Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if malware/virus or internet outage


  • Please log in to reply
12 replies to this topic

#1 Run2Ron

Run2Ron

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 23 August 2015 - 09:06 PM

Happy Monday sirs or misses! Hope this week treats you all well!

Thank you for taking the time to read this, I am at a lost, I have had an issue before where I shut down my computer and got crazy malware that ate up my internet speed and caused major lag. I ran housecall, malwarebytes and that resolved the issue.

 

Couple months later I forgot about it and decided to shut down and the same thing happened again. This time though Malwarebytes can no longer detect the issue and tried housecall and adaware also and detects nothing. I am at a lost if I have a malware of comcast internet outage in my area. I am at the ropes and and may have to reformat come worst case scenario and decided to try my luck here!

 

My internet is now at a crawl and my memory usage is 1-2 gigabytes higher than normal. 

Thank you very much for your time and troubles, any help is greatly appreciated and have my deepest gratitude

 

Oops I am using Win7 btw ty!


Edited by Run2Ron, 24 August 2015 - 08:33 PM.


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 24 August 2015 - 01:52 PM

Hello Run2Ron, lets also see what these say.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Run2Ron

Run2Ron
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 24 August 2015 - 06:57 PM

Hello sir! I hope this monday treated you well! 

 

the logs will go in this order

 

1.JRT

2.MTB

3.TDSS

 

 

1............... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Professional x64
Ran by euclidck on Mon 08/24/2015 at 18:44:27.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\euclidck\AppData\Roaming\speedrunnerslog.txt
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage-journal
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsmode.com_0.localstorage
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsmode.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\euclidck\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\euclidck\Appdata\Local\{3D3C27D1-3EA6-457D-8040-9074D9D3F8E9}
Successfully deleted: [Empty Folder] C:\Users\euclidck\Appdata\Local\{6C770E8B-1509-4C7A-A109-3C2B5B339374}
Successfully deleted: [Empty Folder] C:\Users\euclidck\Appdata\Local\{724244B2-FC60-48B7-A5D1-70B47E731FFA}
Successfully deleted: [Empty Folder] C:\Users\euclidck\Appdata\Local\{D9CB5AB8-C8CD-4204-8902-05688099B0A6}
Successfully deleted: [Empty Folder] C:\Users\euclidck\Appdata\Local\{DEDBB2D5-13E9-4DD9-AA29-A9D6286435C8}
Successfully deleted: [Folder] C:\Users\euclidck\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\euclidck\AppData\Roaming\mozilla\firefox\profiles\4z8k1l4s.default\minidumps [1 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\euclidck\Appdata\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil
 
[C:\Users\euclidck\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\euclidck\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
elicpjhcidhpjomhibiffojpinpmmpil
 
[C:\Users\euclidck\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\euclidck\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  booedmolknjekdopkepjjeckmjkdpfgl,
  elicpjhcidhpjomhibiffojpinpmmpil,
  flpcjncodpafbgdpnkljologafpionhb
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/24/2015 at 18:46:53.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
2... MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by euclidck (administrator) on 24-08-2015 at 18:09:05
Running from "C:\Users\euclidck\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: OptiPlex 990 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : euclidck-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : 5C-F9-DD-6C-9D-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed42:86e4:42ed:624%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 23, 2015 9:33:30 PM
   Lease Expires . . . . . . . . . . : Tuesday, August 25, 2015 9:33:29 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 240974301
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-62-10-CE-5C-F9-DD-6C-9D-B0
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.il.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:4009:806::1009
 216.58.216.238
 
 
Pinging google.com [216.58.216.238] with 32 bytes of data:
Reply from 216.58.216.238: bytes=32 time=12ms TTL=54
Reply from 216.58.216.238: bytes=32 time=14ms TTL=54
 
Ping statistics for 216.58.216.238:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 14ms, Average = 13ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=66ms TTL=53
Reply from 206.190.36.45: bytes=32 time=67ms TTL=53
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 66ms, Maximum = 67ms, Average = 66ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...5c f9 dd 6c 9d b0 ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.103     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.103    276
    192.168.1.103  255.255.255.255         On-link     192.168.1.103    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.103    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.103    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.103    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::ed42:86e4:42ed:624/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/23/2015 09:35:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2015 09:34:15 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/23/2015 04:52:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2015 04:51:15 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/22/2015 08:36:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0
Faulting module name: Adobe AIR.dll, version: 3.7.0.1530, time stamp: 0x5156646c
Exception code: 0xc0000005
Fault offset: 0x0006dd76
Faulting process id: 0x35a4
Faulting application start time: 0xLolClient.exe0
Faulting application path: LolClient.exe1
Faulting module path: LolClient.exe2
Report Id: LolClient.exe3
 
Error: (08/21/2015 06:23:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 06:22:24 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/21/2015 04:22:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 04:20:48 AM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/19/2015 10:09:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17923, time stamp: 0x55945dbd
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc0000005
Fault offset: 0x000000000004ada4
Faulting process id: 0x3d7c
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
 
System errors:
=============
Error: (08/24/2015 01:16:28 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (08/24/2015 01:16:25 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (08/23/2015 09:35:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (08/23/2015 09:34:15 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (08/23/2015 09:32:25 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/23/2015 04:52:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (08/23/2015 04:51:15 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (08/23/2015 04:50:43 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error: 
%%0
 
Error: (08/23/2015 04:49:35 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/23/2015 12:07:55 AM) (Source: Service Control Manager) (User: )
Description: The TdmService service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (08/23/2015 09:35:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2015 09:34:15 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/23/2015 04:52:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/23/2015 04:51:15 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/22/2015 08:36:36 AM) (Source: Application Error)(User: )
Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd7635a401d0dc9e0587736dE:\League\RADS\projects\lol_air_client\releases\0.0.1.157\deploy\LolClient.exeE:\League\RADS\projects\lol_air_client\releases\0.0.1.157\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dllcef4899d-48d2-11e5-91d1-5cf9dd6c9db0
 
Error: (08/21/2015 06:23:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 06:22:24 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/21/2015 04:22:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 04:20:48 AM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (08/19/2015 10:09:52 PM) (Source: Application Error)(User: )
Description: GWXUX.exe6.3.9600.1792355945dbdntdll.dll6.1.7601.18869556366f2c0000005000000000004ada43d7c01d0daf5ab22a728C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dllec2aae46-46e8-11e5-a407-5cf9dd6c9db0
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-08-23 00:43:16.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:43:16.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:43:16.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.887
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-23 00:39:23.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-22 10:25:41.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Ad-Aware Antivirus (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}_AdAwareUpdater) (Version: 11.7.485.8398 - Lavasoft)
AdAwareInstaller (HKLM\...\{8C334A6E-504A-4C88-9C53-3AEF9FB5D20A}) (Version: 11.7.485.8398 - Lavasoft) Hidden
AdAwareUpdater (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}) (Version: 11.7.485.8398 - Lavasoft) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version:  - SkyBox Labs)
Airships: Conquer the Skies (HKLM-x32\...\Steam App 342560) (Version:  - David Stark)
AntimalwareEngine (HKLM\...\{6E5FAEC8-C3C1-44E8-B8DE-CE3F9568BF85}) (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (HKLM\...\{1709362D-96F4-4FF7-BAD3-FB8BA71F3626}) (Version: 2.4.3171.0 - Lavasoft) Hidden
ATI Catalyst Install Manager (HKLM\...\{52332168-ED5B-63D4-E3E7-414BFD2C81BC}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
AvcEngine (HKLM\...\{235E711E-20A7-4BF4-8913-B295343A4996}) (Version: 3.10.7820.0 - Lavasoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battleplan: American Civil War (HKLM-x32\...\Steam App 285130) (Version:  - The Mustard Corporation)
BioAPI Framework (HKLM\...\{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}) (Version: 1.0.2 - Dell Inc.) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Chroma Squad (HKLM-x32\...\1430123043_is1) (Version: 2.0.0.1 - GOG.com)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Cossacks II: Battle for Europe (HKLM-x32\...\Steam App 4890) (Version:  - GSC Game World)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version:  - GSC Game World)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Custom (HKLM\...\{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}) (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4822 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DanceWall Remix (HKLM-x32\...\Steam App 303850) (Version:  - Extreme Reality)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}) (Version: 1.2.1 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.002 - Dell Inc.)
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Detect (HKCU\...\73f463568823ebbe) (Version: 6.1.0.3 - Dell)
DellAccess (HKLM\...\{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}) (Version: 01.01.00.072 - Wave Systems Corp.) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
Dominions 4 (HKLM-x32\...\Steam App 259060) (Version:  - Illwinter Game Design)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKCU\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Elsword (HKLM-x32\...\Steam App 237310) (Version:  - KOG)
EMBASSY Security Center (HKLM\...\{EEAFE1E5-076B-430A-96D9-B567792AFA88}) (Version: 04.03.00.121 - Wave Systems Corp.) Hidden
Evaer Video Recorder for Skype 1.6.2.39 (HKLM-x32\...\Evaer Video Recorder for Skype) (Version: 1.6.2.39 - Evaer Technology)
Evil Genius (HKLM-x32\...\Evil Genius_is1) (Version:  - GOG.com)
FaceRig v0.69b (Build 271) (HKLM-x32\...\{DD6E05DA-9BBA-4E1F-98BE-E3BA5A522232}) (Version: 0.69 - Holotech Studios)
FirewallEngine (HKLM\...\{877C7A27-7529-4B0C-BA7B-4D697E90DDC1}) (Version: 1.6.0.0 - Lavasoft) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeMouseAutoClicker 3.5 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version:  - Joycity)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Gemalto (HKLM\...\{91CE5F03-3A2A-4268-935A-04944F058AE9}) (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel® Network Connections 16.8.45.00 (HKLM\...\PROSetDX) (Version: 16.8.45.00 - Dell)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.0 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
Lethal League (HKLM-x32\...\Steam App 261180) (Version:  - Team Reptile)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTRU TCG Software Stack (HKLM\...\{414B7B9C-B353-4821-9393-78AE034079E7}) (Version: 2.1.36 - Security Innovation, Inc.) Hidden
OnlineThreatsEngine (HKLM\...\{A8F67345-FA75-4E99-AEBA-DE9BFE708A49}) (Version: 2.2.3.0 - Lavasoft) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Preboot Manager (HKLM\...\{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}) (Version: 03.03.00.074 - Wave Systems Corp.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Private Information Manager (HKLM\...\{0B0A2153-58A6-4244-B458-25EDF5FCD809}) (Version: 07.01.00.022 - Wave Systems Corp.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 5.11 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5883 - Realtek Semiconductor Corp.)
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Space Colony Steam Edition (HKLM-x32\...\Space Colony Steam Edition_is1) (Version:  - )
SPBA 5.9 (HKLM\...\{2EECD5EF-5095-467C-B80C-4AB3096EFD60}) (Version: 5.9.4.6686 - UPEK Inc.) Hidden
SpeedRunners Party Mode (HKLM-x32\...\Steam App 338680) (Version:  - DoubleDutch Games)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version:  - Gas Powered Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Trusted Drive Manager (HKLM\...\{6AC87FB3-ACFC-4416-890C-8976D5A9B371}) (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
Ultimate General: Gettysburg (HKLM-x32\...\Steam App 306660) (Version:  - Game-Labs)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Upek Touchchip Fingerprint Reader (HKLM\...\{4E60E212-3177-4B16-BCB3-616CCC52357D}) (Version: 1.2.004 - Dell Inc.) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Victoria II (HKLM-x32\...\Steam App 42960) (Version:  - Paradox Development Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Wave Infrastructure Installer (HKLM\...\{777FF553-493D-4068-BAC7-EE2D73DB7434}) (Version: 07.67.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (HKLM\...\{07D618CD-B016-438A-ADC9-A75BD23F85CE}) (Version: 05.13.00.033 - Wave Systems Corp) Hidden
WebM Project Directshow Filters (HKCU\...\webmdshow) (Version:  - )
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)
Zeus and Poseidon (HKLM-x32\...\Zeus and Poseidon_is1) (Version:  - GOG.com)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 12245.02 MB
Available physical RAM: 7582.41 MB
Total Virtual: 24488.24 MB
Available Virtual: 20076.88 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:221.55 GB) (Free:26.2 GB) NTFS
2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
3 Drive e: () (Fixed) (Total:238.37 GB) (Free:60.22 GB) NTFS
4 Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
5 Drive g: () (Fixed) (Total:931.41 GB) (Free:282.98 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\EUCLIDCK-PC
 
Administrator            euclidck                 Guest                    
 
 
**** End of log ****
 
 
 
 
 
3.....18:48:27.0534 0xc9f8  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
18:48:29.0834 0xc9f8  ============================================================
18:48:29.0834 0xc9f8  Current date / time: 2015/08/24 18:48:29.0834
18:48:29.0834 0xc9f8  SystemInfo:
18:48:29.0834 0xc9f8  
18:48:29.0834 0xc9f8  OS Version: 6.1.7601 ServicePack: 1.0
18:48:29.0834 0xc9f8  Product type: Workstation
18:48:29.0834 0xc9f8  ComputerName: EUCLIDCK-PC
18:48:29.0834 0xc9f8  UserName: euclidck
18:48:29.0834 0xc9f8  Windows directory: C:\Windows
18:48:29.0834 0xc9f8  System windows directory: C:\Windows
18:48:29.0834 0xc9f8  Running under WOW64
18:48:29.0834 0xc9f8  Processor architecture: Intel x64
18:48:29.0834 0xc9f8  Number of processors: 8
18:48:29.0834 0xc9f8  Page size: 0x1000
18:48:29.0834 0xc9f8  Boot type: Normal boot
18:48:29.0834 0xc9f8  ============================================================
18:48:29.0834 0xc9f8  BG loaded
18:48:30.0034 0xc9f8  System UUID: {3F8A1874-BCC1-2437-9C06-B1D7D72244AD}
18:48:30.0474 0xc9f8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:48:30.0474 0xc9f8  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:48:30.0504 0xc9f8  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:48:30.0534 0xc9f8  ============================================================
18:48:30.0534 0xc9f8  \Device\Harddisk0\DR0:
18:48:30.0534 0xc9f8  MBR partitions:
18:48:30.0534 0xc9f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1698000
18:48:30.0534 0xc9f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16AC000, BlocksNum 0x1BB18000
18:48:30.0534 0xc9f8  \Device\Harddisk1\DR1:
18:48:30.0534 0xc9f8  MBR partitions:
18:48:30.0534 0xc9f8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:48:30.0534 0xc9f8  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
18:48:30.0534 0xc9f8  \Device\Harddisk2\DR2:
18:48:30.0534 0xc9f8  MBR partitions:
18:48:30.0534 0xc9f8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:48:30.0534 0xc9f8  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
18:48:30.0534 0xc9f8  ============================================================
18:48:30.0584 0xc9f8  C: <-> \Device\Harddisk0\DR0\Partition2
18:48:30.0584 0xc9f8  D: <-> \Device\Harddisk1\DR1\Partition1
18:48:30.0584 0xc9f8  E: <-> \Device\Harddisk1\DR1\Partition2
18:48:30.0604 0xc9f8  F: <-> \Device\Harddisk2\DR2\Partition1
18:48:30.0624 0xc9f8  G: <-> \Device\Harddisk2\DR2\Partition2
18:48:30.0624 0xc9f8  ============================================================
18:48:30.0624 0xc9f8  Initialize success
18:48:30.0624 0xc9f8  ============================================================
18:48:35.0903 0xca24  ============================================================
18:48:35.0903 0xca24  Scan started
18:48:35.0903 0xca24  Mode: Manual; SigCheck; TDLFS; 
18:48:35.0903 0xca24  ============================================================
18:48:35.0903 0xca24  KSN ping started
18:48:38.0243 0xca24  KSN ping finished: true
18:48:39.0163 0xca24  ================ Scan system memory ========================
18:48:39.0173 0xca24  System memory - ok
18:48:39.0173 0xca24  ================ Scan services =============================
18:48:39.0333 0xca24  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:48:39.0383 0xca24  1394ohci - ok
18:48:39.0423 0xca24  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:48:39.0433 0xca24  ACPI - ok
18:48:39.0453 0xca24  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:48:39.0463 0xca24  AcpiPmi - ok
18:48:39.0543 0xca24  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:48:39.0563 0xca24  AdobeARMservice - ok
18:48:39.0603 0xca24  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:48:39.0623 0xca24  adp94xx - ok
18:48:39.0643 0xca24  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:48:39.0653 0xca24  adpahci - ok
18:48:39.0673 0xca24  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:48:39.0683 0xca24  adpu320 - ok
18:48:39.0723 0xca24  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:48:39.0743 0xca24  AeLookupSvc - ok
18:48:39.0793 0xca24  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:48:39.0823 0xca24  AFD - ok
18:48:39.0833 0xca24  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:48:39.0833 0xca24  agp440 - ok
18:48:39.0853 0xca24  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:48:39.0863 0xca24  ALG - ok
18:48:39.0893 0xca24  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:48:39.0903 0xca24  aliide - ok
18:48:39.0933 0xca24  [ 5D179A815BD8B1C15BC046F94B3E9E0B, 69EABDE580CB9DBECD6695E8A4B3ACE3574C478DF5ADFCB1D14EE71F39FAB912 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:48:39.0963 0xca24  AMD External Events Utility - ok
18:48:39.0973 0xca24  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:48:39.0983 0xca24  amdide - ok
18:48:39.0993 0xca24  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:48:40.0003 0xca24  AmdK8 - ok
18:48:40.0223 0xca24  [ 06EA72E5A4851A42ACC38B82954840A0, 955B9F4E1EC065ACEA637AEA2C607D78AC911518E113878B49C1E68D611F2B16 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:48:40.0353 0xca24  amdkmdag - ok
18:48:40.0403 0xca24  [ A8F6B2145026972E62CBDA65D899EAFC, EC903C3071B93830BF6A840970B98F628404A3595B0B6F89F30F06E30DC41E72 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:48:40.0423 0xca24  amdkmdap - ok
18:48:40.0433 0xca24  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:48:40.0443 0xca24  AmdPPM - ok
18:48:40.0463 0xca24  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:48:40.0473 0xca24  amdsata - ok
18:48:40.0493 0xca24  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:48:40.0503 0xca24  amdsbs - ok
18:48:40.0513 0xca24  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:48:40.0513 0xca24  amdxata - ok
18:48:40.0553 0xca24  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:48:40.0573 0xca24  AppID - ok
18:48:40.0613 0xca24  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:48:40.0633 0xca24  AppIDSvc - ok
18:48:40.0683 0xca24  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
18:48:40.0693 0xca24  Appinfo - ok
18:48:40.0733 0xca24  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:48:40.0753 0xca24  AppMgmt - ok
18:48:40.0763 0xca24  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:48:40.0763 0xca24  arc - ok
18:48:40.0783 0xca24  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:48:40.0783 0xca24  arcsas - ok
18:48:40.0853 0xca24  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:48:40.0863 0xca24  aspnet_state - ok
18:48:40.0883 0xca24  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:48:40.0903 0xca24  AsyncMac - ok
18:48:40.0933 0xca24  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
18:48:40.0953 0xca24  atapi - ok
18:48:41.0043 0xca24  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:48:41.0063 0xca24  AudioEndpointBuilder - ok
18:48:41.0083 0xca24  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:48:41.0103 0xca24  AudioSrv - ok
18:48:41.0183 0xca24  [ E058520EEE9DAC4613D846596FF82D92, 0291075CA16ACB79F4989DE44D381F5742A2A3601F22C3600AE236D864E3370E ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
18:48:41.0203 0xca24  avc3 - ok
18:48:41.0267 0xca24  [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
18:48:41.0287 0xca24  avchv - ok
18:48:41.0307 0xca24  [ 62C4DB41DAEA0FC1F5CB103B023D1068, 8C04FDF08CB487A775C8970527AE8115D9CE538781C607F703EE49674C63BA56 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
18:48:41.0317 0xca24  avckf - ok
18:48:41.0347 0xca24  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:48:41.0357 0xca24  AxInstSV - ok
18:48:41.0397 0xca24  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:48:41.0417 0xca24  b06bdrv - ok
18:48:41.0427 0xca24  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:48:41.0447 0xca24  b57nd60a - ok
18:48:41.0457 0xca24  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:48:41.0467 0xca24  BDESVC - ok
18:48:41.0637 0xca24  [ 9920B815BC3B3F2D69071842DD18D422, 80D91191A49C7BA68C968C4FFED4F7A24E7C8F4169C7B45B4F55BBE6F6F22ED2 ] BdfNdisf        c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys
18:48:41.0647 0xca24  BdfNdisf - ok
18:48:41.0667 0xca24  [ A626DCB25F09E117421E1021CA3D22A0, D2BA10E7EFBE03589DC7AD088E1A1672539C83C427D9C88838DA5C1B92F65AC3 ] bdfwfpf         C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys
18:48:41.0677 0xca24  bdfwfpf - ok
18:48:41.0687 0xca24  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:48:41.0707 0xca24  Beep - ok
18:48:41.0757 0xca24  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:48:41.0777 0xca24  BFE - ok
18:48:41.0817 0xca24  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:48:41.0847 0xca24  BITS - ok
18:48:41.0877 0xca24  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:48:41.0877 0xca24  blbdrive - ok
18:48:41.0907 0xca24  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:48:41.0927 0xca24  bowser - ok
18:48:41.0947 0xca24  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:48:41.0967 0xca24  BrFiltLo - ok
18:48:41.0977 0xca24  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:48:41.0987 0xca24  BrFiltUp - ok
18:48:42.0017 0xca24  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:48:42.0027 0xca24  Browser - ok
18:48:42.0047 0xca24  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:48:42.0057 0xca24  Brserid - ok
18:48:42.0077 0xca24  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:48:42.0087 0xca24  BrSerWdm - ok
18:48:42.0087 0xca24  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:48:42.0097 0xca24  BrUsbMdm - ok
18:48:42.0107 0xca24  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:48:42.0117 0xca24  BrUsbSer - ok
18:48:42.0187 0xca24  [ 910B5BF2353D5D982D2F6B8F6454A00A, E27A0E9EDF50A935E83F4D5BD86C9B9B297F1B8193AFB7C28313B28B5A4B27A5 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
18:48:42.0217 0xca24  BstHdAndroidSvc - ok
18:48:42.0247 0xca24  [ 6A4D927BDEE8D9944FAA0012AF7AD232, F0B8642FB02628899CCE526A59A18E0A89456AA2385E82CD97B25CFC64C0E92E ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
18:48:42.0257 0xca24  BstHdDrv - ok
18:48:42.0287 0xca24  [ 95B960980034877821E7FB5BFE25136E, 64EA26E9E94767C9EBEEF26FEEAA3176BB7787785F5F20CB8BBB4C75F45AAAA1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
18:48:42.0297 0xca24  BstHdLogRotatorSvc - ok
18:48:42.0327 0xca24  [ 5EBFF8D302047F4709F3A4F1231236E9, 84010BB25C4C029C03C98853E8AC75F103D1F34922B0643ECD758CE21E7DE4A6 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
18:48:42.0347 0xca24  BstHdUpdaterSvc - ok
18:48:42.0367 0xca24  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:48:42.0377 0xca24  BTHMODEM - ok
18:48:42.0417 0xca24  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:48:42.0447 0xca24  bthserv - ok
18:48:42.0507 0xca24  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:48:42.0547 0xca24  cdfs - ok
18:48:42.0567 0xca24  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:48:42.0577 0xca24  cdrom - ok
18:48:42.0587 0xca24  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:48:42.0607 0xca24  CertPropSvc - ok
18:48:42.0617 0xca24  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:48:42.0627 0xca24  circlass - ok
18:48:42.0687 0xca24  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:48:42.0717 0xca24  CLFS - ok
18:48:42.0757 0xca24  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:48:42.0777 0xca24  clr_optimization_v2.0.50727_32 - ok
18:48:42.0817 0xca24  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:48:42.0827 0xca24  clr_optimization_v2.0.50727_64 - ok
18:48:42.0887 0xca24  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:48:42.0897 0xca24  clr_optimization_v4.0.30319_32 - ok
18:48:42.0917 0xca24  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:48:42.0927 0xca24  clr_optimization_v4.0.30319_64 - ok
18:48:42.0947 0xca24  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:48:42.0957 0xca24  CmBatt - ok
18:48:42.0977 0xca24  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:48:42.0987 0xca24  cmdide - ok
18:48:43.0037 0xca24  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:48:43.0057 0xca24  CNG - ok
18:48:43.0077 0xca24  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:48:43.0087 0xca24  Compbatt - ok
18:48:43.0113 0xca24  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:48:43.0127 0xca24  CompositeBus - ok
18:48:43.0157 0xca24  COMSysApp - ok
18:48:43.0167 0xca24  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:48:43.0187 0xca24  crcdisk - ok
18:48:43.0227 0xca24  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:48:43.0257 0xca24  CryptSvc - ok
18:48:43.0297 0xca24  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:48:43.0327 0xca24  CSC - ok
18:48:43.0347 0xca24  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:48:43.0367 0xca24  CscService - ok
18:48:43.0407 0xca24  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:48:43.0437 0xca24  DcomLaunch - ok
18:48:43.0457 0xca24  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:48:43.0487 0xca24  defragsvc - ok
18:48:43.0487 0xca24  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:48:43.0507 0xca24  DfsC - ok
18:48:43.0527 0xca24  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:48:43.0547 0xca24  Dhcp - ok
18:48:43.0647 0xca24  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:48:43.0677 0xca24  DiagTrack - ok
18:48:43.0697 0xca24  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:48:43.0717 0xca24  discache - ok
18:48:43.0747 0xca24  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:48:43.0757 0xca24  Disk - ok
18:48:43.0777 0xca24  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:48:43.0787 0xca24  dmvsc - ok
18:48:43.0807 0xca24  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:48:43.0827 0xca24  Dnscache - ok
18:48:43.0847 0xca24  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:48:43.0877 0xca24  dot3svc - ok
18:48:43.0887 0xca24  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:48:43.0907 0xca24  DPS - ok
18:48:43.0937 0xca24  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:48:43.0947 0xca24  drmkaud - ok
18:48:44.0007 0xca24  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:48:44.0037 0xca24  DXGKrnl - ok
18:48:44.0067 0xca24  [ 5DB7CEB8FB44ABF01614E33BAD2056E0, BF4A66F57340183B731F0C4409930E35AB44A5CA4A6BB9EA78BCDBAF558B53D9 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
18:48:44.0087 0xca24  e1cexpress - ok
18:48:44.0097 0xca24  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:48:44.0127 0xca24  EapHost - ok
18:48:44.0157 0xca24  EasyAntiCheat - ok
18:48:44.0277 0xca24  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:48:44.0337 0xca24  ebdrv - ok
18:48:44.0387 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
18:48:44.0407 0xca24  EFS - ok
18:48:44.0467 0xca24  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:48:44.0497 0xca24  ehRecvr - ok
18:48:44.0517 0xca24  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:48:44.0527 0xca24  ehSched - ok
18:48:44.0547 0xca24  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:48:44.0567 0xca24  elxstor - ok
18:48:44.0577 0xca24  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:48:44.0587 0xca24  ErrDev - ok
18:48:44.0627 0xca24  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:48:44.0657 0xca24  EventSystem - ok
18:48:44.0687 0xca24  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:48:44.0707 0xca24  exfat - ok
18:48:44.0727 0xca24  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:48:44.0747 0xca24  fastfat - ok
18:48:44.0777 0xca24  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:48:44.0787 0xca24  Fax - ok
18:48:44.0807 0xca24  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:48:44.0817 0xca24  fdc - ok
18:48:44.0827 0xca24  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:48:44.0857 0xca24  fdPHost - ok
18:48:44.0867 0xca24  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:48:44.0887 0xca24  FDResPub - ok
18:48:44.0897 0xca24  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:48:44.0907 0xca24  FileInfo - ok
18:48:44.0917 0xca24  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:48:44.0937 0xca24  Filetrace - ok
18:48:44.0947 0xca24  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:48:44.0957 0xca24  flpydisk - ok
18:48:44.0977 0xca24  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:48:44.0997 0xca24  FltMgr - ok
18:48:45.0087 0xca24  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
18:48:45.0117 0xca24  FontCache - ok
18:48:45.0157 0xca24  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:48:45.0177 0xca24  FontCache3.0.0.0 - ok
18:48:45.0177 0xca24  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:48:45.0187 0xca24  FsDepends - ok
18:48:45.0217 0xca24  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:48:45.0227 0xca24  Fs_Rec - ok
18:48:45.0257 0xca24  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:48:45.0277 0xca24  fvevol - ok
18:48:45.0297 0xca24  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:48:45.0297 0xca24  gagp30kx - ok
18:48:45.0357 0xca24  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:48:45.0387 0xca24  gpsvc - ok
18:48:45.0427 0xca24  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:48:45.0437 0xca24  gupdate - ok
18:48:45.0447 0xca24  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:48:45.0457 0xca24  gupdatem - ok
18:48:45.0527 0xca24  [ C8B54E81501386A91B0E0BD596965C9B, DC2580D45BA96C81C0BC005781BBB5E70652A1CAA637FE1B779AB538B040BB97 ] gzflt           C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys
18:48:45.0547 0xca24  gzflt - ok
18:48:45.0567 0xca24  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:48:45.0577 0xca24  hcw85cir - ok
18:48:45.0607 0xca24  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:48:45.0627 0xca24  HDAudBus - ok
18:48:45.0647 0xca24  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:48:45.0647 0xca24  HidBatt - ok
18:48:45.0667 0xca24  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:48:45.0687 0xca24  HidBth - ok
18:48:45.0707 0xca24  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:48:45.0727 0xca24  HidIr - ok
18:48:45.0757 0xca24  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:48:45.0797 0xca24  hidserv - ok
18:48:45.0817 0xca24  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:48:45.0827 0xca24  HidUsb - ok
18:48:45.0837 0xca24  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:48:45.0867 0xca24  hkmsvc - ok
18:48:45.0887 0xca24  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:48:45.0897 0xca24  HomeGroupListener - ok
18:48:45.0927 0xca24  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:48:45.0947 0xca24  HomeGroupProvider - ok
18:48:45.0977 0xca24  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:48:45.0987 0xca24  HpSAMD - ok
18:48:46.0057 0xca24  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:48:46.0077 0xca24  HTTP - ok
18:48:46.0087 0xca24  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:48:46.0097 0xca24  hwpolicy - ok
18:48:46.0117 0xca24  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:48:46.0137 0xca24  i8042prt - ok
18:48:46.0167 0xca24  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:48:46.0177 0xca24  iaStor - ok
18:48:46.0247 0xca24  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:48:46.0257 0xca24  IAStorDataMgrSvc - ok
18:48:46.0297 0xca24  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:48:46.0327 0xca24  iaStorV - ok
18:48:46.0387 0xca24  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:48:46.0407 0xca24  idsvc - ok
18:48:46.0417 0xca24  IEEtwCollectorService - ok
18:48:46.0427 0xca24  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:48:46.0427 0xca24  iirsp - ok
18:48:46.0467 0xca24  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:48:46.0487 0xca24  IKEEXT - ok
18:48:46.0567 0xca24  [ 19F9D8F7C996D5AE22E913491C912009, 1E733E34F2D39203216F3542F1A5818F3EA21CE51F434FE3B255CB6BF0B048FC ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
18:48:46.0607 0xca24  IntcAzAudAddService - ok
18:48:46.0627 0xca24  [ 4A9EB8AC8959C580ADCADDBDBBEBE033, F7386FB51D4A2138A3BA0B76FE0FB6D0F6DF8AC4837345FCBD51308863D46D01 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
18:48:46.0637 0xca24  Intel® PROSet Monitoring Service - ok
18:48:46.0657 0xca24  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:48:46.0667 0xca24  intelide - ok
18:48:46.0697 0xca24  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:48:46.0707 0xca24  intelppm - ok
18:48:46.0727 0xca24  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:48:46.0757 0xca24  IPBusEnum - ok
18:48:46.0767 0xca24  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:48:46.0787 0xca24  IpFilterDriver - ok
18:48:46.0847 0xca24  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:48:46.0867 0xca24  iphlpsvc - ok
18:48:46.0887 0xca24  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:48:46.0897 0xca24  IPMIDRV - ok
18:48:46.0907 0xca24  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:48:46.0927 0xca24  IPNAT - ok
18:48:46.0947 0xca24  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:48:46.0957 0xca24  IRENUM - ok
18:48:46.0967 0xca24  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:48:46.0977 0xca24  isapnp - ok
18:48:47.0007 0xca24  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:48:47.0017 0xca24  iScsiPrt - ok
18:48:47.0067 0xca24  [ 5A9894E80575647DC77A7D1954B05CE7, C6ECB287649FA7EAADE09E6F63A874BC125212BFF6B2BC6624E233BFDF0C7C04 ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
18:48:47.0087 0xca24  jhi_service - ok
18:48:47.0107 0xca24  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:48:47.0107 0xca24  kbdclass - ok
18:48:47.0127 0xca24  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:48:47.0127 0xca24  kbdhid - ok
18:48:47.0157 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
18:48:47.0167 0xca24  KeyIso - ok
18:48:47.0207 0xca24  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:48:47.0227 0xca24  KSecDD - ok
18:48:47.0237 0xca24  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:48:47.0247 0xca24  KSecPkg - ok
18:48:47.0257 0xca24  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:48:47.0277 0xca24  ksthunk - ok
18:48:47.0307 0xca24  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:48:47.0327 0xca24  KtmRm - ok
18:48:47.0357 0xca24  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:48:47.0387 0xca24  LanmanServer - ok
18:48:47.0397 0xca24  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:48:47.0417 0xca24  LanmanWorkstation - ok
18:48:47.0507 0xca24  [ C1F026BF2D053011535EE43D323E622C, FD6CD8258FAE6E83926E6655BF43CC3A04A7ADEDD5EE4E831AAE540E47D434BE ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
18:48:47.0537 0xca24  LavasoftAdAwareService11 - ok
18:48:47.0557 0xca24  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:48:47.0577 0xca24  lltdio - ok
18:48:47.0597 0xca24  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:48:47.0617 0xca24  lltdsvc - ok
18:48:47.0637 0xca24  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:48:47.0667 0xca24  lmhosts - ok
18:48:47.0727 0xca24  [ 103BE142566D66F8AE52C89FE9E92D2B, 61AB21D095E8E7F5C279EA31DC5DCD014859C306AFF25376CAFAC9CFF71CF416 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:48:47.0747 0xca24  LMS - ok
18:48:47.0777 0xca24  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:48:47.0787 0xca24  LSI_FC - ok
18:48:47.0807 0xca24  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:48:47.0807 0xca24  LSI_SAS - ok
18:48:47.0827 0xca24  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:48:47.0827 0xca24  LSI_SAS2 - ok
18:48:47.0847 0xca24  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:48:47.0847 0xca24  LSI_SCSI - ok
18:48:47.0877 0xca24  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:48:47.0897 0xca24  luafv - ok
18:48:47.0967 0xca24  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:48:47.0977 0xca24  MBAMProtector - ok
18:48:48.0107 0xca24  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:48:48.0137 0xca24  MBAMScheduler - ok
18:48:48.0217 0xca24  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:48:48.0237 0xca24  MBAMService - ok
18:48:48.0257 0xca24  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:48:48.0267 0xca24  MBAMWebAccessControl - ok
18:48:48.0287 0xca24  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:48:48.0307 0xca24  Mcx2Svc - ok
18:48:48.0317 0xca24  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:48:48.0337 0xca24  megasas - ok
18:48:48.0347 0xca24  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:48:48.0357 0xca24  MegaSR - ok
18:48:48.0407 0xca24  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:48:48.0417 0xca24  MEIx64 - ok
18:48:48.0467 0xca24  Microsoft SharePoint Workspace Audit Service - ok
18:48:48.0487 0xca24  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:48:48.0527 0xca24  MMCSS - ok
18:48:48.0547 0xca24  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:48:48.0567 0xca24  Modem - ok
18:48:48.0577 0xca24  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:48:48.0587 0xca24  monitor - ok
18:48:48.0617 0xca24  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:48:48.0627 0xca24  mouclass - ok
18:48:48.0627 0xca24  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:48:48.0637 0xca24  mouhid - ok
18:48:48.0697 0xca24  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:48:48.0717 0xca24  mountmgr - ok
18:48:48.0757 0xca24  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:48:48.0777 0xca24  MozillaMaintenance - ok
18:48:48.0787 0xca24  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:48:48.0807 0xca24  mpio - ok
18:48:48.0827 0xca24  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:48:48.0847 0xca24  mpsdrv - ok
18:48:48.0897 0xca24  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:48:48.0937 0xca24  MpsSvc - ok
18:48:48.0957 0xca24  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:48:48.0967 0xca24  MRxDAV - ok
18:48:49.0007 0xca24  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:48:49.0027 0xca24  mrxsmb - ok
18:48:49.0037 0xca24  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:48:49.0047 0xca24  mrxsmb10 - ok
18:48:49.0067 0xca24  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:48:49.0077 0xca24  mrxsmb20 - ok
18:48:49.0087 0xca24  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:48:49.0097 0xca24  msahci - ok
18:48:49.0107 0xca24  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:48:49.0117 0xca24  msdsm - ok
18:48:49.0127 0xca24  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:48:49.0137 0xca24  MSDTC - ok
18:48:49.0157 0xca24  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:48:49.0177 0xca24  Msfs - ok
18:48:49.0197 0xca24  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:48:49.0217 0xca24  mshidkmdf - ok
18:48:49.0247 0xca24  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:48:49.0247 0xca24  msisadrv - ok
18:48:49.0277 0xca24  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:48:49.0297 0xca24  MSiSCSI - ok
18:48:49.0297 0xca24  msiserver - ok
18:48:49.0317 0xca24  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:48:49.0337 0xca24  MSKSSRV - ok
18:48:49.0357 0xca24  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:48:49.0377 0xca24  MSPCLOCK - ok
18:48:49.0387 0xca24  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:48:49.0407 0xca24  MSPQM - ok
18:48:49.0427 0xca24  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:48:49.0437 0xca24  MsRPC - ok
18:48:49.0457 0xca24  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:48:49.0467 0xca24  mssmbios - ok
18:48:49.0477 0xca24  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:48:49.0507 0xca24  MSTEE - ok
18:48:49.0517 0xca24  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:48:49.0527 0xca24  MTConfig - ok
18:48:49.0537 0xca24  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:48:49.0537 0xca24  Mup - ok
18:48:49.0567 0xca24  [ D22AE9BDB972785CF9D336204C6005B1, 1AE328C88CF49072C125F41B16C2A2063203B21164245E2850CA491BDD4A522E ] NAL             C:\Windows\system32\Drivers\iqvw64e.sys
18:48:49.0567 0xca24  NAL - ok
18:48:49.0617 0xca24  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:48:49.0647 0xca24  napagent - ok
18:48:49.0677 0xca24  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:48:49.0687 0xca24  NativeWifiP - ok
18:48:49.0737 0xca24  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:48:49.0757 0xca24  NDIS - ok
18:48:49.0767 0xca24  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:48:49.0787 0xca24  NdisCap - ok
18:48:49.0807 0xca24  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:48:49.0827 0xca24  NdisTapi - ok
18:48:49.0847 0xca24  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:48:49.0867 0xca24  Ndisuio - ok
18:48:49.0877 0xca24  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:48:49.0907 0xca24  NdisWan - ok
18:48:49.0907 0xca24  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:48:49.0927 0xca24  NDProxy - ok
18:48:49.0937 0xca24  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:48:49.0957 0xca24  NetBIOS - ok
18:48:49.0967 0xca24  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:48:49.0997 0xca24  NetBT - ok
18:48:50.0017 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
18:48:50.0017 0xca24  Netlogon - ok
18:48:50.0077 0xca24  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:48:50.0117 0xca24  Netman - ok
18:48:50.0147 0xca24  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:48:50.0157 0xca24  NetMsmqActivator - ok
18:48:50.0167 0xca24  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:48:50.0167 0xca24  NetPipeActivator - ok
18:48:50.0197 0xca24  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:48:50.0227 0xca24  netprofm - ok
18:48:50.0237 0xca24  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:48:50.0247 0xca24  NetTcpActivator - ok
18:48:50.0247 0xca24  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:48:50.0257 0xca24  NetTcpPortSharing - ok
18:48:50.0297 0xca24  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
18:48:50.0317 0xca24  netvsc - ok
18:48:50.0347 0xca24  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:48:50.0357 0xca24  nfrd960 - ok
18:48:50.0387 0xca24  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:48:50.0407 0xca24  NlaSvc - ok
18:48:50.0417 0xca24  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:48:50.0437 0xca24  Npfs - ok
18:48:50.0457 0xca24  npggsvc - ok
18:48:50.0467 0xca24  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:48:50.0487 0xca24  nsi - ok
18:48:50.0497 0xca24  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:48:50.0517 0xca24  nsiproxy - ok
18:48:50.0567 0xca24  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:48:50.0597 0xca24  Ntfs - ok
18:48:50.0607 0xca24  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:48:50.0627 0xca24  Null - ok
18:48:50.0637 0xca24  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:48:50.0647 0xca24  nvraid - ok
18:48:50.0677 0xca24  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:48:50.0697 0xca24  nvstor - ok
18:48:50.0727 0xca24  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:48:50.0727 0xca24  nv_agp - ok
18:48:50.0747 0xca24  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:48:50.0757 0xca24  ohci1394 - ok
18:48:50.0817 0xca24  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:48:50.0837 0xca24  ose - ok
18:48:50.0987 0xca24  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:48:51.0077 0xca24  osppsvc - ok
18:48:51.0107 0xca24  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:48:51.0117 0xca24  p2pimsvc - ok
18:48:51.0137 0xca24  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:48:51.0147 0xca24  p2psvc - ok
18:48:51.0167 0xca24  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:48:51.0177 0xca24  Parport - ok
18:48:51.0197 0xca24  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:48:51.0217 0xca24  partmgr - ok
18:48:51.0237 0xca24  [ 363B3F857ABEE85767E01E3044C539CD, F6CB6C4B5B206E75BC8EB125363B1A095BA24FCC997A10605D59FCE44BA8651C ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
18:48:51.0247 0xca24  PBADRV - ok
18:48:51.0297 0xca24  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:48:51.0317 0xca24  PcaSvc - ok
18:48:51.0347 0xca24  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:48:51.0367 0xca24  pci - ok
18:48:51.0387 0xca24  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
18:48:51.0397 0xca24  pciide - ok
18:48:51.0437 0xca24  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:48:51.0457 0xca24  pcmcia - ok
18:48:51.0467 0xca24  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:48:51.0477 0xca24  pcw - ok
18:48:51.0537 0xca24  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:48:51.0567 0xca24  PEAUTH - ok
18:48:51.0637 0xca24  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:48:51.0667 0xca24  PeerDistSvc - ok
18:48:51.0727 0xca24  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:48:51.0747 0xca24  PerfHost - ok
18:48:51.0817 0xca24  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:48:51.0857 0xca24  pla - ok
18:48:51.0897 0xca24  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:48:51.0907 0xca24  PlugPlay - ok
18:48:51.0917 0xca24  PnkBstrA - ok
18:48:51.0927 0xca24  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:48:51.0937 0xca24  PNRPAutoReg - ok
18:48:51.0947 0xca24  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:48:51.0957 0xca24  PNRPsvc - ok
18:48:51.0987 0xca24  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:48:52.0017 0xca24  PolicyAgent - ok
18:48:52.0037 0xca24  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
18:48:52.0047 0xca24  Power - ok
18:48:52.0077 0xca24  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:48:52.0117 0xca24  PptpMiniport - ok
18:48:52.0127 0xca24  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:48:52.0137 0xca24  Processor - ok
18:48:52.0157 0xca24  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:48:52.0167 0xca24  ProfSvc - ok
18:48:52.0177 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
18:48:52.0187 0xca24  ProtectedStorage - ok
18:48:52.0197 0xca24  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:48:52.0217 0xca24  Psched - ok
18:48:52.0247 0xca24  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:48:52.0247 0xca24  PxHlpa64 - ok
18:48:52.0327 0xca24  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:48:52.0357 0xca24  ql2300 - ok
18:48:52.0377 0xca24  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:48:52.0387 0xca24  ql40xx - ok
18:48:52.0407 0xca24  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:48:52.0427 0xca24  QWAVE - ok
18:48:52.0437 0xca24  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:48:52.0447 0xca24  QWAVEdrv - ok
18:48:52.0467 0xca24  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:48:52.0487 0xca24  RasAcd - ok
18:48:52.0517 0xca24  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:48:52.0537 0xca24  RasAgileVpn - ok
18:48:52.0577 0xca24  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:48:52.0607 0xca24  RasAuto - ok
18:48:52.0637 0xca24  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:48:52.0657 0xca24  Rasl2tp - ok
18:48:52.0687 0xca24  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:48:52.0727 0xca24  RasMan - ok
18:48:52.0737 0xca24  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:48:52.0757 0xca24  RasPppoe - ok
18:48:52.0777 0xca24  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:48:52.0797 0xca24  RasSstp - ok
18:48:52.0887 0xca24  [ 170C5DE900F60768C380ECD8A812512F, BFD085C32CF25E8261EF4BCFA5903A496785BCDA08037F4EB580BBDEDF42B656 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
18:48:52.0907 0xca24  Razer Game Scanner Service - ok
18:48:52.0917 0xca24  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:48:52.0947 0xca24  rdbss - ok
18:48:52.0967 0xca24  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:48:52.0977 0xca24  rdpbus - ok
18:48:52.0997 0xca24  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:48:53.0027 0xca24  RDPCDD - ok
18:48:53.0047 0xca24  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:48:53.0057 0xca24  RDPDR - ok
18:48:53.0057 0xca24  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:48:53.0077 0xca24  RDPENCDD - ok
18:48:53.0077 0xca24  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:48:53.0097 0xca24  RDPREFMP - ok
18:48:53.0117 0xca24  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:48:53.0127 0xca24  RDPWD - ok
18:48:53.0147 0xca24  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:48:53.0157 0xca24  rdyboost - ok
18:48:53.0187 0xca24  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:48:53.0207 0xca24  RemoteAccess - ok
18:48:53.0217 0xca24  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:48:53.0247 0xca24  RemoteRegistry - ok
18:48:53.0347 0xca24  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:48:53.0367 0xca24  RoxMediaDB12OEM - ok
18:48:53.0387 0xca24  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:48:53.0397 0xca24  RoxWatch12 - ok
18:48:53.0407 0xca24  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:48:53.0427 0xca24  RpcEptMapper - ok
18:48:53.0437 0xca24  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:48:53.0447 0xca24  RpcLocator - ok
18:48:53.0467 0xca24  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:48:53.0497 0xca24  RpcSs - ok
18:48:53.0517 0xca24  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:48:53.0557 0xca24  rspndr - ok
18:48:53.0607 0xca24  [ B97C8EFA7A74AC80E69B75ED05AE0E07, FD63AF7BC6F775FA2887F5367B601B3DE8385ECAA5B8CF6AEB05899CE2648F24 ] rzdaendpt       C:\Windows\system32\DRIVERS\rzdaendpt.sys
18:48:53.0617 0xca24  rzdaendpt - ok
18:48:53.0697 0xca24  [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
18:48:53.0707 0xca24  rzpmgrk - ok
18:48:53.0757 0xca24  [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
18:48:53.0777 0xca24  rzpnk - ok
18:48:53.0817 0xca24  [ D30A8C2D23A7AB6664028A9C72E1809E, 1F2486F02A332CA68BA82B69B0188861EA0BA470D0A8CA1C0A4A771D84BC3613 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
18:48:53.0827 0xca24  rzudd - ok
18:48:53.0877 0xca24  [ 9B64E507A0A31F73AEAA1308A49064E2, A53BF15B20811DB6D100C77A7A9DC8D5229D3F0633C12B14EBF1FFDCED46DB73 ] rzvkeyboard     C:\Windows\system32\DRIVERS\rzvkeyboard.sys
18:48:53.0887 0xca24  rzvkeyboard - ok
18:48:53.0897 0xca24  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:48:53.0917 0xca24  s3cap - ok
18:48:53.0927 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
18:48:53.0947 0xca24  SamSs - ok
18:48:53.0957 0xca24  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:48:53.0967 0xca24  sbp2port - ok
18:48:53.0987 0xca24  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:48:54.0017 0xca24  SCardSvr - ok
18:48:54.0067 0xca24  [ FA895C8D357C9FF0AC5FED6CD5F0D1CC, DFB31BDBB459D68D3E8611B36DAAEF24501E258E369889436F57B802C83B318D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:48:54.0077 0xca24  SCDEmu - ok
18:48:54.0107 0xca24  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:48:54.0127 0xca24  scfilter - ok
18:48:54.0157 0xca24  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:48:54.0197 0xca24  Schedule - ok
18:48:54.0217 0xca24  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:48:54.0237 0xca24  SCPolicySvc - ok
18:48:54.0237 0xca24  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:48:54.0247 0xca24  SDRSVC - ok
18:48:54.0267 0xca24  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:48:54.0287 0xca24  secdrv - ok
18:48:54.0297 0xca24  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:48:54.0317 0xca24  seclogon - ok
18:48:54.0437 0xca24  [ 8365191D0FE7DF5972B889821ADBE62B, A3CC36FBF7962166D0E6A6B277130882BED623708C7F14EC158614F30F982420 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
18:48:54.0477 0xca24  SecureStorageService - ok
18:48:54.0497 0xca24  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:48:54.0517 0xca24  SENS - ok
18:48:54.0527 0xca24  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:48:54.0527 0xca24  SensrSvc - ok
18:48:54.0557 0xca24  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:48:54.0567 0xca24  Serenum - ok
18:48:54.0597 0xca24  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:48:54.0617 0xca24  Serial - ok
18:48:54.0637 0xca24  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:48:54.0647 0xca24  sermouse - ok
18:48:54.0677 0xca24  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:48:54.0697 0xca24  SessionEnv - ok
18:48:54.0707 0xca24  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:48:54.0717 0xca24  sffdisk - ok
18:48:54.0727 0xca24  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:48:54.0737 0xca24  sffp_mmc - ok
18:48:54.0757 0xca24  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:48:54.0767 0xca24  sffp_sd - ok
18:48:54.0787 0xca24  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:48:54.0797 0xca24  sfloppy - ok
18:48:54.0827 0xca24  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:48:54.0857 0xca24  SharedAccess - ok
18:48:54.0877 0xca24  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:48:54.0897 0xca24  ShellHWDetection - ok
18:48:54.0917 0xca24  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:48:54.0917 0xca24  SiSRaid2 - ok
18:48:54.0927 0xca24  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:48:54.0937 0xca24  SiSRaid4 - ok
18:48:55.0017 0xca24  [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:48:55.0037 0xca24  SkypeUpdate - ok
18:48:55.0057 0xca24  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:48:55.0077 0xca24  Smb - ok
18:48:55.0107 0xca24  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:48:55.0107 0xca24  SNMPTRAP - ok
18:48:55.0117 0xca24  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:48:55.0127 0xca24  spldr - ok
18:48:55.0167 0xca24  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:48:55.0177 0xca24  Spooler - ok
18:48:55.0267 0xca24  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:48:55.0347 0xca24  sppsvc - ok
18:48:55.0357 0xca24  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:48:55.0377 0xca24  sppuinotify - ok
18:48:55.0407 0xca24  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:48:55.0417 0xca24  srv - ok
18:48:55.0437 0xca24  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:48:55.0457 0xca24  srv2 - ok
18:48:55.0467 0xca24  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:48:55.0467 0xca24  srvnet - ok
18:48:55.0497 0xca24  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:48:55.0517 0xca24  SSDPSRV - ok
18:48:55.0527 0xca24  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:48:55.0547 0xca24  SstpSvc - ok
18:48:55.0587 0xca24  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:48:55.0597 0xca24  Steam Client Service - ok
18:48:55.0617 0xca24  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:48:55.0627 0xca24  stexstor - ok
18:48:55.0677 0xca24  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:48:55.0697 0xca24  stisvc - ok
18:48:55.0737 0xca24  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:48:55.0747 0xca24  stllssvr - ok
18:48:55.0767 0xca24  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
18:48:55.0787 0xca24  StorSvc - ok
18:48:55.0807 0xca24  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:48:55.0817 0xca24  storvsc - ok
18:48:55.0837 0xca24  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:48:55.0837 0xca24  swenum - ok
18:48:55.0877 0xca24  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:48:55.0917 0xca24  swprv - ok
18:48:55.0927 0xca24  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
18:48:55.0927 0xca24  SynthVid - ok
18:48:55.0987 0xca24  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:48:56.0027 0xca24  SysMain - ok
18:48:56.0047 0xca24  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:48:56.0057 0xca24  TabletInputService - ok
18:48:56.0077 0xca24  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:48:56.0097 0xca24  TapiSrv - ok
18:48:56.0107 0xca24  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:48:56.0127 0xca24  TBS - ok
18:48:56.0197 0xca24  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:48:56.0237 0xca24  Tcpip - ok
18:48:56.0287 0xca24  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:48:56.0317 0xca24  TCPIP6 - ok
18:48:56.0337 0xca24  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:48:56.0347 0xca24  tcpipreg - ok
18:48:56.0467 0xca24  [ E2F626E4A23E12DE31D8820FF143A456, FF1CBFD52A32B25E31167D9AE3F4826818623C03DA92EE1B7B99A5DA1A1C4FC5 ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
18:48:56.0537 0xca24  TdmService - ok
18:48:56.0557 0xca24  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:48:56.0567 0xca24  TDPIPE - ok
18:48:56.0587 0xca24  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:48:56.0607 0xca24  TDTCP - ok
18:48:56.0627 0xca24  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:48:56.0647 0xca24  tdx - ok
18:48:56.0657 0xca24  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:48:56.0667 0xca24  TermDD - ok
18:48:56.0727 0xca24  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:48:56.0747 0xca24  TermService - ok
18:48:56.0767 0xca24  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:48:56.0777 0xca24  Themes - ok
18:48:56.0797 0xca24  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:48:56.0817 0xca24  THREADORDER - ok
18:48:56.0827 0xca24  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:48:56.0847 0xca24  TrkWks - ok
18:48:56.0897 0xca24  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] Trufos          C:\Windows\system32\DRIVERS\Trufos.sys
18:48:56.0917 0xca24  Trufos - ok
18:48:56.0967 0xca24  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:48:57.0007 0xca24  TrustedInstaller - ok
18:48:57.0037 0xca24  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:48:57.0047 0xca24  tssecsrv - ok
18:48:57.0057 0xca24  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:48:57.0067 0xca24  TsUsbFlt - ok
18:48:57.0077 0xca24  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:48:57.0077 0xca24  TsUsbGD - ok
18:48:57.0117 0xca24  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:48:57.0157 0xca24  tunnel - ok
18:48:57.0167 0xca24  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:48:57.0177 0xca24  uagp35 - ok
18:48:57.0197 0xca24  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:48:57.0227 0xca24  udfs - ok
18:48:57.0247 0xca24  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:48:57.0257 0xca24  UI0Detect - ok
18:48:57.0277 0xca24  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:48:57.0287 0xca24  uliagpkx - ok
18:48:57.0307 0xca24  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:48:57.0317 0xca24  umbus - ok
18:48:57.0337 0xca24  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:48:57.0347 0xca24  UmPass - ok
18:48:57.0387 0xca24  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:48:57.0407 0xca24  UmRdpService - ok
18:48:57.0537 0xca24  [ 6B778A47EB9CE430708AC42980BB712C, E12E4D86839D704F1C50A6E9A7F3F7F63359FD3AC98F83B69E17BF8266546382 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:48:57.0577 0xca24  UNS - ok
18:48:57.0617 0xca24  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:48:57.0637 0xca24  upnphost - ok
18:48:57.0657 0xca24  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:48:57.0667 0xca24  usbaudio - ok
18:48:57.0697 0xca24  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:48:57.0717 0xca24  usbccgp - ok
18:48:57.0737 0xca24  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:48:57.0747 0xca24  usbcir - ok
18:48:57.0767 0xca24  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:48:57.0777 0xca24  usbehci - ok
18:48:57.0817 0xca24  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:48:57.0847 0xca24  usbhub - ok
18:48:57.0857 0xca24  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:48:57.0867 0xca24  usbohci - ok
18:48:57.0887 0xca24  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:48:57.0887 0xca24  usbprint - ok
18:48:57.0917 0xca24  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:48:57.0917 0xca24  USBSTOR - ok
18:48:57.0937 0xca24  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:48:57.0937 0xca24  usbuhci - ok
18:48:57.0967 0xca24  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:48:57.0987 0xca24  usbvideo - ok
18:48:58.0017 0xca24  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:48:58.0057 0xca24  UxSms - ok
18:48:58.0067 0xca24  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
18:48:58.0067 0xca24  VaultSvc - ok
18:48:58.0097 0xca24  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:48:58.0117 0xca24  vdrvroot - ok
18:48:58.0147 0xca24  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:48:58.0167 0xca24  vds - ok
18:48:58.0187 0xca24  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:48:58.0197 0xca24  vga - ok
18:48:58.0197 0xca24  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:48:58.0217 0xca24  VgaSave - ok
18:48:58.0237 0xca24  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:48:58.0247 0xca24  vhdmp - ok
18:48:58.0277 0xca24  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:48:58.0287 0xca24  viaide - ok
18:48:58.0317 0xca24  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:48:58.0327 0xca24  VMBusHID - ok
18:48:58.0347 0xca24  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:48:58.0357 0xca24  volmgr - ok
18:48:58.0377 0xca24  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:48:58.0387 0xca24  volmgrx - ok
18:48:58.0397 0xca24  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:48:58.0407 0xca24  volsnap - ok
18:48:58.0427 0xca24  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:48:58.0437 0xca24  vsmraid - ok
18:48:58.0507 0xca24  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:48:58.0557 0xca24  VSS - ok
18:48:58.0567 0xca24  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:48:58.0577 0xca24  vwifibus - ok
18:48:58.0607 0xca24  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:48:58.0627 0xca24  W32Time - ok
18:48:58.0647 0xca24  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:48:58.0657 0xca24  WacomPen - ok
18:48:58.0677 0xca24  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:48:58.0717 0xca24  WANARP - ok
18:48:58.0727 0xca24  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:48:58.0747 0xca24  Wanarpv6 - ok
18:48:58.0837 0xca24  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:48:58.0857 0xca24  WatAdminSvc - ok
18:48:58.0927 0xca24  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:48:58.0957 0xca24  wbengine - ok
18:48:58.0967 0xca24  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:48:58.0977 0xca24  WbioSrvc - ok
18:48:58.0997 0xca24  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:48:59.0007 0xca24  wcncsvc - ok
18:48:59.0017 0xca24  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:48:59.0027 0xca24  WcsPlugInService - ok
18:48:59.0047 0xca24  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:48:59.0057 0xca24  Wd - ok
18:48:59.0107 0xca24  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:48:59.0137 0xca24  Wdf01000 - ok
18:48:59.0157 0xca24  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:48:59.0167 0xca24  WdiServiceHost - ok
18:48:59.0167 0xca24  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:48:59.0177 0xca24  WdiSystemHost - ok
18:48:59.0197 0xca24  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:48:59.0217 0xca24  WebClient - ok
18:48:59.0227 0xca24  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:48:59.0247 0xca24  Wecsvc - ok
18:48:59.0257 0xca24  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:48:59.0287 0xca24  wercplsupport - ok
18:48:59.0297 0xca24  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:48:59.0337 0xca24  WerSvc - ok
18:48:59.0367 0xca24  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:48:59.0407 0xca24  WfpLwf - ok
18:48:59.0417 0xca24  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:48:59.0427 0xca24  WIMMount - ok
18:48:59.0437 0xca24  WinDefend - ok
18:48:59.0457 0xca24  WinHttpAutoProxySvc - ok
18:48:59.0517 0xca24  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:48:59.0547 0xca24  Winmgmt - ok
18:48:59.0617 0xca24  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:48:59.0657 0xca24  WinRM - ok
18:48:59.0707 0xca24  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:48:59.0727 0xca24  WinUsb - ok
18:48:59.0767 0xca24  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:48:59.0787 0xca24  Wlansvc - ok
18:48:59.0847 0xca24  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:48:59.0857 0xca24  wlcrasvc - ok
18:48:59.0957 0xca24  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:48:59.0997 0xca24  wlidsvc - ok
18:49:00.0017 0xca24  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:49:00.0027 0xca24  WmiAcpi - ok
18:49:00.0057 0xca24  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:49:00.0077 0xca24  wmiApSrv - ok
18:49:00.0097 0xca24  WMPNetworkSvc - ok
18:49:00.0127 0xca24  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:49:00.0147 0xca24  WPCSvc - ok
18:49:00.0167 0xca24  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:49:00.0177 0xca24  WPDBusEnum - ok
18:49:00.0197 0xca24  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:49:00.0217 0xca24  ws2ifsl - ok
18:49:00.0247 0xca24  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:49:00.0277 0xca24  wscsvc - ok
18:49:00.0277 0xca24  WSearch - ok
18:49:00.0387 0xca24  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:49:00.0437 0xca24  wuauserv - ok
18:49:00.0457 0xca24  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:49:00.0467 0xca24  WudfPf - ok
18:49:00.0497 0xca24  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
18:49:00.0517 0xca24  WUDFRd - ok
18:49:00.0537 0xca24  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:49:00.0547 0xca24  wudfsvc - ok
18:49:00.0587 0xca24  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:49:00.0607 0xca24  WwanSvc - ok
18:49:00.0647 0xca24  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:49:00.0657 0xca24  xusb21 - ok
18:49:00.0697 0xca24  ================ Scan global ===============================
18:49:00.0717 0xca24  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:49:00.0767 0xca24  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
18:49:00.0797 0xca24  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
18:49:00.0817 0xca24  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:49:00.0877 0xca24  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:49:00.0887 0xca24  [ Global ] - ok
18:49:00.0887 0xca24  ================ Scan MBR ==================================
18:49:00.0907 0xca24  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:49:01.0197 0xca24  \Device\Harddisk0\DR0 - ok
18:49:01.0197 0xca24  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:49:01.0287 0xca24  \Device\Harddisk1\DR1 - ok
18:49:01.0347 0xca24  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
18:49:01.0537 0xca24  \Device\Harddisk2\DR2 - ok
18:49:01.0537 0xca24  ================ Scan VBR ==================================
18:49:01.0547 0xca24  [ 81F3ABC1C8202BE2A69C287EA0ED6161 ] \Device\Harddisk0\DR0\Partition1
18:49:01.0547 0xca24  \Device\Harddisk0\DR0\Partition1 - ok
18:49:01.0547 0xca24  [ 6C2EB08C3F3AE321A7471F4305830C06 ] \Device\Harddisk0\DR0\Partition2
18:49:01.0547 0xca24  \Device\Harddisk0\DR0\Partition2 - ok
18:49:01.0557 0xca24  [ A8D962A58112180F297ACDF4DFA3DBF5 ] \Device\Harddisk1\DR1\Partition1
18:49:01.0557 0xca24  \Device\Harddisk1\DR1\Partition1 - ok
18:49:01.0557 0xca24  [ 71724513AA53392DFCFC081B0A8B5FE1 ] \Device\Harddisk1\DR1\Partition2
18:49:01.0557 0xca24  \Device\Harddisk1\DR1\Partition2 - ok
18:49:01.0567 0xca24  [ C645AB80A04E18D7F762A9228C2622AE ] \Device\Harddisk2\DR2\Partition1
18:49:01.0587 0xca24  \Device\Harddisk2\DR2\Partition1 - ok
18:49:01.0587 0xca24  [ 393EA87BEDA49C5A5D5686AB67E49305 ] \Device\Harddisk2\DR2\Partition2
18:49:01.0617 0xca24  \Device\Harddisk2\DR2\Partition2 - ok
18:49:01.0627 0xca24  ================ Scan generic autorun ======================
18:49:01.0707 0xca24  [ 4C748E4BBFF7795A623A6D122A16C5EB, 24C9EE6023B020B21F68C187B34DD7FC46A4FF27F2B565AA3DF35641CD64ACBB ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
18:49:01.0757 0xca24  RtHDVCpl - ok
18:49:01.0837 0xca24  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:49:01.0867 0xca24  Sidebar - ok
18:49:01.0877 0xca24  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:49:01.0897 0xca24  mctadmin - ok
18:49:01.0947 0xca24  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:49:01.0977 0xca24  Sidebar - ok
18:49:01.0977 0xca24  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:49:01.0987 0xca24  mctadmin - ok
18:49:02.0017 0xca24  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareSecurityCenter.exe ( 11.7.485.8398 ), 0x40010 ( disabled : outofdate )
18:49:02.0017 0xca24  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareSecurityCenter.exe ( 11.7.485.8398 ), 0x40010 ( disabled )
18:49:02.0017 0xca24  Win FW state via NFP2: disabled ( trusted )
18:49:02.0017 0xca24  ============================================================
18:49:02.0017 0xca24  Scan finished
18:49:02.0017 0xca24  ============================================================
18:49:02.0017 0xca1c  Detected object count: 0
18:49:02.0017 0xca1c  Actual detected object count: 0
 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 24 August 2015 - 09:23 PM

Have you run Adwcleaner and ESET?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Run2Ron

Run2Ron
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 24 August 2015 - 11:59 PM

adware showed no threat found sir, but eset was a MESS i just fnished it right now here is the log sir!  the other laptop connected to my network isn't lagging at all, which is safe to assume i have to be infected with something, sorry and ty so much for your time

 

 

C:\Users\euclidck\AppData\Roaming\BitTorrent\updates\7.9.2_32241.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
C:\Users\euclidck\AppData\Roaming\BitTorrent\updates\7.9.2_38914.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\euclidck\Downloads\Core-Temp-installer.exe Win32/Somoto.Q potentially unwanted application deleted - quarantined
E:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YS2ILKCI\cbsidlm-cbsi134-HyperTerminal_Private_Edition-SEO-10966768.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting - quarantined
E:\Users\Guest\AppData\Local\Temp\nscB37E.tmp\nsUtils_2_1_7_0.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application cleaned by deleting - quarantined
G:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting - quarantined
G:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx JS/Adware.Spigot.B application deleted - quarantined
G:\Program Files (x86)\Let's Sing\steam_api.dll a variant of Win32/HackTool.Crack.DF potentially unsafe application cleaned by deleting - quarantined
G:\Program Files (x86)\Let's Sing\LetsSing_Data\Plugins\steam_api.dll a variant of Win32/HackTool.Crack.DF potentially unsafe application cleaned by deleting - quarantined
G:\Program Files (x86)\Southpark Stick of Truth\steam_api.dll a variant of Win32/HackTool.Crack.DF potentially unsafe application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\GOHelper.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\Network.dll a variant of Win32/Systweak.M potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSBeforeUninstall.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDiskDoctor.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDiskExplorer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDiskOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDriverUpdater.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDuplicateFilesRemover.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSGameOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSHelper.dll a variant of Win32/Systweak.M potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSMemoryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSNewScheduler.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSPCFixer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSecureDelete.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSecureEncryptor.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSStartupManager.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSysFileBakRes.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSystemAnalyzerAndAdvisor.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUninstallManager.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting - quarantined
G:\ProgramData\comcastModemRelease\dtuser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application cleaned by deleting - quarantined
G:\Users\BroRonDude\AppData\Local\PMB Files\Upgrade41270\PMB_updater.exe Win32/InstallCore.GI potentially unwanted application cleaned by deleting - quarantined
G:\Users\BroRonDude\AppData\Roaming\uTorrent\updates\3.3.2_30416.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
G:\Users\BroRonDude\Desktop\folders\junk2\cam (5)\Crack\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application cleaned by deleting - quarantined
G:\Users\BroRonDude\Desktop\folders\udl\Lord.of.the.Rings.War.in.the.North-RELOADED\rld-witn.iso Win32/HackTool.Crack.CC potentially unsafe application deleted - quarantined
G:\Users\BroRonDude\Desktop\udl\Lets.Sing-DOGE [NORAR]\dogelesi.iso a variant of Win32/HackTool.Crack.DF potentially unsafe application deleted - quarantined
G:\Windyzone\WZLauncher\WindyGameLauncher.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting - quarantined

Edited by Run2Ron, 25 August 2015 - 12:05 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 25 August 2015 - 11:03 AM

Good! Many of these removed will have effects on the machine.. do this and see if things are better.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Run2Ron

Run2Ron
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 25 August 2015 - 06:10 PM

Good evening sir! I noticed a 20% upgrade on speed, thank you very much for your time, but I think it's just comcast being really crappy now, i've done all i can and really appreciate your help sir! 

thank you very very much for your assistance and time!



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 25 August 2015 - 07:51 PM

You're welcome!!

Appears you installed a crack tool.. These will allow malware in.

Looks like your android software could use a reinstall.

Running this tool may also clear up a few things.

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Run2Ron

Run2Ron
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 25 August 2015 - 08:05 PM

alright ty kindly sir! pls allow me 12 hours to reply, going to bed for work! thank you once again!



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 25 August 2015 - 08:07 PM

All is good!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Run2Ron

Run2Ron
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:49 AM

Posted 27 August 2015 - 12:02 AM

the issue seems to have been resolved sir! Thank you very much for the time, and effort you gave! 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 AM

Posted 27 August 2015 - 12:42 PM

Most welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Blocky mclands

Blocky mclands

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 27 August 2015 - 10:09 PM

-insert log file- my god that is totally huge for one log file.


 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users