and I'm seeking your help.

 

Today I ran a Malwarebytes scan the results showed that I have 4 'Malwares' and 6 'Potentially Unwanted Programs'.

I didn't acted in any way to remove these threats. With your help I want to act wisely about this.

 

I have few questions (Sorry if this is a burden):

 

1) Having right now a cracked Windows 7 installed as my OS means I'm more vulnerable to threats?

2) How would I know if to format and reinstall OS (I intend to purchase and install a genuine OS this time) or to fix/clean my pc without formatting?

3) I heard that Windows 10 will be released on July 29. Can you advice me what should I do? should I try to clean my OS and stay with it untill I could buy Windows 10? Or maybe purchase Windows 8.1 or 7 and update to 10 when the time comes for free?

 

Thanks for anyone who is reading this and trying to help :thumbup2: !

Have a great day!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,439 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:05 AM

Posted 02 June 2015 - 01:42 PM

Hello.. he's what 'll do.. I clean this once .. It will infect again, but at least I can stop your machine from infecting others for a while.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.
>>>

51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 person721

person721
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 03 June 2015 - 12:45 PM

Hi boopme, and thank you very much for reaching out to me!

 

 

I just wanted to note that:

1) I don't know if it's important, but when the Online ESET Scan was finished (I was asleep during the scan) - I got a notification that my C: drive (the OS drive) is getting empty.

When I checked how much space I had left it indicated that I had only 100KB left. So i deleted some unnecessary files and did the Online Scan again. I included the results to the second scan too (It seems that the first scan did the job).

 

2) The last scan you instructed me to do (MalwareBytes) resulted in 4 threat risks (Malware/Potential). I followed your instructions, and after the actions were taken (the 4 threats were quarantined) I OKed the Restart request and afterwards I exported the last Scan Log, that shows that there are no detections (the 4 threats aren't mentioned there).

You asked to attach the .txt file, but I haven't figured out yet how to attach a file to the reply. So instead I pasted here the contents of the .txt file.

 

 

boopme, I thank you from the bottom of my heart! :)

 

 

Here are the logs requested:

 

3Al62Pm.pngMiniToolBox

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by hns (administrator) on 02-06-2015 at 22:15:03
Running from "C:\Users\hns\Desktop\CLN"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: P55A-UD4P Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 validation.sls.microsoft.com

========================= IP Configuration: ================================

Edimax 802.11g Wireless PCI Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : hns-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-1F-1F-6B-D5-9C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Edimax 802.11g Wireless PCI Card
   Physical Address. . . . . . . . . : 00-1F-1F-6B-D5-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9832:ef50:9a50:295e%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.100.102.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, June 02, 2015 16:27:10
   Lease Expires . . . . . . . . . . : Tuesday, June 02, 2015 22:57:32
   Default Gateway . . . . . . . . . : 10.100.102.1
   DHCP Server . . . . . . . . . . . : 10.100.102.1
   DHCPv6 IAID . . . . . . . . . . . : 369106719
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D9-19-32-6C-F0-49-E1-E7-06
   DNS Servers . . . . . . . . . . . : 10.100.102.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 6C-F0-49-E1-E7-16
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 6C-F0-49-E1-E7-06
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{65C789EB-6B4D-4FA3-B552-07C273B6D2F7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{88AC0F34-63CF-4D98-965D-F1AA1C7B0188}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.100.102.1

Name:    google.com
Addresses:  2a00:1450:4017:803::200e
      62.0.54.108
      62.0.54.119
      62.0.54.88
      62.0.54.93
      62.0.54.99
      62.0.54.89
      62.0.54.109
      62.0.54.94
      62.0.54.118
      62.0.54.113
      62.0.54.123
      62.0.54.114
      62.0.54.98
      62.0.54.84
      62.0.54.103
      62.0.54.104


Pinging google.com [62.0.54.108] with 32 bytes of data:
Reply from 62.0.54.108: bytes=32 time=16ms TTL=60
Reply from 62.0.54.108: bytes=32 time=15ms TTL=60

Ping statistics for 62.0.54.108:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 15ms, Maximum = 16ms, Average = 15ms
Server:  UnKnown
Address:  10.100.102.1

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=178ms TTL=47
Reply from 98.139.183.24: bytes=32 time=176ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 176ms, Maximum = 178ms, Average = 177ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 1f 1f 6b d5 9c ......Microsoft Virtual WiFi Miniport Adapter
 12...00 1f 1f 6b d5 9d ......Edimax 802.11g Wireless PCI Card
 11...6c f0 49 e1 e7 16 ......Realtek PCIe GBE Family Controller #2
 10...6c f0 49 e1 e7 06 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.100.102.1     10.100.102.3     25
     10.100.102.0    255.255.255.0         On-link      10.100.102.3    281
     10.100.102.3  255.255.255.255         On-link      10.100.102.3    281
   10.100.102.255  255.255.255.255         On-link      10.100.102.3    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      10.100.102.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      10.100.102.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::9832:ef50:9a50:295e/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/02/2015 03:22:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (06/01/2015 05:44:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/28/2015 00:26:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: CCC.exe, version: 4.5.0.0, time stamp: 0x53ad0dcc
Faulting module name: amdmantle64.dll_unloaded, version: 0.0.0.0, time stamp: 0x5417637b
Exception code: 0xc0000005
Fault offset: 0x000007fee8c0dee0
Faulting process id: 0x13ac
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report Id: CCC.exe3

Error: (05/28/2015 00:26:36 PM) (Source: .NET Runtime) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEE8C0DEE0

Error: (05/28/2015 07:47:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/27/2015 00:32:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/24/2015 04:51:36 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 38.0.1.5611 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1010

Start Time: 01d093f0a956fea5

Termination Time: 504

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: fba0f80e-021b-11e5-a78b-6cf049e1e706

Error: (05/24/2015 04:51:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1908
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (05/22/2015 00:32:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.

Error: (05/21/2015 01:52:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.


System errors:
=============
Error: (06/01/2015 11:19:52 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Software Shadow Copy Provider service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/20/2015 03:04:57 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/15/2015 03:49:15 PM) (Source: Service Control Manager) (User: )
Description: The AMD External Events Utility service failed to start due to the following error:
%%1053

Error: (05/15/2015 03:49:15 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.

Error: (05/10/2015 03:53:25 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (05/06/2015 02:51:12 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/30/2015 08:36:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (04/30/2015 08:36:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (04/30/2015 08:36:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (04/30/2015 08:36:26 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.


Microsoft Office Sessions:
=========================
Error: (06/02/2015 03:22:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (06/01/2015 05:44:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (05/28/2015 00:26:37 PM) (Source: Application Error)(User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll_unloaded0.0.0.05417637bc0000005000007fee8c0dee013ac01d08f0e6c404524C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeamdmantle64.dlla318fdf1-051b-11e5-a78b-6cf049e1e706

Error: (05/28/2015 00:26:36 PM) (Source: .NET Runtime)(User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEE8C0DEE0

Error: (05/28/2015 07:47:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (05/27/2015 00:32:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/24/2015 04:51:36 PM) (Source: Application Hang)(User: )
Description: firefox.exe38.0.1.5611101001d093f0a956fea5504C:\Program Files (x86)\Mozilla Firefox\firefox.exefba0f80e-021b-11e5-a78b-6cf049e1e706

Error: (05/24/2015 04:51:36 PM) (Source: Application Error)(User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1190801d096283b665943C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfdf77370-021b-11e5-a78b-6cf049e1e706

Error: (05/22/2015 00:32:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe

Error: (05/21/2015 01:52:14 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files (x86)\lg electronics\lg pc suite\LGPCSuite.exe


CodeIntegrity Errors:
===================================
  Date: 2013-03-01 13:20:24.673
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:24.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:22.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:22.200
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:19.768
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:19.708
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:17.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:16.999
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:13.741
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-01 13:20:13.679
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
ActiveMail Leumi Composer 1.0 (HKLM-x32\...\ActiveMail Leumi Composer) (Version: 1.0 - ActivePath)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArgusMonitor (HKLM-x32\...\ArgusMonitor) (Version:  - )
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Avira (HKLM-x32\...\{316EB047-4627-4B63-B0A6-8CD32D07D962}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Babylon (HKLM-x32\...\Babylon) (Version:  - Babylon)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cool MP3 Splitter (HKLM-x32\...\Cool MP3 Splitter) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DiRT2 (HKLM-x32\...\{434D0820-3AA6-493A-80B9-301000028501}) (Version: 1.0.0002.133 - Codemasters) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
Dual Smart Solution (HKLM-x32\...\{E61F7C73-277C-44CE-87C4-B574BF0F3803}) (Version: 2.5 - LG Soft India Pvt Ltd)
Dxtory version 2.0.118 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.118 - Dxtory Software)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Easy Tune 6 B10.0528.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B10.0528.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Edimax RT6x Wireless LAN Card (HKLM-x32\...\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}) (Version: 1.5.5.0 - Edimax)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry (Patch 1.4) (HKLM-x32\...\{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}) (Version: 1.00.0000 - Ubisoft) Hidden
FLAV FLV to MP3 Converter 2.58.15 (HKLM-x32\...\{E47D2974-AA5E-FlvMP3-B984-3CA48DFA2849}_is1) (Version:  - FLAV Corporation.)
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8302}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\{5454083B-1308-4485-BF17-111000028701}) (Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version:  - )
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.65 (HKLM-x32\...\lavfilters_is1) (Version: 0.65 - Hendrik Leppkes)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.20.20141013 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{563F041C-DFDB-437B-A1E8-E141E0906076}) (Version: 8.0.225.0 - Microsoft)
Microsoft IntelliType Pro 8.0 (HKLM\...\{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}) (Version: 8.0.225.0 - Microsoft)
Microsoft Office Language Pack 2010 - Hebrew עברית (HKLM-x32\...\Office14.OMUI.he-il) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version:  - MiniTool Solution Ltd.)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F215DDB5-BE2A-4453-BABF-8790434F65D0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFFVideoConverter (HKLM-x32\...\MyFFVideoConverter) (Version: 1.0.0.0 - Pergel.hu)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - שם החברה שלכם) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - שם החברה שלכם)
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Partition Wizard Home Edition 5.0 (HKLM-x32\...\{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1) (Version:  - MT Solution Ltd.)
PC Connectivity Solution (HKLM-x32\...\{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}) (Version: 11.5.22.0 - Nokia)
PowerInbox (HKLM-x32\...\{1B178766-9F0A-4321-A007-673042682E0A}) (Version: 1.14.0.0 - PowerInbox)
Quick JPEG Image Resize and Crop (HKLM-x32\...\{2FDB98BE-6E6D-4543-A5FD-C4ABB6214FC9}) (Version: 1.0.0 - zzornixnet)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6101 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.0.0 - Rockstar Games)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 3.74 (64-bit) (HKLM\...\Sandboxie) (Version: 3.74 - SANDBOXIE L.T.D)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-040D-0000-0000000FF1CE}_Office14.OMUI.he-il_{687F46DC-5532-4DDE-843D-EBF8AC32AA9D}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13307 - Skype Technologies S.A.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.0.1204.27) (Version: 2.0.1204.27 - Solveig Multimedia)
Soundmasker Deluxe 7.0 (HKLM-x32\...\Soundmasker Deluxe_is1) (Version:  - Vectormedia Software)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_EN_is1) (Version: 17.0.1.9 - ZONER software)
גלריית התמונות (HKLM-x32\...\{F1BEEA80-1419-45EE-A4C7-41FD4450ED92}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 4087.3 MB
Available physical RAM: 2685.78 MB
Total Pagefile: 8172.8 MB
Available Pagefile: 5448.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.37 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.91 GB) (Free:8.61 GB) NTFS
2 Drive d: () (Fixed) (Total:526.16 GB) (Free:213.82 GB) NTFS
3 Drive e: () (Fixed) (Total:596.17 GB) (Free:21.61 GB) NTFS

========================= Users: ========================================

User accounts for \\HNS-PC

Administrator            ASPNET                   Guest                    
hns                      


**** End of log ****



#4 person721

person721
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 03 June 2015 - 12:48 PM

SXvL3ZF.pngTDSSKiller

 

22:44:34.0643 0x1c80  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:44:51.0756 0x1c80  ============================================================
22:44:51.0756 0x1c80  Current date / time: 2015/06/02 22:44:51.0756
22:44:51.0756 0x1c80  SystemInfo:
22:44:51.0756 0x1c80  
22:44:51.0756 0x1c80  OS Version: 6.1.7601 ServicePack: 1.0
22:44:51.0756 0x1c80  Product type: Workstation
22:44:51.0756 0x1c80  ComputerName: HNS-PC
22:44:51.0756 0x1c80  UserName: hns
22:44:51.0756 0x1c80  Windows directory: C:\Windows
22:44:51.0756 0x1c80  System windows directory: C:\Windows
22:44:51.0756 0x1c80  Running under WOW64
22:44:51.0756 0x1c80  Processor architecture: Intel x64
22:44:51.0756 0x1c80  Number of processors: 4
22:44:51.0756 0x1c80  Page size: 0x1000
22:44:51.0756 0x1c80  Boot type: Normal boot
22:44:51.0756 0x1c80  ============================================================
22:44:53.0800 0x1c80  KLMD registered as C:\Windows\system32\drivers\24432506.sys
22:44:53.0940 0x1c80  System UUID: {A0FE348B-8A84-2DB7-D4C4-91D8FBD74C37}
22:44:54.0236 0x1c80  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:44:54.0268 0x1c80  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:44:54.0268 0x1c80  ============================================================
22:44:54.0268 0x1c80  \Device\Harddisk0\DR0:
22:44:54.0268 0x1c80  MBR partitions:
22:44:54.0268 0x1c80  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:44:54.0268 0x1c80  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8BD2000
22:44:54.0268 0x1c80  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x8C04800, BlocksNum 0x41C52800
22:44:54.0268 0x1c80  \Device\Harddisk1\DR1:
22:44:54.0268 0x1c80  MBR partitions:
22:44:54.0268 0x1c80  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
22:44:54.0268 0x1c80  ============================================================
22:44:54.0283 0x1c80  C: <-> \Device\Harddisk0\DR0\Partition2
22:44:54.0299 0x1c80  E: <-> \Device\Harddisk1\DR1\Partition1
22:44:54.0361 0x1c80  D: <-> \Device\Harddisk0\DR0\Partition3
22:44:54.0361 0x1c80  ============================================================
22:44:54.0361 0x1c80  Initialize success
22:44:54.0361 0x1c80  ============================================================
22:44:57.0559 0x18cc  ============================================================
22:44:57.0559 0x18cc  Scan started
22:44:57.0559 0x18cc  Mode: Manual;
22:44:57.0559 0x18cc  ============================================================
22:44:57.0559 0x18cc  KSN ping started
22:45:00.0414 0x18cc  KSN ping finished: true
22:45:01.0179 0x18cc  ================ Scan system memory ========================
22:45:01.0179 0x18cc  System memory - ok
22:45:01.0179 0x18cc  ================ Scan services =============================
22:45:01.0335 0x18cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:45:01.0335 0x18cc  1394ohci - ok
22:45:01.0381 0x18cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:45:01.0381 0x18cc  ACPI - ok
22:45:01.0397 0x18cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:45:01.0397 0x18cc  AcpiPmi - ok
22:45:01.0522 0x18cc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:45:01.0522 0x18cc  AdobeARMservice - ok
22:45:01.0631 0x18cc  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:45:01.0631 0x18cc  AdobeFlashPlayerUpdateSvc - ok
22:45:01.0662 0x18cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:45:01.0678 0x18cc  adp94xx - ok
22:45:01.0693 0x18cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:45:01.0693 0x18cc  adpahci - ok
22:45:01.0709 0x18cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:45:01.0709 0x18cc  adpu320 - ok
22:45:01.0725 0x18cc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:45:01.0740 0x18cc  AeLookupSvc - ok
22:45:01.0771 0x18cc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:45:01.0787 0x18cc  AFD - ok
22:45:01.0803 0x18cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:45:01.0803 0x18cc  agp440 - ok
22:45:01.0818 0x18cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:45:01.0818 0x18cc  ALG - ok
22:45:01.0849 0x18cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:45:01.0849 0x18cc  aliide - ok
22:45:01.0881 0x18cc  [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:45:01.0881 0x18cc  AMD External Events Utility - ok
22:45:01.0881 0x18cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:45:01.0881 0x18cc  amdide - ok
22:45:01.0912 0x18cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:45:01.0912 0x18cc  AmdK8 - ok
22:45:02.0395 0x18cc  [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:45:02.0661 0x18cc  amdkmdag - ok
22:45:02.0707 0x18cc  [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:45:02.0723 0x18cc  amdkmdap - ok
22:45:02.0739 0x18cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:45:02.0739 0x18cc  AmdPPM - ok
22:45:02.0754 0x18cc  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:45:02.0754 0x18cc  amdsata - ok
22:45:02.0770 0x18cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:45:02.0770 0x18cc  amdsbs - ok
22:45:02.0785 0x18cc  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:45:02.0785 0x18cc  amdxata - ok
22:45:02.0817 0x18cc  [ 7B47B5A45F22D112E1E785C1051AE84C, FD45EE0B4D4C02F15882F0E73A97FEEE331F2E2449B2CA167279459166A7B3B5 ] AndnetBus       C:\Windows\system32\DRIVERS\lgandnetbus64.sys
22:45:02.0817 0x18cc  AndnetBus - ok
22:45:02.0832 0x18cc  [ B93329C4AD51FE1D763EFC9515CE468E, 929D940A4F6960C3C2505B75F840949E09B9EBC750B8F165E02C574FEF07FF3B ] AndNetDiag      C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
22:45:02.0832 0x18cc  AndNetDiag - ok
22:45:02.0863 0x18cc  [ C57D3D5B1CF8171CEAA08A11C87C60E2, 8E6F420E511AD9057A5F078DA47D636D0BE505DE9FE7F8125304BD74D86DF80D ] ANDNetModem     C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
22:45:02.0863 0x18cc  ANDNetModem - ok
22:45:02.0941 0x18cc  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:45:02.0957 0x18cc  AntiVirMailService - ok
22:45:03.0004 0x18cc  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:45:03.0004 0x18cc  AntiVirSchedulerService - ok
22:45:03.0051 0x18cc  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:45:03.0051 0x18cc  AntiVirService - ok
22:45:03.0113 0x18cc  [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:45:03.0129 0x18cc  AntiVirWebService - ok
22:45:03.0160 0x18cc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:45:03.0160 0x18cc  AppID - ok
22:45:03.0160 0x18cc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:45:03.0160 0x18cc  AppIDSvc - ok
22:45:03.0191 0x18cc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:45:03.0191 0x18cc  Appinfo - ok
22:45:03.0238 0x18cc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:45:03.0238 0x18cc  AppMgmt - ok
22:45:03.0238 0x18cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:45:03.0253 0x18cc  arc - ok
22:45:03.0253 0x18cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:45:03.0253 0x18cc  arcsas - ok
22:45:03.0285 0x18cc  [ 9A1D52E649A60C5CB9D2674A6050BE7F, B759691A59AF340B206A4AC6E341768DD8407D68022575199B7798541D603A4A ] ArgusMonitor    C:\Windows\syswow64\drivers\ArgusMonitor.sys
22:45:03.0285 0x18cc  ArgusMonitor - ok
22:45:03.0378 0x18cc  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:45:03.0378 0x18cc  aspnet_state - ok
22:45:03.0394 0x18cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:45:03.0394 0x18cc  AsyncMac - ok
22:45:03.0409 0x18cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:45:03.0409 0x18cc  atapi - ok
22:45:03.0456 0x18cc  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:45:03.0456 0x18cc  AtiHDAudioService - ok
22:45:03.0472 0x18cc  [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
22:45:03.0472 0x18cc  AtiHdmiService - ok
22:45:03.0503 0x18cc  atillk64 - ok
22:45:03.0534 0x18cc  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
22:45:03.0550 0x18cc  atksgt - ok
22:45:03.0581 0x18cc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:45:03.0581 0x18cc  AudioEndpointBuilder - ok
22:45:03.0612 0x18cc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:45:03.0628 0x18cc  AudioSrv - ok
22:45:03.0659 0x18cc  [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:45:03.0659 0x18cc  avgntflt - ok
22:45:03.0690 0x18cc  [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:45:03.0706 0x18cc  avipbb - ok
22:45:03.0753 0x18cc  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:45:03.0768 0x18cc  Avira.OE.ServiceHost - ok
22:45:03.0784 0x18cc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:45:03.0784 0x18cc  avkmgr - ok
22:45:03.0799 0x18cc  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:45:03.0799 0x18cc  avnetflt - ok
22:45:03.0846 0x18cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:45:03.0846 0x18cc  AxInstSV - ok
22:45:03.0877 0x18cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:45:03.0893 0x18cc  b06bdrv - ok
22:45:03.0924 0x18cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:45:03.0924 0x18cc  b57nd60a - ok
22:45:03.0955 0x18cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:45:03.0955 0x18cc  BDESVC - ok
22:45:03.0971 0x18cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:45:03.0971 0x18cc  Beep - ok
22:45:04.0018 0x18cc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:45:04.0033 0x18cc  BFE - ok
22:45:04.0065 0x18cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:45:04.0080 0x18cc  BITS - ok
22:45:04.0096 0x18cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:45:04.0096 0x18cc  blbdrive - ok
22:45:04.0127 0x18cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:45:04.0127 0x18cc  bowser - ok
22:45:04.0143 0x18cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:45:04.0143 0x18cc  BrFiltLo - ok
22:45:04.0143 0x18cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:45:04.0143 0x18cc  BrFiltUp - ok
22:45:04.0174 0x18cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:45:04.0174 0x18cc  Browser - ok
22:45:04.0189 0x18cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:45:04.0189 0x18cc  Brserid - ok
22:45:04.0205 0x18cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:45:04.0205 0x18cc  BrSerWdm - ok
22:45:04.0221 0x18cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:45:04.0221 0x18cc  BrUsbMdm - ok
22:45:04.0236 0x18cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:45:04.0236 0x18cc  BrUsbSer - ok
22:45:04.0236 0x18cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:45:04.0236 0x18cc  BTHMODEM - ok
22:45:04.0252 0x18cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:45:04.0252 0x18cc  bthserv - ok
22:45:04.0267 0x18cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:45:04.0267 0x18cc  cdfs - ok
22:45:04.0299 0x18cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:45:04.0299 0x18cc  cdrom - ok
22:45:04.0330 0x18cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:45:04.0330 0x18cc  CertPropSvc - ok
22:45:04.0345 0x18cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:45:04.0345 0x18cc  circlass - ok
22:45:04.0377 0x18cc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:45:04.0392 0x18cc  CLFS - ok
22:45:04.0423 0x18cc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:45:04.0439 0x18cc  clr_optimization_v2.0.50727_32 - ok
22:45:04.0470 0x18cc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:45:04.0470 0x18cc  clr_optimization_v2.0.50727_64 - ok
22:45:04.0533 0x18cc  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:45:04.0533 0x18cc  clr_optimization_v4.0.30319_32 - ok
22:45:04.0548 0x18cc  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:45:04.0564 0x18cc  clr_optimization_v4.0.30319_64 - ok
22:45:04.0564 0x18cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:04.0579 0x18cc  CmBatt - ok
22:45:04.0595 0x18cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:45:04.0595 0x18cc  cmdide - ok
22:45:04.0642 0x18cc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:45:04.0642 0x18cc  CNG - ok
22:45:04.0657 0x18cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:45:04.0657 0x18cc  Compbatt - ok
22:45:04.0673 0x18cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:45:04.0673 0x18cc  CompositeBus - ok
22:45:04.0673 0x18cc  COMSysApp - ok
22:45:04.0704 0x18cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:45:04.0704 0x18cc  crcdisk - ok
22:45:04.0735 0x18cc  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:45:04.0735 0x18cc  CryptSvc - ok
22:45:04.0767 0x18cc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:45:04.0782 0x18cc  CSC - ok
22:45:04.0813 0x18cc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:45:04.0829 0x18cc  CscService - ok
22:45:04.0845 0x18cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:45:04.0860 0x18cc  DcomLaunch - ok
22:45:04.0891 0x18cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:45:04.0891 0x18cc  defragsvc - ok
22:45:04.0907 0x18cc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:45:04.0923 0x18cc  DfsC - ok
22:45:04.0938 0x18cc  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
22:45:04.0938 0x18cc  dg_ssudbus - ok
22:45:04.0969 0x18cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:45:04.0985 0x18cc  Dhcp - ok
22:45:04.0985 0x18cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:45:04.0985 0x18cc  discache - ok
22:45:05.0016 0x18cc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:45:05.0016 0x18cc  Disk - ok
22:45:05.0032 0x18cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:45:05.0047 0x18cc  Dnscache - ok
22:45:05.0063 0x18cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:45:05.0079 0x18cc  dot3svc - ok
22:45:05.0094 0x18cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:45:05.0110 0x18cc  DPS - ok
22:45:05.0141 0x18cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:45:05.0141 0x18cc  drmkaud - ok
22:45:05.0172 0x18cc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:45:05.0188 0x18cc  DXGKrnl - ok
22:45:05.0219 0x18cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:45:05.0219 0x18cc  EapHost - ok
22:45:05.0313 0x18cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:45:05.0375 0x18cc  ebdrv - ok
22:45:05.0391 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS             C:\Windows\System32\lsass.exe
22:45:05.0391 0x18cc  EFS - ok
22:45:05.0437 0x18cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:45:05.0437 0x18cc  ehRecvr - ok
22:45:05.0469 0x18cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:45:05.0469 0x18cc  ehSched - ok
22:45:05.0500 0x18cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:45:05.0500 0x18cc  elxstor - ok
22:45:05.0515 0x18cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:45:05.0515 0x18cc  ErrDev - ok
22:45:05.0578 0x18cc  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
22:45:05.0578 0x18cc  etdrv - ok
22:45:05.0593 0x18cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:45:05.0609 0x18cc  EventSystem - ok
22:45:05.0609 0x18cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:45:05.0625 0x18cc  exfat - ok
22:45:05.0640 0x18cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:45:05.0640 0x18cc  fastfat - ok
22:45:05.0687 0x18cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:45:05.0703 0x18cc  Fax - ok
22:45:05.0718 0x18cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:45:05.0718 0x18cc  fdc - ok
22:45:05.0734 0x18cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:45:05.0734 0x18cc  fdPHost - ok
22:45:05.0734 0x18cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:45:05.0734 0x18cc  FDResPub - ok
22:45:05.0749 0x18cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:45:05.0749 0x18cc  FileInfo - ok
22:45:05.0765 0x18cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:45:05.0765 0x18cc  Filetrace - ok
22:45:05.0765 0x18cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:05.0765 0x18cc  flpydisk - ok
22:45:05.0796 0x18cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:45:05.0812 0x18cc  FltMgr - ok
22:45:05.0859 0x18cc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
22:45:05.0874 0x18cc  FontCache - ok
22:45:05.0921 0x18cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:45:05.0921 0x18cc  FontCache3.0.0.0 - ok
22:45:05.0921 0x18cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:45:05.0937 0x18cc  FsDepends - ok
22:45:06.0015 0x18cc  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
22:45:06.0015 0x18cc  FsUsbExDisk - ok
22:45:06.0046 0x18cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:45:06.0046 0x18cc  Fs_Rec - ok
22:45:06.0077 0x18cc  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:45:06.0077 0x18cc  fvevol - ok
22:45:06.0093 0x18cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:45:06.0093 0x18cc  gagp30kx - ok
22:45:06.0108 0x18cc  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
22:45:06.0108 0x18cc  gdrv - ok
22:45:06.0155 0x18cc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:45:06.0155 0x18cc  gpsvc - ok
22:45:06.0249 0x18cc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:06.0249 0x18cc  gupdate - ok
22:45:06.0264 0x18cc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:06.0264 0x18cc  gupdatem - ok
22:45:06.0280 0x18cc  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
22:45:06.0280 0x18cc  GVTDrv64 - ok
22:45:06.0295 0x18cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:45:06.0295 0x18cc  hcw85cir - ok
22:45:06.0342 0x18cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:45:06.0342 0x18cc  HdAudAddService - ok
22:45:06.0373 0x18cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:45:06.0373 0x18cc  HDAudBus - ok
22:45:06.0389 0x18cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:45:06.0389 0x18cc  HidBatt - ok
22:45:06.0405 0x18cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:45:06.0405 0x18cc  HidBth - ok
22:45:06.0420 0x18cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:45:06.0420 0x18cc  HidIr - ok
22:45:06.0436 0x18cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:45:06.0436 0x18cc  hidserv - ok
22:45:06.0467 0x18cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:45:06.0467 0x18cc  HidUsb - ok
22:45:06.0483 0x18cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:45:06.0483 0x18cc  hkmsvc - ok
22:45:06.0514 0x18cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:45:06.0529 0x18cc  HomeGroupListener - ok
22:45:06.0545 0x18cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:45:06.0561 0x18cc  HomeGroupProvider - ok
22:45:06.0576 0x18cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:45:06.0576 0x18cc  HpSAMD - ok
22:45:06.0623 0x18cc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:45:06.0639 0x18cc  HTTP - ok
22:45:06.0639 0x18cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:45:06.0639 0x18cc  hwpolicy - ok
22:45:06.0670 0x18cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:45:06.0670 0x18cc  i8042prt - ok
22:45:06.0701 0x18cc  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:45:06.0701 0x18cc  iaStorV - ok
22:45:06.0763 0x18cc  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:45:06.0763 0x18cc  IDriverT - ok
22:45:06.0810 0x18cc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:45:06.0826 0x18cc  idsvc - ok
22:45:06.0826 0x18cc  IEEtwCollectorService - ok
22:45:06.0841 0x18cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:45:06.0841 0x18cc  iirsp - ok
22:45:06.0888 0x18cc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:45:06.0904 0x18cc  IKEEXT - ok
22:45:06.0997 0x18cc  [ 96B0A408842B0E214EDCB41E89438999, 7197284D9585EF34A0376EA773F9B7C68E3AEBB8C9F7A3E44DFAA461872F2600 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:45:07.0029 0x18cc  IntcAzAudAddService - ok
22:45:07.0044 0x18cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:45:07.0044 0x18cc  intelide - ok
22:45:07.0060 0x18cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:45:07.0060 0x18cc  intelppm - ok
22:45:07.0091 0x18cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:45:07.0091 0x18cc  IPBusEnum - ok
22:45:07.0122 0x18cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:07.0122 0x18cc  IpFilterDriver - ok
22:45:07.0153 0x18cc  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:45:07.0169 0x18cc  iphlpsvc - ok
22:45:07.0185 0x18cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:45:07.0185 0x18cc  IPMIDRV - ok
22:45:07.0216 0x18cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:45:07.0231 0x18cc  IPNAT - ok
22:45:07.0278 0x18cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:45:07.0278 0x18cc  IRENUM - ok
22:45:07.0372 0x18cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:45:07.0372 0x18cc  isapnp - ok
22:45:07.0419 0x18cc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:45:07.0419 0x18cc  iScsiPrt - ok
22:45:07.0434 0x18cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:45:07.0434 0x18cc  kbdclass - ok
22:45:07.0465 0x18cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:45:07.0465 0x18cc  kbdhid - ok
22:45:07.0481 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso          C:\Windows\system32\lsass.exe
22:45:07.0481 0x18cc  KeyIso - ok
22:45:07.0497 0x18cc  [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:45:07.0497 0x18cc  KSecDD - ok
22:45:07.0528 0x18cc  [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:45:07.0528 0x18cc  KSecPkg - ok
22:45:07.0528 0x18cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:45:07.0528 0x18cc  ksthunk - ok
22:45:07.0559 0x18cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:45:07.0559 0x18cc  KtmRm - ok
22:45:07.0575 0x18cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:45:07.0590 0x18cc  LanmanServer - ok
22:45:07.0606 0x18cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:45:07.0606 0x18cc  LanmanWorkstation - ok
22:45:07.0621 0x18cc  LGDDCDevice - ok
22:45:07.0621 0x18cc  LGII2CDevice - ok
22:45:07.0668 0x18cc  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
22:45:07.0668 0x18cc  lirsgt - ok
22:45:07.0684 0x18cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:45:07.0684 0x18cc  lltdio - ok
22:45:07.0699 0x18cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:45:07.0699 0x18cc  lltdsvc - ok
22:45:07.0715 0x18cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:45:07.0715 0x18cc  lmhosts - ok
22:45:07.0731 0x18cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:45:07.0731 0x18cc  LSI_FC - ok
22:45:07.0746 0x18cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:45:07.0746 0x18cc  LSI_SAS - ok
22:45:07.0777 0x18cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:45:07.0777 0x18cc  LSI_SAS2 - ok
22:45:07.0793 0x18cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:45:07.0793 0x18cc  LSI_SCSI - ok
22:45:07.0809 0x18cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:45:07.0809 0x18cc  luafv - ok
22:45:07.0840 0x18cc  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:45:07.0855 0x18cc  LVRS64 - ok
22:45:07.0996 0x18cc  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:45:08.0074 0x18cc  LVUVC64 - ok
22:45:08.0105 0x18cc  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:45:08.0105 0x18cc  MBAMProtector - ok
22:45:08.0167 0x18cc  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
22:45:08.0183 0x18cc  MBAMService - ok
22:45:08.0214 0x18cc  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:45:08.0214 0x18cc  MBAMWebAccessControl - ok
22:45:08.0245 0x18cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:45:08.0245 0x18cc  Mcx2Svc - ok
22:45:08.0261 0x18cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:45:08.0261 0x18cc  megasas - ok
22:45:08.0277 0x18cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:45:08.0277 0x18cc  MegaSR - ok
22:45:08.0339 0x18cc  Microsoft SharePoint Workspace Audit Service - ok
22:45:08.0370 0x18cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:45:08.0370 0x18cc  MMCSS - ok
22:45:08.0370 0x18cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:45:08.0370 0x18cc  Modem - ok
22:45:08.0401 0x18cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:45:08.0401 0x18cc  monitor - ok
22:45:08.0433 0x18cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:45:08.0433 0x18cc  mouclass - ok
22:45:08.0448 0x18cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:45:08.0448 0x18cc  mouhid - ok
22:45:08.0479 0x18cc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:45:08.0495 0x18cc  mountmgr - ok
22:45:08.0542 0x18cc  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:45:08.0542 0x18cc  MozillaMaintenance - ok
22:45:08.0557 0x18cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:45:08.0573 0x18cc  mpio - ok
22:45:08.0573 0x18cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:45:08.0573 0x18cc  mpsdrv - ok
22:45:08.0620 0x18cc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:45:08.0635 0x18cc  MpsSvc - ok
22:45:08.0651 0x18cc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:45:08.0651 0x18cc  MRxDAV - ok
22:45:08.0682 0x18cc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:08.0682 0x18cc  mrxsmb - ok
22:45:08.0713 0x18cc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:08.0713 0x18cc  mrxsmb10 - ok
22:45:08.0729 0x18cc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:08.0729 0x18cc  mrxsmb20 - ok
22:45:08.0729 0x18cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:45:08.0729 0x18cc  msahci - ok
22:45:08.0745 0x18cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:45:08.0745 0x18cc  msdsm - ok
22:45:08.0760 0x18cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:45:08.0760 0x18cc  MSDTC - ok
22:45:08.0776 0x18cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:45:08.0776 0x18cc  Msfs - ok
22:45:08.0791 0x18cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:45:08.0791 0x18cc  mshidkmdf - ok
22:45:08.0823 0x18cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:45:08.0823 0x18cc  msisadrv - ok
22:45:08.0838 0x18cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:45:08.0838 0x18cc  MSiSCSI - ok
22:45:08.0838 0x18cc  msiserver - ok
22:45:08.0854 0x18cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:45:08.0854 0x18cc  MSKSSRV - ok
22:45:08.0869 0x18cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:08.0869 0x18cc  MSPCLOCK - ok
22:45:08.0869 0x18cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:45:08.0869 0x18cc  MSPQM - ok
22:45:08.0901 0x18cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:45:08.0916 0x18cc  MsRPC - ok
22:45:08.0916 0x18cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:45:08.0916 0x18cc  mssmbios - ok
22:45:08.0932 0x18cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:45:08.0932 0x18cc  MSTEE - ok
22:45:08.0947 0x18cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:45:08.0947 0x18cc  MTConfig - ok
22:45:08.0963 0x18cc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:45:08.0963 0x18cc  Mup - ok
22:45:08.0994 0x18cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:45:09.0010 0x18cc  napagent - ok
22:45:09.0041 0x18cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:45:09.0041 0x18cc  NativeWifiP - ok
22:45:09.0072 0x18cc  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:45:09.0088 0x18cc  NDIS - ok
22:45:09.0103 0x18cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:45:09.0103 0x18cc  NdisCap - ok
22:45:09.0135 0x18cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:45:09.0135 0x18cc  NdisTapi - ok
22:45:09.0150 0x18cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:45:09.0150 0x18cc  Ndisuio - ok
22:45:09.0181 0x18cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:45:09.0181 0x18cc  NdisWan - ok
22:45:09.0197 0x18cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:45:09.0197 0x18cc  NDProxy - ok
22:45:09.0213 0x18cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:45:09.0213 0x18cc  NetBIOS - ok
22:45:09.0244 0x18cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:45:09.0259 0x18cc  NetBT - ok
22:45:09.0259 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon        C:\Windows\system32\lsass.exe
22:45:09.0259 0x18cc  Netlogon - ok
22:45:09.0291 0x18cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:45:09.0291 0x18cc  Netman - ok
22:45:09.0353 0x18cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:09.0353 0x18cc  NetMsmqActivator - ok
22:45:09.0353 0x18cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:09.0369 0x18cc  NetPipeActivator - ok
22:45:09.0384 0x18cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:45:09.0400 0x18cc  netprofm - ok
22:45:09.0400 0x18cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:09.0400 0x18cc  NetTcpActivator - ok
22:45:09.0415 0x18cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:09.0415 0x18cc  NetTcpPortSharing - ok
22:45:09.0415 0x18cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:45:09.0415 0x18cc  nfrd960 - ok
22:45:09.0462 0x18cc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:45:09.0462 0x18cc  NlaSvc - ok
22:45:09.0493 0x18cc  [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
22:45:09.0493 0x18cc  nmwcd - ok
22:45:09.0509 0x18cc  [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
22:45:09.0509 0x18cc  nmwcdc - ok
22:45:09.0525 0x18cc  [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF             C:\Windows\system32\drivers\npf.sys
22:45:09.0540 0x18cc  NPF - ok
22:45:09.0540 0x18cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:45:09.0540 0x18cc  Npfs - ok
22:45:09.0556 0x18cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:45:09.0556 0x18cc  nsi - ok
22:45:09.0556 0x18cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:45:09.0556 0x18cc  nsiproxy - ok
22:45:09.0634 0x18cc  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:45:09.0649 0x18cc  Ntfs - ok
22:45:09.0665 0x18cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:45:09.0665 0x18cc  Null - ok
22:45:09.0696 0x18cc  [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
22:45:09.0696 0x18cc  nusb3hub - ok
22:45:09.0727 0x18cc  [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:45:09.0727 0x18cc  nusb3xhc - ok
22:45:09.0743 0x18cc  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:45:09.0743 0x18cc  nvraid - ok
22:45:09.0774 0x18cc  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:45:09.0774 0x18cc  nvstor - ok
22:45:09.0790 0x18cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:45:09.0805 0x18cc  nv_agp - ok
22:45:09.0805 0x18cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:45:09.0805 0x18cc  ohci1394 - ok
22:45:09.0883 0x18cc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:45:09.0883 0x18cc  ose - ok
22:45:10.0055 0x18cc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:45:10.0133 0x18cc  osppsvc - ok
22:45:10.0164 0x18cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:45:10.0164 0x18cc  p2pimsvc - ok
22:45:10.0195 0x18cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:45:10.0195 0x18cc  p2psvc - ok
22:45:10.0227 0x18cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:45:10.0227 0x18cc  Parport - ok
22:45:10.0258 0x18cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:45:10.0258 0x18cc  partmgr - ok
22:45:10.0273 0x18cc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:45:10.0289 0x18cc  PcaSvc - ok
22:45:10.0305 0x18cc  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:45:10.0305 0x18cc  pccsmcfd - ok
22:45:10.0320 0x18cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:45:10.0320 0x18cc  pci - ok
22:45:10.0336 0x18cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:45:10.0336 0x18cc  pciide - ok
22:45:10.0351 0x18cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:45:10.0351 0x18cc  pcmcia - ok
22:45:10.0383 0x18cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:45:10.0383 0x18cc  pcw - ok
22:45:10.0414 0x18cc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:45:10.0429 0x18cc  PEAUTH - ok
22:45:10.0476 0x18cc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:45:10.0507 0x18cc  PeerDistSvc - ok
22:45:10.0570 0x18cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:45:10.0570 0x18cc  PerfHost - ok
22:45:10.0632 0x18cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:45:10.0663 0x18cc  pla - ok
22:45:10.0710 0x18cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:45:10.0710 0x18cc  PlugPlay - ok
22:45:10.0726 0x18cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:45:10.0726 0x18cc  PNRPAutoReg - ok
22:45:10.0741 0x18cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:45:10.0741 0x18cc  PNRPsvc - ok
22:45:10.0773 0x18cc  [ B8D8EC78B0F9ED8E220506181274F3D3, D920277EE66AAAB6D66BF328DD5A40DDD8382BF4F331EAB398069EDB842FF18E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
22:45:10.0773 0x18cc  Point64 - ok
22:45:10.0804 0x18cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:45:10.0819 0x18cc  PolicyAgent - ok
22:45:10.0835 0x18cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:45:10.0835 0x18cc  Power - ok
22:45:10.0882 0x18cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:45:10.0882 0x18cc  PptpMiniport - ok
22:45:10.0897 0x18cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:45:10.0897 0x18cc  Processor - ok
22:45:10.0897 0x18cc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:45:10.0913 0x18cc  ProfSvc - ok
22:45:10.0913 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
22:45:10.0913 0x18cc  ProtectedStorage - ok
22:45:10.0960 0x18cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:45:10.0960 0x18cc  Psched - ok
22:45:10.0975 0x18cc  [ 9E97E62098FA1238D189181AAB13C402, A68E590396E14A3D8F4B31F08ABC4DE184419BBB0AB1B77032953D023495419E ] pwdrvio         C:\Windows\system32\pwdrvio.sys
22:45:10.0975 0x18cc  pwdrvio - ok
22:45:11.0007 0x18cc  [ 1A8011B9BD9B5CB53783E7F91109B946, D9D0A43C837DD722AF5CA99893C0FD51A65AE40AD9C79FB1D714055F83206457 ] pwdspio         C:\Windows\system32\pwdspio.sys
22:45:11.0007 0x18cc  pwdspio - ok
22:45:11.0069 0x18cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:45:11.0085 0x18cc  ql2300 - ok
22:45:11.0100 0x18cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:45:11.0100 0x18cc  ql40xx - ok
22:45:11.0131 0x18cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:45:11.0131 0x18cc  QWAVE - ok
22:45:11.0147 0x18cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:45:11.0147 0x18cc  QWAVEdrv - ok
22:45:11.0194 0x18cc  [ 2EE6D9CAB03900646D1D3D9077167BD6, 61F1C78A56537483FCD4B49AB6D0189EE05ECB7BF4AF88573E0F7EEBFE088865 ] RalinkRegistryWriter C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
22:45:11.0194 0x18cc  RalinkRegistryWriter - ok
22:45:11.0209 0x18cc  [ 46358C32AF09A57A171BC422649BE53B, 882993760EA1D6F5B8FD9E71C0AC550B296DBB32EC4A288C1B65B34DE41C3FE1 ] RalinkRegistryWriter64 C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
22:45:11.0209 0x18cc  RalinkRegistryWriter64 - ok
22:45:11.0225 0x18cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:45:11.0225 0x18cc  RasAcd - ok
22:45:11.0241 0x18cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:45:11.0241 0x18cc  RasAgileVpn - ok
22:45:11.0256 0x18cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:45:11.0256 0x18cc  RasAuto - ok
22:45:11.0287 0x18cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:45:11.0287 0x18cc  Rasl2tp - ok
22:45:11.0319 0x18cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:45:11.0319 0x18cc  RasMan - ok
22:45:11.0334 0x18cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:45:11.0334 0x18cc  RasPppoe - ok
22:45:11.0350 0x18cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:45:11.0350 0x18cc  RasSstp - ok
22:45:11.0381 0x18cc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:45:11.0381 0x18cc  rdbss - ok
22:45:11.0397 0x18cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:45:11.0397 0x18cc  rdpbus - ok
22:45:11.0412 0x18cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:45:11.0412 0x18cc  RDPCDD - ok
22:45:11.0459 0x18cc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:45:11.0459 0x18cc  RDPDR - ok
22:45:11.0475 0x18cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:45:11.0475 0x18cc  RDPENCDD - ok
22:45:11.0475 0x18cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:45:11.0490 0x18cc  RDPREFMP - ok
22:45:11.0521 0x18cc  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:45:11.0521 0x18cc  RdpVideoMiniport - ok
22:45:11.0553 0x18cc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:45:11.0553 0x18cc  RDPWD - ok
22:45:11.0584 0x18cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:45:11.0584 0x18cc  rdyboost - ok
22:45:11.0599 0x18cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:45:11.0599 0x18cc  RemoteAccess - ok
22:45:11.0615 0x18cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:45:11.0631 0x18cc  RemoteRegistry - ok
22:45:11.0646 0x18cc  [ A780D3EAA74582EA1DEB6BD9C7A3D9C9, 9F66C47D49AADDC946C20945685C1B8BDFAF011D9CD840AC9F3130B5BA09946C ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
22:45:11.0646 0x18cc  rpcapd - ok
22:45:11.0662 0x18cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:45:11.0677 0x18cc  RpcEptMapper - ok
22:45:11.0693 0x18cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:45:11.0693 0x18cc  RpcLocator - ok
22:45:11.0724 0x18cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:45:11.0740 0x18cc  RpcSs - ok
22:45:11.0755 0x18cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:45:11.0755 0x18cc  rspndr - ok
22:45:11.0787 0x18cc  [ 60EB8A87357CA5B088B422D1E55A2405, A4E8ACACB9EFB094D05EC24DFB65D969DBA14634EEB6B4DBEF500BDEA8D78DB5 ] rt61x64         C:\Windows\system32\DRIVERS\netr6164.sys
22:45:11.0787 0x18cc  rt61x64 - ok
22:45:11.0833 0x18cc  [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:45:11.0833 0x18cc  RTL8167 - ok
22:45:11.0849 0x18cc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:45:11.0849 0x18cc  s3cap - ok
22:45:11.0865 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs           C:\Windows\system32\lsass.exe
22:45:11.0865 0x18cc  SamSs - ok
22:45:11.0911 0x18cc  [ F444EBA4C58AD1D6D1DA9850C2B5D829, 4ED1F4BC7F19396F3E3FC0C70CDDA68924DBEDD11820AEBE93C2AC3DB5CB78B2 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
22:45:11.0911 0x18cc  SbieDrv - ok
22:45:11.0927 0x18cc  [ 9E92ABAE6F6A63C4307FE7CC4AC95831, 9756CB07778504EF7D8D42F70F08BA41B59486F0F5182977E53C197924091267 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
22:45:11.0927 0x18cc  SbieSvc - ok
22:45:11.0958 0x18cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:45:11.0958 0x18cc  sbp2port - ok
22:45:11.0974 0x18cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:45:11.0974 0x18cc  SCardSvr - ok
22:45:11.0989 0x18cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:45:11.0989 0x18cc  scfilter - ok
22:45:12.0036 0x18cc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:45:12.0067 0x18cc  Schedule - ok
22:45:12.0083 0x18cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:45:12.0083 0x18cc  SCPolicySvc - ok
22:45:12.0114 0x18cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:45:12.0114 0x18cc  SDRSVC - ok
22:45:12.0145 0x18cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:45:12.0145 0x18cc  secdrv - ok
22:45:12.0161 0x18cc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:45:12.0161 0x18cc  seclogon - ok
22:45:12.0177 0x18cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:45:12.0177 0x18cc  SENS - ok
22:45:12.0192 0x18cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:45:12.0192 0x18cc  SensrSvc - ok
22:45:12.0208 0x18cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:45:12.0208 0x18cc  Serenum - ok
22:45:12.0223 0x18cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:45:12.0223 0x18cc  Serial - ok
22:45:12.0255 0x18cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:45:12.0255 0x18cc  sermouse - ok
22:45:12.0301 0x18cc  [ E802089FEC30A95FDFD218995308F9B3, A340D22E7E1D8EC7AE324C05D995AD34797B2D899DFD902A822B38109FAC6437 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:45:12.0317 0x18cc  ServiceLayer - ok
22:45:12.0348 0x18cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:45:12.0348 0x18cc  SessionEnv - ok
22:45:12.0379 0x18cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:45:12.0379 0x18cc  sffdisk - ok
22:45:12.0395 0x18cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:45:12.0395 0x18cc  sffp_mmc - ok
22:45:12.0395 0x18cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:45:12.0395 0x18cc  sffp_sd - ok
22:45:12.0442 0x18cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:45:12.0442 0x18cc  sfloppy - ok
22:45:12.0457 0x18cc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:45:12.0457 0x18cc  SharedAccess - ok
22:45:12.0489 0x18cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:45:12.0504 0x18cc  ShellHWDetection - ok
22:45:12.0520 0x18cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:45:12.0520 0x18cc  SiSRaid2 - ok
22:45:12.0535 0x18cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:45:12.0535 0x18cc  SiSRaid4 - ok
22:45:12.0707 0x18cc  [ B9F101C40A8631B20778B46D1A6F6DAF, BB754078BAFC14FF8843D3465FE7C20477901CE4A3124549F74E01A1DFB799A3 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:45:12.0754 0x18cc  Skype C2C Service - ok
22:45:12.0816 0x18cc  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:45:12.0832 0x18cc  SkypeUpdate - ok
22:45:12.0847 0x18cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:45:12.0847 0x18cc  Smb - ok
22:45:12.0879 0x18cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:45:12.0879 0x18cc  SNMPTRAP - ok
22:45:12.0894 0x18cc  [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan        C:\Windows\syswow64\speedfan.sys
22:45:12.0894 0x18cc  speedfan - ok
22:45:12.0910 0x18cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:45:12.0910 0x18cc  spldr - ok
22:45:12.0941 0x18cc  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
22:45:12.0957 0x18cc  Spooler - ok
22:45:13.0066 0x18cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:45:13.0128 0x18cc  sppsvc - ok
22:45:13.0144 0x18cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:45:13.0144 0x18cc  sppuinotify - ok
22:45:13.0206 0x18cc  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
22:45:13.0206 0x18cc  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
22:45:13.0206 0x18cc  sptd - detected LockedFile.Multi.Generic ( 1 )
22:45:16.0123 0x18cc  Detect skipped due to KSN trusted
22:45:16.0123 0x18cc  sptd - ok
22:45:16.0155 0x18cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:45:16.0170 0x18cc  srv - ok
22:45:16.0186 0x18cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:45:16.0201 0x18cc  srv2 - ok
22:45:16.0201 0x18cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:45:16.0217 0x18cc  srvnet - ok
22:45:16.0217 0x18cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:45:16.0233 0x18cc  SSDPSRV - ok
22:45:16.0233 0x18cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:45:16.0248 0x18cc  SstpSvc - ok
22:45:16.0279 0x18cc  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
22:45:16.0279 0x18cc  ssudmdm - ok
22:45:16.0295 0x18cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:45:16.0295 0x18cc  stexstor - ok
22:45:16.0342 0x18cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:45:16.0357 0x18cc  stisvc - ok
22:45:16.0373 0x18cc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:45:16.0373 0x18cc  storflt - ok
22:45:16.0389 0x18cc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:45:16.0389 0x18cc  storvsc - ok
22:45:16.0420 0x18cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:45:16.0420 0x18cc  swenum - ok
22:45:16.0435 0x18cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:45:16.0451 0x18cc  swprv - ok
22:45:16.0451 0x18cc  Synth3dVsc - ok
22:45:16.0513 0x18cc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:45:16.0545 0x18cc  SysMain - ok
22:45:16.0560 0x18cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:45:16.0560 0x18cc  TabletInputService - ok
22:45:16.0591 0x18cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:45:16.0607 0x18cc  TapiSrv - ok
22:45:16.0623 0x18cc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:45:16.0623 0x18cc  TBS - ok
22:45:16.0685 0x18cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:45:16.0716 0x18cc  Tcpip - ok
22:45:16.0794 0x18cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:45:16.0825 0x18cc  TCPIP6 - ok
22:45:16.0841 0x18cc  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:45:16.0841 0x18cc  tcpipreg - ok
22:45:16.0857 0x18cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:45:16.0857 0x18cc  TDPIPE - ok
22:45:16.0872 0x18cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:45:16.0872 0x18cc  TDTCP - ok
22:45:16.0903 0x18cc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:45:16.0903 0x18cc  tdx - ok
22:45:16.0919 0x18cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:45:16.0919 0x18cc  TermDD - ok
22:45:16.0950 0x18cc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:45:16.0966 0x18cc  TermService - ok
22:45:16.0981 0x18cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:45:16.0981 0x18cc  Themes - ok
22:45:16.0997 0x18cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:45:16.0997 0x18cc  THREADORDER - ok
22:45:17.0013 0x18cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:45:17.0013 0x18cc  TrkWks - ok
22:45:17.0059 0x18cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:45:17.0059 0x18cc  TrustedInstaller - ok
22:45:17.0075 0x18cc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:45:17.0075 0x18cc  tssecsrv - ok
22:45:17.0091 0x18cc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:45:17.0091 0x18cc  TsUsbFlt - ok
22:45:17.0106 0x18cc  tsusbhub - ok
22:45:17.0137 0x18cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:45:17.0137 0x18cc  tunnel - ok
22:45:17.0169 0x18cc  [ F37D49111A12A97DE4BB5D8FF444BD2C, 55D230D3B3753846CCB54FF51CD08E2356757D69B84D0A81F6681BEF26204E31 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
22:45:17.0169 0x18cc  TurboB - ok
22:45:17.0169 0x18cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:45:17.0184 0x18cc  uagp35 - ok
22:45:17.0215 0x18cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:45:17.0215 0x18cc  udfs - ok
22:45:17.0231 0x18cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:45:17.0231 0x18cc  UI0Detect - ok
22:45:17.0262 0x18cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:45:17.0262 0x18cc  uliagpkx - ok
22:45:17.0278 0x18cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
22:45:17.0278 0x18cc  umbus - ok
22:45:17.0293 0x18cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:45:17.0293 0x18cc  UmPass - ok
22:45:17.0309 0x18cc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:45:17.0325 0x18cc  UmRdpService - ok
22:45:17.0387 0x18cc  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:45:17.0387 0x18cc  UMVPFSrv - ok
22:45:17.0434 0x18cc  UnlockerDriver5 - ok
22:45:17.0449 0x18cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:45:17.0449 0x18cc  upnphost - ok
22:45:17.0481 0x18cc  [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:45:17.0481 0x18cc  upperdev - ok
22:45:17.0527 0x18cc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:45:17.0527 0x18cc  usbaudio - ok
22:45:17.0559 0x18cc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:45:17.0559 0x18cc  usbccgp - ok
22:45:17.0574 0x18cc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:45:17.0574 0x18cc  usbcir - ok
22:45:17.0590 0x18cc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:45:17.0590 0x18cc  usbehci - ok
22:45:17.0605 0x18cc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:45:17.0621 0x18cc  usbhub - ok
22:45:17.0637 0x18cc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:45:17.0637 0x18cc  usbohci - ok
22:45:17.0637 0x18cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:45:17.0637 0x18cc  usbprint - ok
22:45:17.0652 0x18cc  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
22:45:17.0652 0x18cc  usbser - ok
22:45:17.0683 0x18cc  [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:45:17.0683 0x18cc  UsbserFilt - ok
22:45:17.0715 0x18cc  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:45:17.0715 0x18cc  USBSTOR - ok
22:45:17.0730 0x18cc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:45:17.0730 0x18cc  usbuhci - ok
22:45:17.0761 0x18cc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:45:17.0761 0x18cc  usbvideo - ok
22:45:17.0777 0x18cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:45:17.0777 0x18cc  UxSms - ok
22:45:17.0793 0x18cc  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc        C:\Windows\system32\lsass.exe
22:45:17.0793 0x18cc  VaultSvc - ok
22:45:17.0824 0x18cc  [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus        C:\Windows\system32\DRIVERS\vcd10bus.sys
22:45:17.0824 0x18cc  vcd10bus - ok
22:45:17.0839 0x18cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:45:17.0839 0x18cc  vdrvroot - ok
22:45:17.0871 0x18cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:45:17.0886 0x18cc  vds - ok
22:45:17.0902 0x18cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:45:17.0902 0x18cc  vga - ok
22:45:17.0902 0x18cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:45:17.0917 0x18cc  VgaSave - ok
22:45:17.0917 0x18cc  VGPU - ok
22:45:17.0933 0x18cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:45:17.0933 0x18cc  vhdmp - ok
22:45:17.0949 0x18cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:45:17.0949 0x18cc  viaide - ok
22:45:17.0980 0x18cc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:45:17.0980 0x18cc  vmbus - ok
22:45:18.0011 0x18cc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:45:18.0011 0x18cc  VMBusHID - ok
22:45:18.0027 0x18cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:45:18.0027 0x18cc  volmgr - ok
22:45:18.0058 0x18cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:45:18.0058 0x18cc  volmgrx - ok
22:45:18.0073 0x18cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:45:18.0073 0x18cc  volsnap - ok
22:45:18.0105 0x18cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:45:18.0105 0x18cc  vsmraid - ok
22:45:18.0167 0x18cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:45:18.0183 0x18cc  VSS - ok
22:45:18.0229 0x18cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:45:18.0229 0x18cc  vwifibus - ok
22:45:18.0245 0x18cc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:45:18.0245 0x18cc  vwififlt - ok
22:45:18.0261 0x18cc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:45:18.0261 0x18cc  vwifimp - ok
22:45:18.0292 0x18cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:45:18.0292 0x18cc  W32Time - ok
22:45:18.0307 0x18cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:45:18.0307 0x18cc  WacomPen - ok
22:45:18.0339 0x18cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:45:18.0339 0x18cc  WANARP - ok
22:45:18.0339 0x18cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:45:18.0339 0x18cc  Wanarpv6 - ok
22:45:18.0401 0x18cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:45:18.0432 0x18cc  wbengine - ok
22:45:18.0448 0x18cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:45:18.0448 0x18cc  WbioSrvc - ok
22:45:18.0479 0x18cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:45:18.0495 0x18cc  wcncsvc - ok
22:45:18.0495 0x18cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:45:18.0510 0x18cc  WcsPlugInService - ok
22:45:18.0510 0x18cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:45:18.0510 0x18cc  Wd - ok
22:45:18.0541 0x18cc  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
22:45:18.0541 0x18cc  WDC_SAM - ok
22:45:18.0588 0x18cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:45:18.0604 0x18cc  Wdf01000 - ok
22:45:18.0619 0x18cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:45:18.0619 0x18cc  WdiServiceHost - ok
22:45:18.0619 0x18cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:45:18.0619 0x18cc  WdiSystemHost - ok
22:45:18.0651 0x18cc  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
22:45:18.0666 0x18cc  WebClient - ok
22:45:18.0682 0x18cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:45:18.0682 0x18cc  Wecsvc - ok
22:45:18.0697 0x18cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:45:18.0697 0x18cc  wercplsupport - ok
22:45:18.0713 0x18cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:45:18.0713 0x18cc  WerSvc - ok
22:45:18.0729 0x18cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:45:18.0729 0x18cc  WfpLwf - ok
22:45:18.0744 0x18cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:45:18.0744 0x18cc  WIMMount - ok
22:45:18.0760 0x18cc  WinDefend - ok
22:45:18.0775 0x18cc  WinHttpAutoProxySvc - ok
22:45:18.0807 0x18cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:45:18.0822 0x18cc  Winmgmt - ok
22:45:18.0900 0x18cc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:45:18.0931 0x18cc  WinRM - ok
22:45:18.0978 0x18cc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:45:18.0978 0x18cc  WinUsb - ok
22:45:19.0009 0x18cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:45:19.0025 0x18cc  Wlansvc - ok
22:45:19.0150 0x18cc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:45:19.0197 0x18cc  wlidsvc - ok
22:45:19.0212 0x18cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:45:19.0212 0x18cc  WmiAcpi - ok
22:45:19.0228 0x18cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:45:19.0228 0x18cc  wmiApSrv - ok
22:45:19.0243 0x18cc  WMPNetworkSvc - ok
22:45:19.0243 0x18cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:45:19.0243 0x18cc  WPCSvc - ok
22:45:19.0275 0x18cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:45:19.0275 0x18cc  WPDBusEnum - ok
22:45:19.0290 0x18cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:45:19.0290 0x18cc  ws2ifsl - ok
22:45:19.0306 0x18cc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:45:19.0306 0x18cc  wscsvc - ok
22:45:19.0306 0x18cc  WSearch - ok
22:45:19.0399 0x18cc  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:45:19.0446 0x18cc  wuauserv - ok
22:45:19.0462 0x18cc  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:45:19.0477 0x18cc  WudfPf - ok
22:45:19.0493 0x18cc  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:45:19.0493 0x18cc  WUDFRd - ok
22:45:19.0524 0x18cc  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:45:19.0524 0x18cc  wudfsvc - ok
22:45:19.0540 0x18cc  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:45:19.0555 0x18cc  WwanSvc - ok
22:45:19.0571 0x18cc  ================ Scan global ===============================
22:45:19.0571 0x18cc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:45:19.0602 0x18cc  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
22:45:19.0618 0x18cc  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
22:45:19.0633 0x18cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:45:19.0665 0x18cc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:45:19.0680 0x18cc  [ Global ] - ok
22:45:19.0680 0x18cc  ================ Scan MBR ==================================
22:45:19.0680 0x18cc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:45:20.0070 0x18cc  \Device\Harddisk0\DR0 - ok
22:45:20.0101 0x18cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:45:20.0117 0x18cc  \Device\Harddisk1\DR1 - ok
22:45:20.0117 0x18cc  ================ Scan VBR ==================================
22:45:20.0117 0x18cc  [ 355F25A2C94CFF5A3CE43C0BC131766E ] \Device\Harddisk0\DR0\Partition1
22:45:20.0117 0x18cc  \Device\Harddisk0\DR0\Partition1 - ok
22:45:20.0117 0x18cc  [ F5B9981B0F7190F76A8136B14E914526 ] \Device\Harddisk0\DR0\Partition2
22:45:20.0117 0x18cc  \Device\Harddisk0\DR0\Partition2 - ok
22:45:20.0117 0x18cc  [ 4CE55692190E542CB094D8ACCB6B39E7 ] \Device\Harddisk0\DR0\Partition3
22:45:20.0117 0x18cc  \Device\Harddisk0\DR0\Partition3 - ok
22:45:20.0117 0x18cc  [ 9CE6BE896684F40EBB0662187EBCF17B ] \Device\Harddisk1\DR1\Partition1
22:45:20.0117 0x18cc  \Device\Harddisk1\DR1\Partition1 - ok
22:45:20.0117 0x18cc  ================ Scan generic autorun ======================
22:45:20.0445 0x18cc  [ 3E29E8CA08090F0CDE23247C8C74A542, D348415E0C9AE37F9C1017B9DA53C7F2FAE6FF6665F593A0686B9738C31CEAE3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:45:20.0601 0x18cc  RtHDVCpl - ok
22:45:20.0710 0x18cc  [ 65600640A94863057D4AAB7258624310, 03322787A79C26C57C762EA5FEF8473AA6022900122FBC377AD9C057D65AF4D2 ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
22:45:20.0757 0x18cc  itype - ok
22:45:20.0835 0x18cc  [ DC2755EB981280C312E7BE5EE8CF5D62, 4E52976235B1D2E756235F988709D84E9D83D60927138376BDE1405902997997 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
22:45:20.0881 0x18cc  IntelliPoint - ok
22:45:20.0913 0x18cc  [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
22:45:20.0913 0x18cc  NUSB3MON - ok
22:45:20.0959 0x18cc  [ DD15C00E74B0F4BC80B274EE1B59EEB7, 21C95A6718967165D8656158844DD4A85061483C3A36128A41192B5792918C82 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
22:45:20.0975 0x18cc  KiesTrayAgent - ok
22:45:21.0084 0x18cc  [ E9D487CD45E4647C28729BDCB7BC0B8A, 469941F1D6DED057C1AB2D1CBCB2073BA46CE5B7FF4D391478DA156F803BA964 ] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
22:45:21.0147 0x18cc  Babylon Client - ok
22:45:21.0225 0x18cc  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:45:21.0240 0x18cc  avgnt - ok
22:45:21.0303 0x18cc  [ 3CD5FD3FED5388DC01A072DB5D06C9CD, BED3D0CE4EF7A8D0FAB8B1E2E519D2B7F9BB81E62F5CBC6C968179FC20956165 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:45:21.0318 0x18cc  StartCCC - ok
22:45:21.0365 0x18cc  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
22:45:21.0365 0x18cc  Avira Systray - ok
22:45:21.0443 0x18cc  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:45:21.0459 0x18cc  Adobe ARM - ok
22:45:21.0490 0x18cc  [ 9E279D1BC39F5C6C530F0A0DB1D2DC98, A8CBB368E306DD72671B63A25C595E0F360768CBBB5C42C01899343BB7B79023 ] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
22:45:21.0490 0x18cc  EasyTuneVI - ok
22:45:21.0552 0x18cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:45:21.0568 0x18cc  Sidebar - ok
22:45:21.0583 0x18cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:45:21.0599 0x18cc  mctadmin - ok
22:45:21.0630 0x18cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:45:21.0646 0x18cc  Sidebar - ok
22:45:21.0661 0x18cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:45:21.0661 0x18cc  mctadmin - ok
22:45:21.0708 0x18cc  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\hns\AppData\Local\Facebook\Update\FacebookUpdate.exe
22:45:21.0708 0x18cc  Facebook Update - ok
22:45:21.0755 0x18cc  [ 5A7AC932FC9CDD4CFA0528913D831348, 75B56634B61CE633AD3AEB8C6550E8B96A2844A26CD52267D7D193A63FD76397 ] C:\Program Files\Sandboxie\SbieCtrl.exe
22:45:21.0771 0x18cc  SandboxieControl - ok
22:45:21.0771 0x18cc  EA Core - ok
22:45:21.0802 0x18cc  [ 760ACD103FFB86AD65DC41CDEB08ABCF, 518DBEA24FB54D54BD17E0940ADD49134525D161A62C2E9D71FD876CE3E97D7B ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
22:45:21.0817 0x18cc  KiesAirMessage - ok
22:45:21.0880 0x18cc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\hns\AppData\Local\Google\Update\GoogleUpdate.exe
22:45:21.0880 0x18cc  Google Update - ok
22:45:21.0927 0x18cc  GoogleDriveSync - ok
22:45:21.0958 0x18cc  [ B4619D2ECFE03196CB5919DC69A096EF, E4002B5A14217E904C85B27326E7BD88CD4B2CB0FACD645C9153CD211464D585 ] C:\Program Files (x86)\ActivePath\Bank Leumi\LeumiComposer.exe
22:45:21.0958 0x18cc  ActiveMail Leumi Composer - ok
22:45:21.0958 0x18cc  IDM - ok
22:45:22.0176 0x18cc  [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
22:45:22.0285 0x18cc  CCleaner Monitoring - ok
22:45:22.0348 0x18cc  [ 94F74EB563783C56A3F599D39609E75A, CACFFCB326FB809DF28812882F107EE5A68215ADAF55A7D09F62E7A097115922 ] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE
22:45:22.0348 0x18cc  Zoner Photo Studio Autoupdate - ok
22:45:22.0473 0x18cc  [ 7E6B4AD487ED241D8224108E8E86A351, 8246F75DF64BBCC35CDC8DFF2F5157AD9523179344AC0517D42BAC99F2E87E8D ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
22:45:22.0488 0x18cc  FlashPlayerUpdate - ok
22:45:22.0488 0x18cc  Waiting for KSN requests completion. In queue: 128
22:45:23.0502 0x18cc  Waiting for KSN requests completion. In queue: 128
22:45:24.0516 0x18cc  Waiting for KSN requests completion. In queue: 128
22:45:25.0530 0x18cc  Waiting for KSN requests completion. In queue: 128
22:45:26.0544 0x18cc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
22:45:26.0560 0x18cc  Win FW state via NFP2: enabled
22:45:29.0352 0x18cc  ============================================================
22:45:29.0352 0x18cc  Scan finished
22:45:29.0352 0x18cc  ============================================================
22:45:29.0352 0x0ccc  Detected object count: 0
22:45:29.0352 0x0ccc  Actual detected object count: 0
 

 

zcMPezJ.pngAdwCleaner

 

# AdwCleaner v4.206 - Logfile created 02/06/2015 at 22:59:50
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : hns - HNS-PC
# Running from : C:\Users\hns\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\hns\AppData\Roaming\ASSDraw3.cfg
File Found : C:\Users\hns\AppData\Roaming\BurningROMPortable_12.6.1.0.paf.exe
File Found : C:\Users\hns\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\Program Files (x86)\Minilyrics
Folder Found : C:\Program Files\Babylon
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\hns\AppData\Local\Babylon
Folder Found : C:\Users\hns\AppData\Roaming\Babylon
Folder Found : C:\Users\hns\AppData\Roaming\Minilyrics
Folder Found : C:\Users\hns\AppData\Roaming\OpenCandy

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Babylon
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Key Found : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Found : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Babylon
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\.bdc
Key Found : HKLM\SOFTWARE\Classes\.bgl
Key Found : HKLM\SOFTWARE\Classes\.bof
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Found : HKLM\SOFTWARE\Classes\BabyDict
Key Found : HKLM\SOFTWARE\Classes\BabyGloss
Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Key Found : HKLM\SOFTWARE\Classes\BabyOptFile
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Found : HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 en-US)

[wrvwz3u7.default-1433158132421] - Line Found : user_pref("extensions.enabledAddons", "ocr%40babylon.com:1.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1");
[wrvwz3u7.default-1433158132421] - Line Found : user_pref("extensions.xpiState", "{\"app-profile\":{\"jid1-QL2xtvfKt4r4kA@jetpack\":{\"d\":\"C:\\\\Users\\\\hns\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\wrvwz3u7.default-143315813242[...]

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7295 bytes] - [02/06/2015 22:59:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7354 bytes] ##########
 

 

 

lv0mVRW.pngJunkware Removal Tool

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.7 (06.01.2015:1)
OS: Windows 7 Ultimate x64
Ran by hns on 02-06-15 at 23:17:01.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\babylon client



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\BABYLON.EXE-9D5C5354.pf
Successfully deleted: [File] C:\Windows\prefetch\BABYLONHELPER64.EXE-31FFE3EB.pf
Successfully deleted: [File] C:\Users\hns\AppData\Roaming\microsoft\internet explorer\quick launch\babylon.lnk



~~~ Folders

Failed to delete: [Folder] C:\Program Files (x86)\babylon
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{10531177-0B18-4DF3-BFB1-F0B818AC0C23}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{1B852949-0148-4E57-B3FA-86C4B0CFDD81}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{2F44C97A-7ED3-40FF-9998-6901F6C3C92C}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{40F18C70-A2AA-4AC1-9DC6-94EA9E2655DE}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{47C019C3-AA90-4062-92E0-9D52EA3F7464}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{4C652319-FF26-4396-81DB-3F8C169C6CF4}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{6863EE03-7E1F-4059-B73D-12ACA3B23797}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{836D88D9-50C5-4251-8B10-4BE8AA734FDA}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{901CE498-1DEF-4B26-B812-BD2883C39412}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{9762DFEC-4DBC-45B4-9B9C-09E42A384F59}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{987E2D20-BBAB-4EB7-BC62-621B8A9BDAE5}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{A61AA274-E07A-44AB-871B-7660C4E64D61}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{C94D9741-0604-4514-B73C-5D5268C7A170}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{F74DFDBE-7376-47A8-8B43-91E995462EC2}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{F9CAC6A6-4716-49C1-B227-2BCDB09230EF}
Successfully deleted: [Empty Folder] C:\Users\hns\appdata\local\{FE77462C-EE16-407B-B552-DD33ABA58E49}
Successfully deleted: [Folder] C:\Program Files (x86)\Minilyrics
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\ProgramData\babylon
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\babylon
Successfully deleted: [Folder] C:\ProgramData\trymedia
Successfully deleted: [Folder] C:\Users\hns\appdata\local\babylon
Successfully deleted: [Folder] C:\Users\hns\AppData\Roaming\babylon
Successfully deleted: [Folder] C:\Users\hns\AppData\Roaming\opencandy
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\ocr@babylon.com
Successfully deleted the following from C:\Users\hns\AppData\Roaming\mozilla\firefox\profiles\wrvwz3u7.default-1433158132421\prefs.js

user_pref(extensions.xpiState, {\app-profile\:{\jid1-QL2xtvfKt4r4kA@jetpack\:{\d\:\C:\\\\Users\\\\hns\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\wrvw





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02-06-15 at 23:19:34.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

cvMlKv6.pngESET Online Scanner

 

E:\Softwares\Microsoft & OS\Office 2010\Office Toolkit\OFFICE10TOOKIT\OTK2010V2 (Installed).zip    a variant of MSIL/HackKMS.A potentially unsafe application    
E:\Softwares\Occasional\Burning Tools\SetupImgBurn_2.5.5.0.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Program Files (x86)\USB Safely Remove\usb.safely.remove.v4.3.2.950-ismail.exe    a variant of Win32/HackTool.Patcher.A potentially unsafe application    cleaned by deleting - quarantined
C:\Users\hns\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\2c251fd6-2d0947c9    multiple threats    cleaned by deleting - quarantined
C:\Users\hns\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\42057fb4-5c24dcd7    a variant of Java/JShrink.A potentially unsafe application    deleted - quarantined
C:\Users\hns\AppData\Roaming\uTorrent\ism.exe    Win32/Toolbar.Conduit.AP potentially unwanted application    deleted - quarantined
C:\Windows\AutoKMS.exe    MSIL/HackKMS.A potentially unsafe application    cleaned by deleting - quarantined
D:\Games\The Sims 4.rar    Win32/HackTool.Crack.CY potentially unsafe application    deleted
D:\Games\The_Sims_4_fix.rar    Win32/HackTool.Crack.CY potentially unsafe application    deleted - quarantined
D:\Games\Crysis-Razor1911\rzr-crys.iso    a variant of Win32/Keygen.GU potentially unsafe application    deleted - quarantined
D:\Games\The Sims 4\setup5.cab    Win32/HackTool.Crack.CY potentially unsafe application    deleted - quarantined
D:\Games\Tom.Clancys.Splinter.Cell.Conviction-SKIDROW\sr-tcscc.iso    a variant of Win32/Packed.VMProtect.AAA trojan    deleted
E:\Games\Max.Payne.3-RELOADED\Updates\Max.Payne.3.Update.v1.0.0.22-RELOADED.zip    a variant of Win32/Packed.VMProtect.AAH trojan    deleted - quarantined
E:\Games\Max.Payne.3-RELOADED\Updates\Max.Payne.3.Update.v1.0.0.49-RELOADED.rar    a variant of Win32/Packed.VMProtect.AAH trojan    deleted - quarantined
E:\Games\Max.Payne.3-RELOADED\Updates\Max Payne 3 Update v1.0.0.29-RELOADED [ UPDATE ][ Www.EliteDescargas.Com ]\Max.Payne.3.Update.v1.0.0.29-RELOADED\rld-mp310029.rar    a variant of Win32/Packed.VMProtect.AAH trojan    deleted - quarantined
E:\Games\Max.Payne.3-RELOADED\Updates\Max.Payne.3.CRACK.ONLY-RELOADED\gsrld.dll    Win32/HackTool.Crack.CZ potentially unsafe application    cleaned by deleting - quarantined
E:\Games\Max.Payne.3-RELOADED\Updates\Max.Payne.3.Update.v1.0.0.47-RELOADED\Crack\gsrld.dll    a variant of Win32/Packed.VMProtect.AAH trojan    cleaned by deleting - quarantined
E:\Games\Max.Payne.3-RELOADED\Updates\Max.Payne.3.Update.v1.0.0.55-RELOADED\Crack\gsrld.dll    a variant of Win32/Packed.VMProtect.AAH trojan    cleaned by deleting - quarantined
E:\Games\Memento.Mori.MULTi4-PROPHET\ppt-memo.iso    Win32/HackTool.Crack.BQ potentially unsafe application    deleted - quarantined
E:\Softwares\Microsoft & OS\Office 2010\Microsoft.Office.2010.ProfessionalPlus.VL.Edition.x86.and.x64-ZWTiSO\zmoppv14.rar    Win32/HackKMS.A potentially unsafe application    deleted
E:\Softwares\Microsoft & OS\Office 2010\Office Toolkit\OTK2010V2\Office 2010 Toolkit.exe    a variant of MSIL/HackKMS.A potentially unsafe application    cleaned by deleting
E:\Softwares\Microsoft & OS\Windows 7\Windows.7.Loader.eXtreme.Edition.v3.502-NAPALUM.rar    a variant of Win32/HackTool.WinActivator.J potentially unsafe application    deleted
E:\Softwares\Microsoft & OS\Windows XP SP3 VLK\WXPVOL_EN.ISO    a variant of Win32/MagicalJellyBean.A potentially unsafe application    deleted
E:\Softwares\Occasional\HiDownload.Platinum.v7.992.Incl.Keymaker-CORE.rar    a variant of Win32/Keygen.BH potentially unsafe application    deleted - quarantined
 

Second Online ESET Scan log:

E:\Softwares\Microsoft & OS\Office 2010\Office Toolkit\OFFICE10TOOKIT\OTK2010V2 (Installed).zip    a variant of MSIL/HackKMS.A potentially unsafe application    deleted - quarantined
E:\Softwares\Occasional\Burning Tools\SetupImgBurn_2.5.5.0.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
 

 

51a46ae42d560-malwarebytes_anti_malware. Malwarebytes Anti-Malware

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03-06-15
Scan Time: 16:21:08
Logfile: MalwareBytes Scan Log.txt
Administrator: Yes

Version: 0.00.0.0000
Malware Database: v2015.06.03.03
Rootkit Database: v2015.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: hns

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371182
Time Elapsed: 11 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,439 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:05 AM

Posted 03 June 2015 - 03:01 PM

Ok.. Lets remove what ADW found.

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • We removed a lot of cracks and Keygens so I am going to show you this.
    Mainly because we have an infection I cannot remove. "Babylon"

    You should be more concerned as to what the Eset scan detected:

    C:\Documents and Settings\Les\Desktop\Programs\Dreamweaver MX\keygen.exe...a variant of Win32/Keygen.CY application


    The practice of using keygens, hacking tools, cracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk.


    Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

    TrendMicro Warning


    ...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

    Keygen and Crack Sites Distribute VIRUX and FakeAV


    ...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

    University of Washington spyware study


    ...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

    Bad Web Sites: Malware


    ...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

    Microsoft Reveals the Risks of Using Pirated XP and Office
    Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

    When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting
and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!

<><><><><><><><><><

To try to remove the Babylon infection we will need to repost...

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 person721

person721
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 03 June 2015 - 03:59 PM

Hey!

Thank you for responding quickly.

 

Everything went well, and I thank you for your time and effort in helping me with my problem.

 

I used Babylon for quite some time for translation purposes (Not through toolbar).

I'm quite surprised that Babylon is considered some kind of malware. Do you why is it considered a malware?

 

 

Here is the AdwCleaner log.

 

Thanks!

 

AdwCleaner log

 

# AdwCleaner v4.206 - Logfile created 03/06/2015 at 23:33:43
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : hns - HNS-PC
# Running from : C:\Users\hns\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files\Babylon
File Deleted : C:\Users\hns\AppData\Roaming\ASSDraw3.cfg
File Deleted : C:\Users\hns\AppData\Roaming\BurningROMPortable_12.6.1.0.paf.exe

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\.bof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.5 (x86 en-US)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7505 bytes] - [02/06/2015 22:59:50]
AdwCleaner[R1].txt - [5962 bytes] - [03/06/2015 19:44:07]
AdwCleaner[R2].txt - [6021 bytes] - [03/06/2015 23:05:47]
AdwCleaner[R3].txt - [6080 bytes] - [03/06/2015 23:06:53]
AdwCleaner[S0].txt - [5866 bytes] - [03/06/2015 23:33:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5925  bytes] ##########
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,439 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:05 AM

Posted 03 June 2015 - 07:35 PM

Appears we did get it after all..
You do not need to repost.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
You should be clean now. It's up to for how long.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 person721

person721
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 04 June 2015 - 09:10 AM

Thanks boopme, you helped me alot! :)



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,439 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:05 AM

Posted 04 June 2015 - 03:10 PM

You're most welcome from us all.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users