Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Playthru Player


  • Please log in to reply
13 replies to this topic

#1 SAILOR0316

SAILOR0316

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 31 August 2015 - 11:24 AM

How does one remove "Playthru Player" ??   The standard Uninstall Programs in Control Panel does not work

 

Thanks in advance

 

SAILOR0316


Edited by Queen-Evie, 31 August 2015 - 11:35 AM.
moved from Anti-Virus/Anti-Malware to Am I Infected. Playthru Player has been classified as adware


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:48 AM

Posted 31 August 2015 - 11:39 AM

Hi, this was a piggy back install. In other words it came when you installed something else.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 04 September 2015 - 02:12 PM

Thanks to boopme for get me started. I have downloaded and run all 5 programs you suggested. I will try to find all of the reports and get them posted. I may have to ask for help in how to do that an please let me know if I miss one.

PLAYTHRU PLAYER is still on the computer even with all the programs run and there is a nuisance advertising program called ARCADE TWIST that jumps on top of many pages shown including BLEEPINGCOMPUTER.


Will post results of programs in separate or grouped postings, have gotten message that first posting was too long so have to redo, will try to do results of MiniToolBox and TDSS as a group of two, will see if that flies, then will try for AdwCleaner and Junkware Removal Tool. Am rerunning ESET right now since I apparently did not save or EXPORT correctly. Ran very long, almost 7 hours and somewhere over 180 hits, most of which were fixed or deleted. IF I remember correctly could not fix all


MiniToolBox by Farbar Version: 23-07-2012
Ran by David W (administrator) on 26-07-2012 at 14:55:07
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DavidW-PC7
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.tx.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.tx.comcast.net.
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1B-B9-87-B5-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5036:4195:db54:f5ae%10(Preferred)
IPv4 Address. . . . . . . . . . . : 98.198.60.116(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Thursday, July 26, 2012 10:34:53 AM
Lease Expires . . . . . . . . . . : Saturday, July 28, 2012 3:59:33 PM
Default Gateway . . . . . . . . . : 98.198.60.1
DHCP Server . . . . . . . . . . . : 69.252.216.72
DHCPv6 IAID . . . . . . . . . . . : 234888121
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7B-67-84-00-1B-B9-87-B5-0B
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.tx.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.tx.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2867:3043:9d39:c38b(Preferred)
Link-local IPv6 Address . . . . . : fe80::2867:3043:9d39:c38b%11(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : hsd1.tx.comcast.net.
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:62c6:3c74::62c6:3c74(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2001:4860:800a::66
74.125.137.138
74.125.137.139
74.125.137.100
74.125.137.101
74.125.137.102
74.125.137.113


Pinging google.com [74.125.137.100] with 32 bytes of data:
Reply from 74.125.137.100: bytes=32 time=31ms TTL=48
Reply from 74.125.137.100: bytes=32 time=32ms TTL=48

Ping statistics for 74.125.137.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=61ms TTL=51
Reply from 72.30.38.140: bytes=32 time=112ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 112ms, Average = 86ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 1b b9 87 b5 0b ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 98.198.60.1 98.198.60.116 20
98.198.60.0 255.255.252.0 On-link 98.198.60.116 276
98.198.60.116 255.255.255.255 On-link 98.198.60.116 276
98.198.63.255 255.255.255.255 On-link 98.198.60.116 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 98.198.60.116 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 98.198.60.116 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 1125 ::/0 2002:c058:6301::
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:2867:3043:9d39:c38b/128
On-link
14 1025 2002::/16 On-link
14 281 2002:62c6:3c74::62c6:3c74/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::2867:3043:9d39:c38b/128
On-link
10 276 fe80::5036:4195:db54:f5ae/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 10:15:52 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/16/2012 11:40:52 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/10/2012 08:17:01 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (07/10/2012 08:17:01 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

Error: (07/10/2012 08:17:01 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile.

DETAIL - The process cannot access the file because it is being used by another process.

Error: (07/10/2012 08:17:01 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The process cannot access the file because it is being used by another process.
for C:\Users\UpdatusUser.DavidW-PC7\ntuser.dat

Error: (07/09/2012 09:21:38 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/05/2012 10:13:42 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (07/05/2012 10:13:42 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

Error: (07/05/2012 10:13:42 AM) (Source: Microsoft-Windows-User Profiles Service) (User: DavidW-PC7)DavidW-PC7
Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile.

DETAIL - The process cannot access the file because it is being used by another process.


System errors:
=============
Error: (07/26/2012 01:28:30 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 11:30:00 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 11:23:56 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/26/2012 10:35:22 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 10:35:18 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 10:35:18 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 10:35:03 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 10:35:01 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 10:34:57 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/26/2012 04:27:25 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (05/17/2012 00:28:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 152 seconds with 60 seconds of active time. This session ended with a crash.

Error: (05/17/2012 11:47:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 506 seconds with 240 seconds of active time. This session ended with a crash.

Error: (05/17/2012 11:37:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 128 seconds with 120 seconds of active time. This session ended with a crash.

Error: (05/17/2012 11:34:54 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1395 seconds with 540 seconds of active time. This session ended with a crash.

Error: (02/29/2012 04:15:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2392 seconds with 900 seconds of active time. This session ended with a crash.

Error: (02/27/2012 10:58:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 28889 seconds with 2880 seconds of active time. This session ended with a crash.

Error: (02/23/2012 08:48:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20892 seconds with 240 seconds of active time. This session ended with a crash.

Error: (02/23/2012 00:05:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3708 seconds with 780 seconds of active time. This session ended with a crash.

Error: (02/17/2012 02:15:19 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 112 seconds with 60 seconds of active time. This session ended with a crash.

Error: (02/17/2012 02:13:01 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 44 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

7-Zip 9.20
Adobe Acrobat 9 Standard - English, Français, Deutsch (Version: 9.5.1)
Adobe Acrobat 9.5.1 - CPSID_83708
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.21)
CHEMCAD Suite
CHEMCAD Suite (Version: 6.4.0.5052)
Citrix XenApp Web Plugin (Version: 11.0.0.5357)
Comcast Desktop Software (v1.2.1) (Version: 24)
Defraggler (Version: 2.10)
Driver Performer (Version: 10.0)
FoxTab PDF Converter
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 5.2.0.952 (Version: 5.2.0.952)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.26)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.3347.0416)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia Suite (Version: 3.4.49.0)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Drivers (Version: 1.6)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
Octoshape add-in for Adobe Flash Player
PC Connectivity Solution (Version: 12.0.17.0)
PhotoScape
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
SUPERAntiSpyware (Version: 5.1.1002)
Symantec AntiVirus (Version: 10.2.276.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.5.10.53)
VLC media player 2.0.2 (Version: 2.0.2)
Window Shopper (Version: 01.02.0003)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
Wisdom-soft ScreenHunter 6.0 Free
Wisdom-soft Set up ScreenHunter 5.1 Free
Wisdom-soft Toolbar (Version: )

**** End of log ****


TDSSKiller


14:52:03.0917 0x0a1c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:52:15.0005 0x0a1c ============================================================
14:52:15.0005 0x0a1c Current date / time: 2015/09/03 14:52:15.0005
14:52:15.0005 0x0a1c SystemInfo:
14:52:15.0005 0x0a1c
14:52:15.0006 0x0a1c OS Version: 6.1.7601 ServicePack: 1.0
14:52:15.0006 0x0a1c Product type: Workstation
14:52:15.0006 0x0a1c ComputerName: DAVID-PC
14:52:15.0006 0x0a1c UserName: David
14:52:15.0006 0x0a1c Windows directory: C:\Windows
14:52:15.0006 0x0a1c System windows directory: C:\Windows
14:52:15.0006 0x0a1c Running under WOW64
14:52:15.0006 0x0a1c Processor architecture: Intel x64
14:52:15.0007 0x0a1c Number of processors: 2
14:52:15.0007 0x0a1c Page size: 0x1000
14:52:15.0007 0x0a1c Boot type: Normal boot
14:52:15.0007 0x0a1c ============================================================
14:52:15.0489 0x0a1c KLMD registered as C:\Windows\system32\drivers\74316080.sys
14:52:18.0204 0x0a1c System UUID: {E129BE0E-1095-2CA9-F9AD-9861B9F8D06E}
14:52:19.0265 0x0a1c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:52:19.0266 0x0a1c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:52:23.0200 0x0a1c ============================================================
14:52:23.0200 0x0a1c \Device\Harddisk0\DR0:
14:52:23.0200 0x0a1c MBR partitions:
14:52:23.0200 0x0a1c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C1365D1
14:52:23.0200 0x0a1c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C136800, BlocksNum 0x1E24F000
14:52:23.0200 0x0a1c \Device\Harddisk1\DR1:
14:52:23.0201 0x0a1c MBR partitions:
14:52:23.0201 0x0a1c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:52:23.0201 0x0a1c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
14:52:23.0201 0x0a1c ============================================================
14:52:23.0202 0x0a1c C: <-> \Device\Harddisk1\DR1\Partition2
14:52:23.0233 0x0a1c E: <-> \Device\Harddisk0\DR0\Partition1
14:52:23.0275 0x0a1c F: <-> \Device\Harddisk0\DR0\Partition2
14:52:23.0276 0x0a1c ============================================================
14:52:23.0276 0x0a1c Initialize success
14:52:23.0276 0x0a1c ============================================================
14:52:55.0939 0x219c ============================================================
14:52:55.0939 0x219c Scan started
14:52:55.0939 0x219c Mode: Manual;
14:52:55.0939 0x219c ============================================================
14:52:55.0939 0x219c KSN ping started
14:53:09.0425 0x219c KSN ping finished: true
14:53:10.0319 0x219c ================ Scan system memory ========================
14:53:10.0319 0x219c System memory - ok
14:53:10.0319 0x219c ================ Scan services =============================
14:53:10.0329 0x219c [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:53:10.0339 0x219c !SASCORE - ok
14:53:10.0419 0x219c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:53:10.0429 0x219c 1394ohci - ok
14:53:10.0449 0x219c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:53:10.0459 0x219c ACPI - ok
14:53:10.0479 0x219c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:53:10.0479 0x219c AcpiPmi - ok
14:53:10.0509 0x219c [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
14:53:10.0529 0x219c AdAppMgrSvc - ok
14:53:10.0539 0x219c [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:53:10.0549 0x219c AdobeARMservice - ok
14:53:10.0589 0x219c [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:53:10.0599 0x219c AdobeFlashPlayerUpdateSvc - ok
14:53:10.0629 0x219c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:53:10.0639 0x219c adp94xx - ok
14:53:10.0659 0x219c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:53:10.0669 0x219c adpahci - ok
14:53:10.0689 0x219c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:53:10.0689 0x219c adpu320 - ok
14:53:10.0709 0x219c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:53:10.0719 0x219c AeLookupSvc - ok
14:53:10.0749 0x219c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:53:10.0759 0x219c AFD - ok
14:53:10.0769 0x219c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:53:10.0769 0x219c agp440 - ok
14:53:10.0789 0x219c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:53:10.0789 0x219c ALG - ok
14:53:10.0799 0x219c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:53:10.0799 0x219c aliide - ok
14:53:10.0819 0x219c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:53:10.0819 0x219c amdide - ok
14:53:10.0839 0x219c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:53:10.0839 0x219c AmdK8 - ok
14:53:10.0867 0x219c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:53:10.0869 0x219c AmdPPM - ok
14:53:10.0871 0x219c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:53:10.0881 0x219c amdsata - ok
14:53:10.0891 0x219c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:53:10.0901 0x219c amdsbs - ok
14:53:10.0911 0x219c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:53:10.0911 0x219c amdxata - ok
14:53:10.0931 0x219c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:53:10.0931 0x219c AppID - ok
14:53:10.0954 0x219c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:53:10.0956 0x219c AppIDSvc - ok
14:53:10.0972 0x219c [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
14:53:10.0975 0x219c Appinfo - ok
14:53:10.0983 0x219c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:53:10.0993 0x219c AppMgmt - ok
14:53:11.0003 0x219c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:53:11.0013 0x219c arc - ok
14:53:11.0023 0x219c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:53:11.0023 0x219c arcsas - ok
14:53:11.0053 0x219c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:53:11.0053 0x219c aspnet_state - ok
14:53:11.0073 0x219c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:53:11.0073 0x219c AsyncMac - ok
14:53:11.0083 0x219c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:53:11.0083 0x219c atapi - ok
14:53:11.0127 0x219c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:53:11.0135 0x219c AudioEndpointBuilder - ok
14:53:11.0175 0x219c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:53:11.0195 0x219c AudioSrv - ok
14:53:11.0209 0x219c [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
14:53:11.0213 0x219c Autodesk Content Service - ok
14:53:11.0227 0x219c [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
14:53:11.0227 0x219c avgtp - ok
14:53:11.0247 0x219c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:53:11.0247 0x219c AxInstSV - ok
14:53:11.0277 0x219c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:53:11.0296 0x219c b06bdrv - ok
14:53:11.0309 0x219c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:53:11.0319 0x219c b57nd60a - ok
14:53:11.0339 0x219c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:53:11.0349 0x219c BDESVC - ok
14:53:11.0359 0x219c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:53:11.0359 0x219c Beep - ok
14:53:11.0389 0x219c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:53:11.0419 0x219c BFE - ok
14:53:11.0472 0x219c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
14:53:11.0495 0x219c BITS - ok
14:53:11.0512 0x219c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:53:11.0514 0x219c blbdrive - ok
14:53:11.0533 0x219c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:53:11.0536 0x219c bowser - ok
14:53:11.0552 0x219c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:53:11.0554 0x219c BrFiltLo - ok
14:53:11.0566 0x219c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:53:11.0568 0x219c BrFiltUp - ok
14:53:11.0586 0x219c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:53:11.0589 0x219c BridgeMP - ok
14:53:11.0628 0x219c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:53:11.0632 0x219c Browser - ok
14:53:11.0657 0x219c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:53:11.0664 0x219c Brserid - ok
14:53:11.0684 0x219c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:53:11.0686 0x219c BrSerWdm - ok
14:53:11.0704 0x219c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:53:11.0705 0x219c BrUsbMdm - ok
14:53:11.0714 0x219c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:53:11.0715 0x219c BrUsbSer - ok
14:53:11.0730 0x219c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:53:11.0732 0x219c BTHMODEM - ok
14:53:11.0749 0x219c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:53:11.0753 0x219c bthserv - ok
14:53:11.0801 0x219c [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:53:11.0841 0x219c c2cautoupdatesvc - ok
14:53:11.0923 0x219c [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:53:11.0963 0x219c c2cpnrsvc - ok
14:53:11.0983 0x219c catchme - ok
14:53:12.0003 0x219c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:53:12.0003 0x219c cdfs - ok
14:53:12.0023 0x219c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:53:12.0023 0x219c cdrom - ok
14:53:12.0043 0x219c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:53:12.0043 0x219c CertPropSvc - ok
14:53:12.0053 0x219c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:53:12.0053 0x219c circlass - ok
14:53:12.0083 0x219c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:53:12.0093 0x219c CLFS - ok
14:53:12.0113 0x219c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:53:12.0113 0x219c clr_optimization_v2.0.50727_32 - ok
14:53:12.0123 0x219c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:53:12.0133 0x219c clr_optimization_v2.0.50727_64 - ok
14:53:12.0153 0x219c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:53:12.0153 0x219c clr_optimization_v4.0.30319_32 - ok
14:53:12.0163 0x219c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:53:12.0173 0x219c clr_optimization_v4.0.30319_64 - ok
14:53:12.0183 0x219c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:53:12.0183 0x219c CmBatt - ok
14:53:12.0193 0x219c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:53:12.0193 0x219c cmdide - ok
14:53:12.0237 0x219c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:53:12.0249 0x219c CNG - ok
14:53:12.0255 0x219c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:53:12.0255 0x219c Compbatt - ok
14:53:12.0275 0x219c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:53:12.0275 0x219c CompositeBus - ok
14:53:12.0275 0x219c COMSysApp - ok
14:53:12.0295 0x219c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:53:12.0295 0x219c crcdisk - ok
14:53:12.0325 0x219c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:53:12.0325 0x219c CryptSvc - ok
14:53:12.0365 0x219c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:53:12.0380 0x219c CSC - ok
14:53:12.0407 0x219c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:53:12.0427 0x219c CscService - ok
14:53:12.0457 0x219c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:53:12.0477 0x219c DcomLaunch - ok
14:53:12.0508 0x219c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:53:12.0517 0x219c defragsvc - ok
14:53:12.0553 0x219c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:53:12.0556 0x219c DfsC - ok
14:53:12.0586 0x219c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:53:12.0589 0x219c Dhcp - ok
14:53:12.0609 0x219c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:53:12.0619 0x219c discache - ok
14:53:12.0629 0x219c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:53:12.0639 0x219c Disk - ok
14:53:12.0663 0x219c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:53:12.0665 0x219c dmvsc - ok
14:53:12.0688 0x219c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:53:12.0694 0x219c Dnscache - ok
14:53:12.0718 0x219c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:53:12.0727 0x219c dot3svc - ok
14:53:12.0751 0x219c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:53:12.0757 0x219c DPS - ok
14:53:12.0774 0x219c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:53:12.0775 0x219c drmkaud - ok
14:53:12.0821 0x219c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:53:12.0841 0x219c DXGKrnl - ok
14:53:12.0861 0x219c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:53:12.0861 0x219c EapHost - ok
14:53:12.0983 0x219c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:53:13.0063 0x219c ebdrv - ok
14:53:13.0093 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS C:\Windows\System32\lsass.exe
14:53:13.0093 0x219c EFS - ok
14:53:13.0143 0x219c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:53:13.0153 0x219c ehRecvr - ok
14:53:13.0173 0x219c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:53:13.0173 0x219c ehSched - ok
14:53:13.0203 0x219c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:53:13.0213 0x219c elxstor - ok
14:53:13.0223 0x219c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:53:13.0223 0x219c ErrDev - ok
14:53:13.0273 0x219c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:53:13.0283 0x219c EventSystem - ok
14:53:13.0313 0x219c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:53:13.0313 0x219c exfat - ok
14:53:13.0333 0x219c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:53:13.0343 0x219c fastfat - ok
14:53:13.0353 0x219c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:53:13.0353 0x219c fdc - ok
14:53:13.0373 0x219c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:53:13.0373 0x219c fdPHost - ok
14:53:13.0402 0x219c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:53:13.0404 0x219c FDResPub - ok
14:53:13.0424 0x219c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:53:13.0426 0x219c FileInfo - ok
14:53:13.0446 0x219c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:53:13.0447 0x219c Filetrace - ok
14:53:13.0514 0x219c [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
14:53:13.0550 0x219c FlexNet Licensing Service 64 - ok
14:53:13.0568 0x219c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:53:13.0569 0x219c flpydisk - ok
14:53:13.0592 0x219c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:53:13.0599 0x219c FltMgr - ok
14:53:13.0660 0x219c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
14:53:13.0690 0x219c FontCache - ok
14:53:13.0705 0x219c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:53:13.0705 0x219c FontCache3.0.0.0 - ok
14:53:13.0715 0x219c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:53:13.0725 0x219c FsDepends - ok
14:53:13.0735 0x219c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:53:13.0735 0x219c Fs_Rec - ok
14:53:13.0755 0x219c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:53:13.0765 0x219c fvevol - ok
14:53:13.0775 0x219c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:53:13.0775 0x219c gagp30kx - ok
14:53:13.0815 0x219c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:53:13.0835 0x219c gpsvc - ok
14:53:13.0855 0x219c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:53:13.0855 0x219c gupdate - ok
14:53:13.0875 0x219c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:53:13.0875 0x219c gupdatem - ok
14:53:13.0895 0x219c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:53:13.0897 0x219c hcw85cir - ok
14:53:13.0924 0x219c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:53:13.0933 0x219c HdAudAddService - ok
14:53:13.0937 0x219c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:53:13.0947 0x219c HDAudBus - ok
14:53:13.0957 0x219c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:53:13.0957 0x219c HidBatt - ok
14:53:13.0977 0x219c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:53:13.0977 0x219c HidBth - ok
14:53:13.0997 0x219c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:53:13.0997 0x219c HidIr - ok
14:53:14.0015 0x219c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
14:53:14.0018 0x219c hidserv - ok
14:53:14.0029 0x219c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:53:14.0029 0x219c HidUsb - ok
14:53:14.0049 0x219c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:53:14.0049 0x219c hkmsvc - ok
14:53:14.0080 0x219c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:53:14.0088 0x219c HomeGroupListener - ok
14:53:14.0112 0x219c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:53:14.0118 0x219c HomeGroupProvider - ok
14:53:14.0131 0x219c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:53:14.0131 0x219c HpSAMD - ok
14:53:14.0171 0x219c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:53:14.0181 0x219c HTTP - ok
14:53:14.0201 0x219c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:53:14.0201 0x219c hwpolicy - ok
14:53:14.0211 0x219c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:53:14.0221 0x219c i8042prt - ok
14:53:14.0251 0x219c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:53:14.0261 0x219c iaStorV - ok
14:53:14.0291 0x219c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:53:14.0321 0x219c idsvc - ok
14:53:14.0345 0x219c IEEtwCollectorService - ok
14:53:14.0361 0x219c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:53:14.0362 0x219c iirsp - ok
14:53:14.0403 0x219c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:53:14.0423 0x219c IKEEXT - ok
14:53:14.0443 0x219c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:53:14.0443 0x219c intelide - ok
14:53:14.0463 0x219c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:53:14.0463 0x219c intelppm - ok
14:53:14.0473 0x219c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:53:14.0483 0x219c IPBusEnum - ok
14:53:14.0496 0x219c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:53:14.0499 0x219c IpFilterDriver - ok
14:53:14.0525 0x219c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:53:14.0535 0x219c iphlpsvc - ok
14:53:14.0567 0x219c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:53:14.0570 0x219c IPMIDRV - ok
14:53:14.0588 0x219c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:53:14.0593 0x219c IPNAT - ok
14:53:14.0603 0x219c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:53:14.0604 0x219c IRENUM - ok
14:53:14.0613 0x219c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:53:14.0615 0x219c isapnp - ok
14:53:14.0639 0x219c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:53:14.0646 0x219c iScsiPrt - ok
14:53:14.0647 0x219c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:53:14.0657 0x219c kbdclass - ok
14:53:14.0677 0x219c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:53:14.0677 0x219c kbdhid - ok
14:53:14.0687 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso C:\Windows\system32\lsass.exe
14:53:14.0687 0x219c KeyIso - ok
14:53:14.0711 0x219c [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:53:14.0714 0x219c KSecDD - ok
14:53:14.0737 0x219c [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:53:14.0741 0x219c KSecPkg - ok
14:53:14.0760 0x219c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:53:14.0761 0x219c ksthunk - ok
14:53:14.0782 0x219c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:53:14.0789 0x219c KtmRm - ok
14:53:14.0809 0x219c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:53:14.0819 0x219c LanmanServer - ok
14:53:14.0829 0x219c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:53:14.0829 0x219c LanmanWorkstation - ok
14:53:14.0849 0x219c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:53:14.0849 0x219c lltdio - ok
14:53:14.0869 0x219c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:53:14.0879 0x219c lltdsvc - ok
14:53:14.0889 0x219c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:53:14.0899 0x219c lmhosts - ok
14:53:14.0919 0x219c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:53:14.0919 0x219c LSI_FC - ok
14:53:14.0941 0x219c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:53:14.0944 0x219c LSI_SAS - ok
14:53:14.0956 0x219c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:53:14.0959 0x219c LSI_SAS2 - ok
14:53:14.0973 0x219c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:53:14.0977 0x219c LSI_SCSI - ok
14:53:14.0992 0x219c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:53:14.0996 0x219c luafv - ok
14:53:15.0010 0x219c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:53:15.0011 0x219c MBAMProtector - ok
14:53:15.0063 0x219c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
14:53:15.0095 0x219c MBAMService - ok
14:53:15.0128 0x219c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:53:15.0130 0x219c MBAMWebAccessControl - ok
14:53:15.0145 0x219c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:53:15.0150 0x219c Mcx2Svc - ok
14:53:15.0164 0x219c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:53:15.0166 0x219c megasas - ok
14:53:15.0189 0x219c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:53:15.0200 0x219c MegaSR - ok
14:53:15.0211 0x219c Microsoft SharePoint Workspace Audit Service - ok
14:53:15.0224 0x219c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:53:15.0229 0x219c MMCSS - ok
14:53:15.0240 0x219c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:53:15.0243 0x219c Modem - ok
14:53:15.0260 0x219c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:53:15.0262 0x219c monitor - ok
14:53:15.0273 0x219c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:53:15.0276 0x219c mouclass - ok
14:53:15.0284 0x219c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:53:15.0286 0x219c mouhid - ok
14:53:15.0302 0x219c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:53:15.0305 0x219c mountmgr - ok
14:53:15.0322 0x219c [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:53:15.0325 0x219c MozillaMaintenance - ok
14:53:15.0374 0x219c [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:53:15.0382 0x219c MpFilter - ok
14:53:15.0399 0x219c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:53:15.0404 0x219c mpio - ok
14:53:15.0415 0x219c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:53:15.0418 0x219c mpsdrv - ok
14:53:15.0451 0x219c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:53:15.0471 0x219c MpsSvc - ok
14:53:15.0491 0x219c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:53:15.0491 0x219c MRxDAV - ok
14:53:15.0511 0x219c [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:53:15.0521 0x219c mrxsmb - ok
14:53:15.0531 0x219c [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:53:15.0541 0x219c mrxsmb10 - ok
14:53:15.0561 0x219c [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:53:15.0561 0x219c mrxsmb20 - ok
14:53:15.0571 0x219c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:53:15.0571 0x219c msahci - ok
14:53:15.0591 0x219c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:53:15.0591 0x219c msdsm - ok
14:53:15.0621 0x219c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:53:15.0634 0x219c MSDTC - ok
14:53:15.0653 0x219c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:53:15.0653 0x219c Msfs - ok
14:53:15.0663 0x219c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:53:15.0663 0x219c mshidkmdf - ok
14:53:15.0673 0x219c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:53:15.0673 0x219c msisadrv - ok
14:53:15.0693 0x219c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:53:15.0703 0x219c MSiSCSI - ok
14:53:15.0713 0x219c msiserver - ok
14:53:15.0723 0x219c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:53:15.0723 0x219c MSKSSRV - ok
14:53:15.0733 0x219c [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:53:15.0733 0x219c MsMpSvc - ok
14:53:15.0761 0x219c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:53:15.0762 0x219c MSPCLOCK - ok
14:53:15.0771 0x219c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:53:15.0773 0x219c MSPQM - ok
14:53:15.0795 0x219c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:53:15.0805 0x219c MsRPC - ok
14:53:15.0825 0x219c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:53:15.0825 0x219c mssmbios - ok
14:53:15.0835 0x219c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:53:15.0835 0x219c MSTEE - ok
14:53:15.0845 0x219c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:53:15.0845 0x219c MTConfig - ok
14:53:15.0855 0x219c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:53:15.0855 0x219c Mup - ok
14:53:15.0885 0x219c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:53:15.0905 0x219c napagent - ok
14:53:15.0935 0x219c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:53:15.0945 0x219c NativeWifiP - ok
14:53:15.0985 0x219c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:53:16.0005 0x219c NDIS - ok
14:53:16.0015 0x219c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:53:16.0025 0x219c NdisCap - ok
14:53:16.0035 0x219c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:53:16.0035 0x219c NdisTapi - ok
14:53:16.0045 0x219c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:53:16.0045 0x219c Ndisuio - ok
14:53:16.0065 0x219c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:53:16.0075 0x219c NdisWan - ok
14:53:16.0097 0x219c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:53:16.0099 0x219c NDProxy - ok
14:53:16.0123 0x219c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:53:16.0125 0x219c NetBIOS - ok
14:53:16.0144 0x219c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:53:16.0151 0x219c NetBT - ok
14:53:16.0166 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon C:\Windows\system32\lsass.exe
14:53:16.0169 0x219c Netlogon - ok
14:53:16.0196 0x219c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:53:16.0208 0x219c Netman - ok
14:53:16.0227 0x219c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:16.0235 0x219c NetMsmqActivator - ok
14:53:16.0249 0x219c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:16.0253 0x219c NetPipeActivator - ok
14:53:16.0284 0x219c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:53:16.0298 0x219c netprofm - ok
14:53:16.0312 0x219c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:16.0316 0x219c NetTcpActivator - ok
14:53:16.0328 0x219c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:16.0332 0x219c NetTcpPortSharing - ok
14:53:16.0347 0x219c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:53:16.0349 0x219c nfrd960 - ok
14:53:16.0357 0x219c [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:53:16.0357 0x219c NisDrv - ok
14:53:16.0377 0x219c [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:53:16.0387 0x219c NisSrv - ok
14:53:16.0417 0x219c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:53:16.0427 0x219c NlaSvc - ok
14:53:16.0437 0x219c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:53:16.0447 0x219c Npfs - ok
14:53:16.0447 0x219c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:53:16.0457 0x219c nsi - ok
14:53:16.0467 0x219c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:53:16.0467 0x219c nsiproxy - ok
14:53:16.0537 0x219c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:53:16.0577 0x219c Ntfs - ok
14:53:16.0597 0x219c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:53:16.0597 0x219c Null - ok
14:53:16.0633 0x219c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
14:53:16.0646 0x219c NVENETFD - ok
14:53:17.0029 0x219c [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:53:17.0311 0x219c nvlddmkm - ok
14:53:17.0371 0x219c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:53:17.0371 0x219c nvraid - ok
14:53:17.0392 0x219c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:53:17.0398 0x219c nvstor - ok
14:53:17.0412 0x219c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:53:17.0413 0x219c nv_agp - ok
14:53:17.0423 0x219c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:53:17.0423 0x219c ohci1394 - ok
14:53:17.0443 0x219c [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:53:17.0453 0x219c ose64 - ok
14:53:17.0635 0x219c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:53:17.0795 0x219c osppsvc - ok
14:53:17.0847 0x219c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:53:17.0857 0x219c p2pimsvc - ok
14:53:17.0877 0x219c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:53:17.0897 0x219c p2psvc - ok
14:53:17.0917 0x219c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:53:17.0917 0x219c Parport - ok
14:53:17.0927 0x219c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:53:17.0937 0x219c partmgr - ok
14:53:17.0956 0x219c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:53:17.0962 0x219c PcaSvc - ok
14:53:17.0979 0x219c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:53:17.0979 0x219c pci - ok
14:53:17.0989 0x219c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:53:17.0989 0x219c pciide - ok
14:53:18.0009 0x219c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:53:18.0009 0x219c pcmcia - ok
14:53:18.0029 0x219c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:53:18.0029 0x219c pcw - ok
14:53:18.0059 0x219c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:53:18.0079 0x219c PEAUTH - ok
14:53:18.0139 0x219c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:53:18.0189 0x219c PeerDistSvc - ok
14:53:18.0229 0x219c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:53:18.0229 0x219c PerfHost - ok
14:53:18.0309 0x219c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:53:18.0359 0x219c pla - ok
14:53:18.0389 0x219c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:53:18.0409 0x219c PlugPlay - ok
14:53:18.0419 0x219c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:53:18.0419 0x219c PNRPAutoReg - ok
14:53:18.0449 0x219c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:53:18.0459 0x219c PNRPsvc - ok
14:53:18.0489 0x219c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:53:18.0499 0x219c PolicyAgent - ok
14:53:18.0519 0x219c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:53:18.0529 0x219c Power - ok
14:53:18.0539 0x219c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:53:18.0539 0x219c PptpMiniport - ok
14:53:18.0559 0x219c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:53:18.0559 0x219c Processor - ok
14:53:18.0569 0x219c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:53:18.0579 0x219c ProfSvc - ok
14:53:18.0589 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:53:18.0589 0x219c ProtectedStorage - ok
14:53:18.0609 0x219c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:53:18.0609 0x219c Psched - ok
14:53:18.0679 0x219c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:53:18.0719 0x219c ql2300 - ok
14:53:18.0742 0x219c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:53:18.0746 0x219c ql40xx - ok
14:53:18.0761 0x219c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:53:18.0781 0x219c QWAVE - ok
14:53:18.0791 0x219c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:53:18.0791 0x219c QWAVEdrv - ok
14:53:18.0801 0x219c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:53:18.0801 0x219c RasAcd - ok
14:53:18.0811 0x219c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:53:18.0811 0x219c RasAgileVpn - ok
14:53:18.0821 0x219c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:53:18.0831 0x219c RasAuto - ok
14:53:18.0841 0x219c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:53:18.0851 0x219c Rasl2tp - ok
14:53:18.0884 0x219c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:53:18.0895 0x219c RasMan - ok
14:53:18.0903 0x219c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:53:18.0903 0x219c RasPppoe - ok
14:53:18.0923 0x219c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:53:18.0923 0x219c RasSstp - ok
14:53:18.0953 0x219c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:53:18.0953 0x219c rdbss - ok
14:53:18.0963 0x219c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:53:18.0973 0x219c rdpbus - ok
14:53:18.0973 0x219c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:53:18.0983 0x219c RDPCDD - ok
14:53:19.0003 0x219c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:53:19.0003 0x219c RDPDR - ok
14:53:19.0013 0x219c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:53:19.0013 0x219c RDPENCDD - ok
14:53:19.0033 0x219c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:53:19.0033 0x219c RDPREFMP - ok
14:53:19.0053 0x219c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:53:19.0053 0x219c RDPWD - ok
14:53:19.0073 0x219c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:53:19.0083 0x219c rdyboost - ok
14:53:19.0093 0x219c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:53:19.0113 0x219c RemoteAccess - ok
14:53:19.0133 0x219c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:53:19.0143 0x219c RemoteRegistry - ok
14:53:19.0153 0x219c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:53:19.0163 0x219c RpcEptMapper - ok
14:53:19.0173 0x219c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:53:19.0173 0x219c RpcLocator - ok
14:53:19.0203 0x219c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:53:19.0223 0x219c RpcSs - ok
14:53:19.0233 0x219c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:53:19.0243 0x219c rspndr - ok
14:53:19.0243 0x219c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:53:19.0253 0x219c s3cap - ok
14:53:19.0263 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs C:\Windows\system32\lsass.exe
14:53:19.0263 0x219c SamSs - ok
14:53:19.0273 0x219c [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:53:19.0273 0x219c SASDIFSV - ok
14:53:19.0283 0x219c [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:53:19.0283 0x219c SASKUTIL - ok
14:53:19.0303 0x219c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:53:19.0303 0x219c sbp2port - ok
14:53:19.0323 0x219c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:53:19.0333 0x219c SCardSvr - ok
14:53:19.0343 0x219c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:53:19.0353 0x219c scfilter - ok
14:53:19.0405 0x219c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:53:19.0435 0x219c Schedule - ok
14:53:19.0445 0x219c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:53:19.0445 0x219c SCPolicySvc - ok
14:53:19.0465 0x219c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:53:19.0475 0x219c SDRSVC - ok
14:53:19.0490 0x219c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:53:19.0491 0x219c secdrv - ok
14:53:19.0504 0x219c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:53:19.0508 0x219c seclogon - ok
14:53:19.0520 0x219c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
14:53:19.0524 0x219c SENS - ok
14:53:19.0527 0x219c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:53:19.0537 0x219c SensrSvc - ok
14:53:19.0547 0x219c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:53:19.0547 0x219c Serenum - ok
14:53:19.0557 0x219c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
14:53:19.0567 0x219c Serial - ok
14:53:19.0577 0x219c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:53:19.0577 0x219c sermouse - ok
14:53:19.0609 0x219c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:53:19.0619 0x219c SessionEnv - ok
14:53:19.0629 0x219c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:53:19.0629 0x219c sffdisk - ok
14:53:19.0639 0x219c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:53:19.0639 0x219c sffp_mmc - ok
14:53:19.0649 0x219c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:53:19.0659 0x219c sffp_sd - ok
14:53:19.0669 0x219c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:53:19.0669 0x219c sfloppy - ok
14:53:19.0703 0x219c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:53:19.0711 0x219c SharedAccess - ok
14:53:19.0741 0x219c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:53:19.0761 0x219c ShellHWDetection - ok
14:53:19.0771 0x219c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:53:19.0771 0x219c SiSRaid2 - ok
14:53:19.0781 0x219c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:53:19.0791 0x219c SiSRaid4 - ok
14:53:19.0801 0x219c [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:53:19.0811 0x219c SkypeUpdate - ok
14:53:19.0821 0x219c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:53:19.0831 0x219c Smb - ok
14:53:19.0841 0x219c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:53:19.0851 0x219c SNMPTRAP - ok
14:53:19.0861 0x219c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:53:19.0861 0x219c spldr - ok
14:53:19.0901 0x219c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:53:19.0920 0x219c Spooler - ok
14:53:20.0053 0x219c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:53:20.0183 0x219c sppsvc - ok
14:53:20.0223 0x219c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:53:20.0223 0x219c sppuinotify - ok
14:53:20.0269 0x219c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:53:20.0281 0x219c srv - ok
14:53:20.0305 0x219c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:53:20.0315 0x219c srv2 - ok
14:53:20.0325 0x219c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:53:20.0335 0x219c srvnet - ok
14:53:20.0355 0x219c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:53:20.0365 0x219c SSDPSRV - ok
14:53:20.0375 0x219c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:53:20.0385 0x219c SstpSvc - ok
14:53:20.0395 0x219c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:53:20.0395 0x219c stexstor - ok
14:53:20.0425 0x219c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:53:20.0445 0x219c stisvc - ok
14:53:20.0465 0x219c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:53:20.0465 0x219c storflt - ok
14:53:20.0475 0x219c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:53:20.0485 0x219c StorSvc - ok
14:53:20.0495 0x219c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:53:20.0495 0x219c storvsc - ok
14:53:20.0505 0x219c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:53:20.0505 0x219c swenum - ok
14:53:20.0535 0x219c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:53:20.0565 0x219c swprv - ok
14:53:20.0635 0x219c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:53:20.0695 0x219c SysMain - ok
14:53:20.0715 0x219c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:53:20.0725 0x219c TabletInputService - ok
14:53:20.0748 0x219c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:53:20.0762 0x219c TapiSrv - ok
14:53:20.0775 0x219c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:53:20.0782 0x219c TBS - ok
14:53:20.0847 0x219c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:53:20.0897 0x219c Tcpip - ok
14:53:20.0977 0x219c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:53:21.0019 0x219c TCPIP6 - ok
14:53:21.0039 0x219c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:53:21.0049 0x219c tcpipreg - ok
14:53:21.0069 0x219c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:53:21.0069 0x219c TDPIPE - ok
14:53:21.0079 0x219c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:53:21.0079 0x219c TDTCP - ok
14:53:21.0099 0x219c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:53:21.0109 0x219c tdx - ok
14:53:21.0301 0x219c [ CFC9B7B465283378D374D5E380D5D244, 5E66A62C6A6272B65181F116031AA80E8DCEDA3B7E2C1130DD631347DF644D79 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:53:21.0431 0x219c TeamViewer - ok
14:53:21.0471 0x219c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:53:21.0471 0x219c TermDD - ok
14:53:21.0501 0x219c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:53:21.0531 0x219c TermService - ok
14:53:21.0541 0x219c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:53:21.0551 0x219c Themes - ok
14:53:21.0561 0x219c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:53:21.0561 0x219c THREADORDER - ok
14:53:21.0581 0x219c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:53:21.0581 0x219c TrkWks - ok
14:53:21.0601 0x219c [ B66EE1D68197DFB9AA24F961E68ACDCC, EB7536089BAF2384437EDE964F7A20AE00C988B8CCB61A8F12CB2BBD84C4FB6E ] trufos C:\Windows\system32\drivers\trufos.sys
14:53:21.0611 0x219c trufos - ok
14:53:21.0631 0x219c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:53:21.0641 0x219c TrustedInstaller - ok
14:53:21.0651 0x219c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:53:21.0651 0x219c tssecsrv - ok
14:53:21.0671 0x219c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:53:21.0681 0x219c TsUsbFlt - ok
14:53:21.0693 0x219c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:53:21.0695 0x219c TsUsbGD - ok
14:53:21.0712 0x219c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:53:21.0713 0x219c tunnel - ok
14:53:21.0723 0x219c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:53:21.0723 0x219c uagp35 - ok
14:53:21.0753 0x219c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:53:21.0763 0x219c udfs - ok
14:53:21.0793 0x219c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:53:21.0793 0x219c UI0Detect - ok
14:53:21.0816 0x219c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:53:21.0818 0x219c uliagpkx - ok
14:53:21.0825 0x219c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:53:21.0825 0x219c umbus - ok
14:53:21.0835 0x219c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:53:21.0835 0x219c UmPass - ok
14:53:21.0855 0x219c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:53:21.0865 0x219c UmRdpService - ok
14:53:21.0895 0x219c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:53:21.0905 0x219c upnphost - ok
14:53:21.0925 0x219c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:53:21.0925 0x219c usbaudio - ok
14:53:21.0945 0x219c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:53:21.0945 0x219c usbccgp - ok
14:53:21.0965 0x219c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:53:21.0965 0x219c usbcir - ok
14:53:21.0975 0x219c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:53:21.0975 0x219c usbehci - ok
14:53:21.0995 0x219c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:53:22.0005 0x219c usbhub - ok
14:53:22.0027 0x219c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:53:22.0028 0x219c usbohci - ok
14:53:22.0044 0x219c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:53:22.0045 0x219c usbprint - ok
14:53:22.0068 0x219c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:53:22.0071 0x219c USBSTOR - ok
14:53:22.0085 0x219c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:53:22.0087 0x219c usbuhci - ok
14:53:22.0107 0x219c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:53:22.0112 0x219c UxSms - ok
14:53:22.0136 0x219c [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc C:\Windows\system32\lsass.exe
14:53:22.0139 0x219c VaultSvc - ok
14:53:22.0152 0x219c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:53:22.0154 0x219c vdrvroot - ok
14:53:22.0185 0x219c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:53:22.0216 0x219c vds - ok
14:53:22.0232 0x219c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:53:22.0234 0x219c vga - ok
14:53:22.0256 0x219c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:53:22.0262 0x219c VgaSave - ok
14:53:22.0283 0x219c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:53:22.0289 0x219c vhdmp - ok
14:53:22.0297 0x219c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:53:22.0297 0x219c viaide - ok
14:53:22.0317 0x219c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:53:22.0317 0x219c vmbus - ok
14:53:22.0327 0x219c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:53:22.0337 0x219c VMBusHID - ok
14:53:22.0357 0x219c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:53:22.0357 0x219c volmgr - ok
14:53:22.0389 0x219c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:53:22.0399 0x219c volmgrx - ok
14:53:22.0419 0x219c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:53:22.0429 0x219c volsnap - ok
14:53:22.0489 0x219c [ 2AD65D2AC9B09B641A304AA8F66FED70, 001747EF0EB7610CAC57568DD231593A169E3ED31B41F83DB597D49BCAAF9E09 ] VOTPrx C:\Users\David\AppData\Local\UrbFacto67\VOTPrx.exe
14:53:22.0529 0x219c VOTPrx - ok
14:53:22.0549 0x219c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:53:22.0549 0x219c vsmraid - ok
14:53:22.0621 0x219c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:53:22.0681 0x219c VSS - ok
14:53:22.0721 0x219c [ 93132C69394A99D992095D8CFE464801, A76C0371E9E18B038B0745C3F38AC4E958D43CB87EAB358EB88F431A33EE1F6E ] VST64HWBS2 C:\Windows\system32\DRIVERS\VSTBS26.SYS
14:53:22.0731 0x219c VST64HWBS2 - ok
14:53:22.0791 0x219c [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] VST64_DPV C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:53:22.0821 0x219c VST64_DPV - ok
14:53:22.0841 0x219c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:53:22.0841 0x219c vwifibus - ok
14:53:22.0871 0x219c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:53:22.0891 0x219c W32Time - ok
14:53:22.0901 0x219c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:53:22.0911 0x219c WacomPen - ok
14:53:22.0921 0x219c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:53:22.0921 0x219c WANARP - ok
14:53:22.0941 0x219c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:53:22.0941 0x219c Wanarpv6 - ok
14:53:23.0001 0x219c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:53:23.0051 0x219c WatAdminSvc - ok
14:53:23.0121 0x219c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:53:23.0181 0x219c wbengine - ok
14:53:23.0201 0x219c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:53:23.0211 0x219c WbioSrvc - ok
14:53:23.0241 0x219c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:53:23.0261 0x219c wcncsvc - ok
14:53:23.0261 0x219c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:53:23.0271 0x219c WcsPlugInService - ok
14:53:23.0281 0x219c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:53:23.0281 0x219c Wd - ok
14:53:23.0321 0x219c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:53:23.0341 0x219c Wdf01000 - ok
14:53:23.0351 0x219c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:53:23.0361 0x219c WdiServiceHost - ok
14:53:23.0371 0x219c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:53:23.0371 0x219c WdiSystemHost - ok
14:53:23.0391 0x219c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:53:23.0411 0x219c WebClient - ok
14:53:23.0431 0x219c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:53:23.0441 0x219c Wecsvc - ok
14:53:23.0461 0x219c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:53:23.0461 0x219c wercplsupport - ok
14:53:23.0471 0x219c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:53:23.0481 0x219c WerSvc - ok
14:53:23.0491 0x219c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:53:23.0491 0x219c WfpLwf - ok
14:53:23.0501 0x219c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:53:23.0501 0x219c WIMMount - ok
14:53:23.0541 0x219c [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:53:23.0561 0x219c winachsf - ok
14:53:23.0561 0x219c WinDefend - ok
14:53:23.0581 0x219c WinHttpAutoProxySvc - ok
14:53:23.0611 0x219c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:53:23.0621 0x219c Winmgmt - ok
14:53:23.0701 0x219c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:53:23.0781 0x219c WinRM - ok
14:53:23.0843 0x219c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:53:23.0873 0x219c Wlansvc - ok
14:53:23.0883 0x219c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:53:23.0883 0x219c WmiAcpi - ok
14:53:23.0916 0x219c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:53:23.0925 0x219c wmiApSrv - ok
14:53:23.0933 0x219c WMPNetworkSvc - ok
14:53:23.0935 0x219c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:53:23.0945 0x219c WPCSvc - ok
14:53:23.0955 0x219c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:53:23.0965 0x219c WPDBusEnum - ok
14:53:23.0975 0x219c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:53:23.0975 0x219c ws2ifsl - ok
14:53:23.0985 0x219c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
14:53:23.0995 0x219c wscsvc - ok
14:53:24.0005 0x219c WSearch - ok
14:53:24.0055 0x219c [ FC4A9F237444993FC2E732C3E20C2787, 9F841C4DE9253400C5A1B36BD09F57E8976556CBE742C3DE7E98A4FD0BAB73A2 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
14:53:24.0085 0x219c WtuSystemSupport - ok
14:53:24.0187 0x219c [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv C:\Windows\system32\wuaueng.dll
14:53:24.0257 0x219c wuauserv - ok
14:53:24.0287 0x219c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:53:24.0287 0x219c WudfPf - ok
14:53:24.0307 0x219c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:53:24.0307 0x219c WUDFRd - ok
14:53:24.0317 0x219c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:53:24.0327 0x219c wudfsvc - ok
14:53:24.0347 0x219c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:53:24.0357 0x219c WwanSvc - ok
14:53:24.0377 0x219c ================ Scan global ===============================
14:53:24.0387 0x219c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:53:24.0397 0x219c [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
14:53:24.0427 0x219c [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
14:53:24.0437 0x219c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:53:24.0457 0x219c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:53:24.0467 0x219c [ Global ] - ok
14:53:24.0467 0x219c ================ Scan MBR ==================================
14:53:24.0480 0x219c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:53:24.0689 0x219c \Device\Harddisk0\DR0 - ok
14:53:24.0699 0x219c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:53:24.0819 0x219c \Device\Harddisk1\DR1 - ok
14:53:24.0819 0x219c ================ Scan VBR ==================================
14:53:24.0829 0x219c [ 3C00C11AB09A61E45A6CE245930A03CE ] \Device\Harddisk0\DR0\Partition1
14:53:24.0829 0x219c \Device\Harddisk0\DR0\Partition1 - ok
14:53:24.0839 0x219c [ 27EA36BE437A92ABF406C0B94538EE73 ] \Device\Harddisk0\DR0\Partition2
14:53:24.0839 0x219c \Device\Harddisk0\DR0\Partition2 - ok
14:53:24.0849 0x219c [ E9859F74525034BD3A0452FCA4CC8AA6 ] \Device\Harddisk1\DR1\Partition1
14:53:24.0849 0x219c \Device\Harddisk1\DR1\Partition1 - ok
14:53:24.0859 0x219c [ 6AB8BA3F2A85044CE42E5BD65A44C8D9 ] \Device\Harddisk1\DR1\Partition2
14:53:24.0859 0x219c \Device\Harddisk1\DR1\Partition2 - ok
14:53:24.0859 0x219c ================ Scan generic autorun ======================
14:53:24.0909 0x219c [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
14:53:24.0939 0x219c MSC - ok
14:53:25.0229 0x219c [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
14:53:25.0469 0x219c CCleaner - ok
14:53:25.0753 0x219c [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
14:53:25.0945 0x219c CCleaner Monitoring - ok
14:53:25.0985 0x219c [ E911DF0B1588DE56834FFA5BB715AD0A, 928DCD9B0DA0436781597AC452AFAD2B1C8B0D1DB8A9ADC9403D7600DA1B4F89 ] C:\Program Files (x86)\PlaythruPlayer\PlaythruPlayer.exe
14:53:25.0995 0x219c Playthru Player - ok
14:53:26.0005 0x219c UpdateAdmin - ok
14:53:26.0275 0x219c [ 52BB1038DE18319F9AAC7B3603522AE4, 33F9054C58F6768327740EDCEBDAA05E6DD0692CCCA6284E89E715C2459B666E ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
14:53:26.0445 0x219c SUPERAntiSpyware - ok
14:53:26.0465 0x219c Waiting for KSN requests completion. In queue: 304
14:53:27.0465 0x219c Waiting for KSN requests completion. In queue: 304
14:53:28.0465 0x219c Waiting for KSN requests completion. In queue: 304
14:53:29.0465 0x219c Waiting for KSN requests completion. In queue: 284
14:53:30.0509 0x219c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
14:53:30.0519 0x219c Win FW state via NFP2: enabled ( trusted )
14:53:33.0021 0x219c ============================================================
14:53:33.0021 0x219c Scan finished
14:53:33.0021 0x219c ============================================================
14:53:33.0031 0x1600 Detected object count: 0
14:53:33.0031 0x1600 Actual detected object count: 0

#4 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 04 September 2015 - 02:17 PM

from SAILOR0316

Now for AdwCleaner


# AdwCleaner v5.005 - Logfile created 03/09/2015 at 15:13:19
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : David - DAVID-PC
# Running from : C:\Users\David\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : VOTPrx

***** [ Folders ] *****

Folder Found : C:\Users\David\AppData\Local\TNT2

***** [ Files ] *****

File Found : C:\Windows\Sysnative\VOTPrx64.dll
File Found : C:\Windows\Sysnative\VOTPrxOff.ini
File Found : C:\Windows\SysWOW64\VOTPrxOff.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : UpdateAdmin

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.LSPLogic.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.ReadOnlyManager
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.ReadOnlyManager.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.WFPController
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.WFPController.1
Key Found : HKLM\SOFTWARE\Classes\AppID\VOTPrx.EXE
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateAdmin]
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataContainer
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataContainer.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataController
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataController.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTable
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTable.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableFields
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableFields.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableHolder
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableHolder.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.LSPLogic
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\Classes\AppID\{0B7CB21B-2D13-4315-9E35-69742BF77530}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{09CBD86E-22AC-4BFF-A97C-85744B2819AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{542B7A6A-C8B6-4372-8829-FD8E35FA4CB8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{55AB8477-ED99-431F-ABB3-22022902A934}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{79701C41-C345-47EC-B57C-02C39A698A0D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86937CB9-BDDC-482F-A3B3-E05E3DFDFF08}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE479D24-AF59-4DEB-9D8B-D1E7DFA2C6A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BED722AF-1533-4596-964F-B5E1F8A6456E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E94546E8-E2A0-48FE-BC53-568F314EAA7A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Found : HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{007F707C-3F7A-4FBF-9BB1-4C9404211A9C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\DownloadAdmin
Key Found : [x64] HKCU\Software\TNT2
Key Found : [x64] HKCU\Software\DownloadAdmin

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [5670 bytes] ##########


JunkwareRemovalTool


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by David on Thu 09/03/2015 at 15:22:02.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] votprx [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\PROPCCleaner_Popup
Successfully deleted: [Task] C:\Windows\system32\tasks\PROPCCleaner_Start



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\updateadmin
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update CommonShare



~~~ Files

Failed to delete: [File] C:\Windows\SysWOW64\VOTPrx.dll
Successfully deleted: [File] C:\Users\David\Appdata\Local\0e5971fa8907c5fa1fa1f90ce7b319dc
Successfully deleted: [File] C:\Windows\SysWOW64\VOTPrxOff.ini



~~~ Folders

Successfully deleted: [Folder] C:\Users\David\Appdata\Local\tnt2
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Windows\SysWOW64\config\systemprofile\appdata\local\votprx
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\14957
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\20644
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\26772





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/03/2015 at 15:28:03.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by David on Thu 09/03/2015 at 15:22:02.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] votprx [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\PROPCCleaner_Popup
Successfully deleted: [Task] C:\Windows\system32\tasks\PROPCCleaner_Start



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\updateadmin
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update CommonShare



~~~ Files

Failed to delete: [File] C:\Windows\SysWOW64\VOTPrx.dll
Successfully deleted: [File] C:\Users\David\Appdata\Local\0e5971fa8907c5fa1fa1f90ce7b319dc
Successfully deleted: [File] C:\Windows\SysWOW64\VOTPrxOff.ini



~~~ Folders

Successfully deleted: [Folder] C:\Users\David\Appdata\Local\tnt2
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Windows\SysWOW64\config\systemprofile\appdata\local\votprx
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\14957
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\20644
Successfully deleted: [Folder] C:\Users\David\Appdata\Local\26772





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/03/2015 at 15:28:03.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:48 AM

Posted 04 September 2015 - 02:32 PM

Remove what ADWCleaner found... and restart the machine.

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 04 September 2015 - 04:11 PM

Again, my thanks to boopme

Following your last instruction to remove what AdwCleaner found is not so easy. Said service found was: VOTPrx gave a folder name and 3 files. Could not find the folder: TNT2 at the location described. When I tried to go after one of the three files at the location C:\Windows\Sysnative think VOTPrx64 or VOTPrxOff.ini Somehow or other I got to look at JRT.txt and saw the comment: failed to delete file C:Windows\Syswow64\VOTPrx.dll, cannot open, file open in (program) Teamviewer 10 (which is a program a computer repair company had me add so they could troubleshoot remotely). Found Teamviewer 10 and tried to delete there, but message said file is open in a (program) ArcadeTwist that I mentioned earlier has become a nuisance in the last week overlaying advertising over all manner of pages and screens including the screens for bleepingcomputer so you guys are not immune. So it is looking like program the second program I mentioned, ArcadeTwist, may be the master or controlling program, but so far I haven't found it located anywhere I can get to wipe it out. So ESET is still running and I haven't rerun AdwCleaner because I haven't been able to remove everything listed in the results of the previous AdwCleaner run.

Any suggestions or thoughts

#7 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 04 September 2015 - 04:24 PM

Oh, by the way, ( I'm not adding this post to bump the issue), but this more seemingly nuisance program is not listed in control panel so it can be uninstalled



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:48 AM

Posted 04 September 2015 - 07:00 PM


ok you cannot remove VOT with ADWcleaner?

Lets wait for ESET to finish as it may grab it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 05 September 2015 - 08:10 AM

okay, again my thanks to boopme for continuing to help get rid of these nuisances

 

ESET found 3 "bad guys" second time through.  will post then run AdwCleaner again as I thought you suggesssted, but on early morning use, ArcadeTwist is still there and maybe the controlling program

 

 

C:\Users\David\AppData\Local\GolIslan41\Goserve.Vdll a variant of Win32/ArcadeParlor.K potentially unwanted application cleaned by deleting (after the next restart) - quarantined
C:\Users\David\AppData\Local\UrbFacto67\VOTPrx.Vexe a variant of Win32/Packed.Komodia.A suspicious application cleaned by deleting (after the next restart) - quarantined
Operating memory a variant of Win32/ArcadeParlor.K potentially unwanted application contained infected files
 

 

 

SAILOR0316



#10 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 05 September 2015 - 08:26 AM

Now next day will rerun AdwCleaner, but have already seen an ad by ArcadeTwist so that program is apparently still running
 
DAILOR0316

Edited by boopme, 07 September 2015 - 08:46 PM.


#11 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 05 September 2015 - 08:37 AM

boopme:

Have now rerun AdwCleaner and will attach the results, but still appears it's there

and an ad shown by ArcadeTwist is still working. What now if anything

# AdwCleaner v5.005 - Logfile created 05/09/2015 at 08:29:52
# Updated 31/08/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : David - DAVID-PC
# Running from : C:\Users\David\Downloads\AdwCleaner (1).exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

File Found : C:\Windows\Sysnative\VOTPrx64.dll
File Found : C:\Windows\Sysnative\VOTPrxOff.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : UpdateAdmin

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.LSPLogic.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.ReadOnlyManager
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.ReadOnlyManager.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.WFPController
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.WFPController.1
Key Found : HKLM\SOFTWARE\Classes\AppID\VOTPrx.EXE
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataContainer
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataContainer.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataController
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataController.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTable
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTable.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableFields
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableFields.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableHolder
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.DataTableHolder.1
Key Found : HKLM\SOFTWARE\Classes\VOTPrxLib.LSPLogic
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\Classes\AppID\{0B7CB21B-2D13-4315-9E35-69742BF77530}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{09CBD86E-22AC-4BFF-A97C-85744B2819AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{542B7A6A-C8B6-4372-8829-FD8E35FA4CB8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{55AB8477-ED99-431F-ABB3-22022902A934}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{79701C41-C345-47EC-B57C-02C39A698A0D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86937CB9-BDDC-482F-A3B3-E05E3DFDFF08}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE479D24-AF59-4DEB-9D8B-D1E7DFA2C6A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BED722AF-1533-4596-964F-B5E1F8A6456E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E94546E8-E2A0-48FE-BC53-568F314EAA7A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Found : HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{007F707C-3F7A-4FBF-9BB1-4C9404211A9C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\DownloadAdmin
Key Found : [x64] HKCU\Software\TNT2
Key Found : [x64] HKCU\Software\DownloadAdmin

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [5472 bytes] ##########


SAILOR0316

#12 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 05 September 2015 - 08:47 AM

boopme:

while ESET appears to indicate that ArcadeParlor has been deleted, A problemistic program still appears to be running, that is "ArcadeTwist" and that has been possibly linked as the controlling program for VOT

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:48 AM

Posted 07 September 2015 - 08:51 PM

ok ..was enjoying some time off.

Remove what ADW found again
Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Now
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 SAILOR0316

SAILOR0316
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Texas
  • Local time:09:48 AM

Posted 20 September 2015 - 10:49 PM

boopme

 

Had to leave this effort to find the nuisance advertising programs, but have come back and reran all 5 programs by the instructions you gave me first time and I think that second time around your program selections got the job done.  The two nuisance advertising programs that kept jumping don't seem to be doing that anymore and I can't find their presence in the files they had been previously residing,  I have a different kind of aggravation in that AVG search jumps onto IE anytime IE is open and not doing something.  An aggravation that none of the 5 programs flagged or got rid of so is considered a legitimate program.  It shows but cannot be uninstalled by the normal uninstall method in control panel

 

But wanted to take a couple of minutes to thank you or your time and knowledge and offering to share that.  Thanks

 

SAILOR0316






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users