Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected at home and work


  • Please log in to reply
10 replies to this topic

#1 stephenl9

stephenl9

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 10:03 AM

I believe that I am infected with some sort of backdoor on both my home and company computer. Virus scan logs continually come up empty but updates are getting blocked at home and I believe that they are on the work PC too. I think that any exe that I download is modified before I open it. I believe that I am compromised through activex and or javascript. I see that windows updates repeat often and a continual adobe ARM log in my temp folder also. I also have a ws_crypto log. When I did a netstat, I had a ton of open connections. I believe that there is a man in the middle. I reformatted the home pc a couple weeks ago and issues came back.

 

Edit. I am running windows 7 on the office pc and windows 10 on the home pc. If you are able to help with the windows 7 PC, I would prefer to focus on that one in this thread. It is a company computer. I have an administrator account and have permission to repair as needed. IT does not believe that there is issue as their scan does not return viruses.


Edited by stephenl9, 08 March 2016 - 10:30 AM.


BC AdBot (Login to Remove)

 


#2 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:12:41 AM

Posted 08 March 2016 - 11:11 AM

Hi,

I'm Ian and I'll be helping you in this topic. Let's see if there's an issue. Please follow these instructions on the Windows 7 computer:

:step1: 3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Report FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
:step2: aOpBoaQ.pngMalwarebytes Anti-Malware - Clean Mode
  • Download and install the free version of Malwarebytes Anti-Malware
    Note: It's your choice if you want to enable the free trial of Malwarebytes Premium or not. Enabling it will give you real-time protection from the program, as well as access to all the Premium features.
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the Update Now button;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the checkbox by Threat is checked (it means that every item detected is checked), then click on the Remove Selected button;
  • Click on Save Results after the deletion (in the bottom-right corner) and select Copy to clipboard. Paste the content in your next reply;
:step3: 5KB3EXa.pngUpload a file on VirusTotal
  • Open your favorite web browser, and go on virustotal.com;
  • From there, click on the Select a file button and wait for the Windows Explorer to open;
  • Browse to Downloads, select MiniToolBox.exe and click on Open;
  • Once it's done, click on the Analyze button;
  • If you get a message that the file was already analyzed, click on the Re-analyze button;
  • Once done, copy and paste the VirusTotal report URL in your next reply;

Edited by iangcarroll, 08 March 2016 - 11:15 AM.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#3 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 01:09 PM

I edited a couple characters in the logs as (edit1),2,3 or 4 for some personal information. I hope that is ok. For Malwarebytes, I have been having some trouble with it, but it looks like it may have ran correctly this time. I notice that the Malwarebytes rootkit database states 2/27 yet but the malware database is from today. The only file detected was Adwcleaner which I downloaded from this site this morning but have not ran yet. Here is the virustotal link for minitoolbox https://www.virustotal.com/en/file/77519259a2057196df24fe66f2527311f875bd247f24fc47a5360ceb6bb09136/analysis/1457457597/

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by stephen.lo(edit4) (administrator) on 08-03-2016 at 10:41:41
Running from "C:\Users\stephen.lo(edit4)\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: OptiPlex 9010 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 0:80

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled
set subinterface interface=?E$ subinterface=ethernet_9 mtu=1477
add address name="Local Area Connection 2" address=172.17.239.71 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.239.75 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.239.208 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.232.14 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.232.239 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.233.20 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.234.203 mask=255.255.0.0
add address name="Local Area Connection 2" address=172.17.236.11 mask=255.255.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : (edit3)6901
   Primary Dns Suffix  . . . . . . . : (edit1)services.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : (edit1)services.local
                                       erp.root.com
                                       root.com
                                       microline.mtc
                                       sec2.local
                                       cruxsub.local
                                       mje.root.com
                                       valard.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : (edit1)services.local
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : 18-03-73-25-63-88
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7db9:aa25:6d36:6cdd%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.200.100.122(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, March 07, 2016 9:03:16 AM
   Lease Expires . . . . . . . . . . : Wednesday, March 09, 2016 9:03:18 AM
   Default Gateway . . . . . . . . . : 10.200.100.10
   DHCP Server . . . . . . . . . . . : 10.200.100.1
   DHCPv6 IAID . . . . . . . . . . . : 253231987
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3B-63-68-18-03-73-25-63-88
   DNS Servers . . . . . . . . . . . : 10.200.100.2
                                       10.100.100.13
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.(edit1)services.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : (edit1)services.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  (edit2)gc01.(edit1)services.local
Address:  10.200.100.2

Name:    google.com
Addresses:  2607:f8b0:4009:80a::200e
      216.58.216.78


Pinging google.com [216.58.216.78] with 32 bytes of data:
Reply from 216.58.216.78: bytes=32 time=36ms TTL=47
Reply from 216.58.216.78: bytes=32 time=36ms TTL=47

Ping statistics for 216.58.216.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 36ms, Average = 36ms
Server:  (edit2)gc01.(edit1)services.local
Address:  10.200.100.2

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=84ms TTL=45
Reply from 206.190.36.45: bytes=32 time=80ms TTL=45

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 80ms, Maximum = 84ms, Average = 82ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...18 03 73 25 63 88 ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    10.200.100.10   10.200.100.122     10
     10.200.100.0    255.255.255.0         On-link    10.200.100.122    266
   10.200.100.122  255.255.255.255         On-link    10.200.100.122    266
   10.200.100.255  255.255.255.255         On-link    10.200.100.122    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    10.200.100.122    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    10.200.100.122    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    266 fe80::/64                On-link
 12    266 fe80::7db9:aa25:6d36:6cdd/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 X:\Windows\System32\NLAapi.dll [File Not found] ()
x64-Catalog5 02 X:\Windows\System32\napinsp.dll [File Not found] ()
x64-Catalog5 03 X:\Windows\System32\pnrpnsp.dll [File Not found] ()
x64-Catalog5 04 X:\Windows\System32\pnrpnsp.dll [File Not found] ()
x64-Catalog5 05 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog5 06 X:\Windows\System32\winrnr.dll [File Not found] ()
x64-Catalog5 07 X:\Windows\System32\wshbth.dll [File Not found] ()
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 02 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 03 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 04 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 05 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 06 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 07 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 08 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 09 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 10 X:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 11 X:\Windows\System32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/08/2016 08:06:56 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18205, time stamp: 0x56a1b6f6
Faulting module name: ntdll.dll, version: 6.1.7601.19135, time stamp: 0x56a1c6fa
Exception code: 0xc0000374
Fault offset: 0x000cf70b
Faulting process id: 0x2d30
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/07/2016 02:22:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: PowerUserU.exe, version: 9.3.2555.2555, time stamp: 0x50ae3dfe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1f64
Faulting application start time: 0xPowerUserU.exe0
Faulting application path: PowerUserU.exe1
Faulting module path: PowerUserU.exe2
Report Id: PowerUserU.exe3

Error: (03/07/2016 12:20:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 44.0.2.5884, time stamp: 0x56bbe595
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x3165fd20
Faulting process id: 0x1704
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (03/07/2016 10:18:41 AM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 15.0.4797.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f7c

Start Time: 01d1788cf307c2be

Termination Time: 0

Application Path: C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE

Report Id: 3896e592-e480-11e5-8d10-180373256388

Error: (03/04/2016 06:16:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 44.0.2.5884, time stamp: 0x56bbe595
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x28d2f6fc
Faulting process id: 0x20f0
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (03/04/2016 06:07:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: Acrobat.exe, version: 11.0.14.16, time stamp: 0x56731fe8
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0b23fb7c
Faulting process id: 0x282c
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3

Error: (03/04/2016 05:59:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x50dcb523
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x50dcb523
Exception code: 0xc0000005
Fault offset: 0x0000000000016490
Faulting process id: 0x2454
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3

Error: (03/04/2016 05:44:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x50dcb523
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x50dcb523
Exception code: 0xc0000005
Fault offset: 0x0000000000016490
Faulting process id: 0x22a4
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3

Error: (03/04/2016 05:13:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: googleearth.exe, version: 7.1.5.1557, time stamp: 0x555d17ea
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1ca6f8a4
Faulting process id: 0x22b8
Faulting application start time: 0xgoogleearth.exe0
Faulting application path: googleearth.exe1
Faulting module path: googleearth.exe2
Report Id: googleearth.exe3

Error: (03/04/2016 03:02:06 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: SQL Server 2014 Reporting Services - Update '{2599BA0C-EEF3-4F8A-8910-B91B8502C4D3}' could not be installed. Error code 1642. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (03/07/2016 05:16:23 PM) (Source: DCOM) (User: (edit1))
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}(edit1)stephen.lo(edit4)S-1-5-21-1092493260-574507637-1691616715-104279LocalHost (Using LRPC)

Error: (03/07/2016 09:10:09 AM) (Source: DCOM) (User: (edit1))
Description: application-specificLocalActivation{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}(edit1)stephen.lo(edit4)S-1-5-21-1092493260-574507637-1691616715-104279LocalHost (Using LRPC)

Error: (03/07/2016 09:03:51 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (03/07/2016 09:03:29 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server Reporting Services (SQL6901) service failed to start due to the following error:
%%1069

Error: (03/07/2016 09:03:29 AM) (Source: Service Control Manager) (User: )
Description: The ReportServer$SQL6901 service was unable to log on as NT Service\ReportServer$SQL6901 with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.
 
Service: ReportServer$SQL6901
Domain and account: NT Service\ReportServer$SQL6901
 
This service account does not have the required user right "Log on as a service."
 
User Action
 
Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.
 
If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (03/07/2016 09:03:27 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQL6901) service failed to start due to the following error:
%%1069

Error: (03/07/2016 09:03:27 AM) (Source: Service Control Manager) (User: )
Description: The MSSQL$SQL6901 service was unable to log on as NT Service\MSSQL$SQL6901 with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.
 
Service: MSSQL$SQL6901
Domain and account: NT Service\MSSQL$SQL6901
 
This service account does not have the required user right "Log on as a service."
 
User Action
 
Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.
 
If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (03/07/2016 09:03:10 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (03/07/2016 09:03:08 AM) (Source: Service Control Manager) (User: )
Description: The Sentinel64 service depends on the Parallel port driver service which failed to start because of the following error:
%%1058

Error: (03/07/2016 09:03:09 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain (edit1) due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.


Microsoft Office Sessions:
=========================
Error: (03/08/2016 08:06:56 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1820556a1b6f6ntdll.dll6.1.7601.1913556a1c6fac0000374000cf70b2d3001d17943aebdd2f1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SysWOW64\ntdll.dll03e78831-e537-11e5-8d10-180373256388

Error: (03/07/2016 02:22:05 PM) (Source: Application Error)(User: )
Description: PowerUserU.exe9.3.2555.255550ae3dfeunknown0.0.0.000000000c0000005000000001f6401d178836b6f3c41C:\Program Files (x86)\BC-Meridian\Program\PowerUserU.exeunknown4197ce83-e4a2-11e5-8d10-180373256388

Error: (03/07/2016 12:20:04 PM) (Source: Application Error)(User: )
Description: firefox.exe44.0.2.588456bbe595unknown0.0.0.000000000c00000053165fd20170401d1789c60e218a7C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown360b3edf-e491-11e5-8d10-180373256388

Error: (03/07/2016 10:18:41 AM) (Source: Application Hang)(User: )
Description: WINWORD.EXE15.0.4797.10001f7c01d1788cf307c2be0C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE3896e592-e480-11e5-8d10-180373256388

Error: (03/04/2016 06:16:15 PM) (Source: Application Error)(User: )
Description: firefox.exe44.0.2.588456bbe595unknown0.0.0.000000000c000000528d2f6fc20f001d176554437f11aC:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown791b4d13-e267-11e5-828f-180373256388

Error: (03/04/2016 06:07:23 PM) (Source: Application Error)(User: )
Description: Acrobat.exe11.0.14.1656731fe8unknown0.0.0.000000000c00000050b23fb7c282c01d17671d8f5c74dC:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exeunknown3bfad14d-e266-11e5-828f-180373256388

Error: (03/04/2016 05:59:37 PM) (Source: Application Error)(User: )
Description: WSCommCntr4.exe4.0.3.050dcb523WSCommCntr4.exe4.0.3.050dcb523c00000050000000000016490245401d1767184cfb9adC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exeC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe264140bd-e265-11e5-828f-180373256388

Error: (03/04/2016 05:44:08 PM) (Source: Application Error)(User: )
Description: WSCommCntr4.exe4.0.3.050dcb523WSCommCntr4.exe4.0.3.050dcb523c0000005000000000001649022a401d17664dd6958efC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exeC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exefc7e16a9-e262-11e5-828f-180373256388

Error: (03/04/2016 05:13:18 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.5.1557555d17eaunknown0.0.0.000000000c00000051ca6f8a422b801d1766b0925dd58C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeunknownadf233ec-e25e-11e5-828f-180373256388

Error: (03/04/2016 03:02:06 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SQL Server 2014 Reporting Services{2599BA0C-EEF3-4F8A-8910-B91B8502C4D3}1642(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2016-02-28 18:44:06.742
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-28 18:11:31.681
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-22 04:58:30.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-22 04:30:15.441
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 21:18:54.611
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 20:39:36.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 20:26:41.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-16 22:50:55.923
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-16 22:03:40.204
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-15 06:09:38.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F37078EA-4B6A-1D6F-6FED-3EDF2117B42C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
A-PDF Restrictions Remover (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version:  - A-PDF Solution)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcGIS ArcReader 10 (HKLM-x32\...\{F1D00E37-3B2F-4A08-8765-486EB440CD04}) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS ArcReader 10 (HKLM-x32\...\ArcGIS ArcReader 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD Raster Design 2013 (HKLM\...\{5783F2D7-B031-0409-0102-0060B0CE6BBA}) (Version: 19.0.70.0 - Autodesk) Hidden
AutoCAD Raster Design 2013 (HKLM\...\AutoCAD Raster Design 2013) (Version: 19.0.70.0 - Autodesk)
AutoCAD Raster Design 2015 (HKLM\...\{5783F2D7-E031-0409-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk AutoCAD Raster Design 2015 (HKLM\...\AutoCAD Raster Design 2015) (Version: 20.0.51.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.9.100 - Autodesk, Inc.)
Avery Design & Print (HKLM-x32\...\Avery Design & Print 1.0.0) (Version: 1.0.0 - Avery Products Corporation)
AVG (HKLM\...\AVG) (Version: 3544 - AVG Technologies)
AVG 2013 (HKLM\...\{2B2542FF-A234-45E8-A066-A779AD204208}) (Version: 13.0.3553 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{39FF76A0-142D-4B7F-B42B-90236C4F7A22}) (Version: 13.0.4477 - AVG Technologies) Hidden
Bentley DGN IFilter (HKLM\...\{2E873893-A883-4C06-8308-7B491D58F3D6}) (Version: 1.0.1.9 - Bentley Systems, Incorporated)
Bentley DGN Thumbnail Provider (HKLM\...\{74A8C1AF-75E5-4653-95AF-222725B7D877}) (Version: 8.11.7.404 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 2) - Autodesk® RealDWG™ 2010 (HKLM-x32\...\{477F115E-D48E-4D9D-B839-2AF37CA2987B}) (Version: 8.11.7.443 - Bentley Systems, Incorporated)
Bluebeam Revu x64 12 (HKLM\...\{8F81B206-1111-4EFA-8431-42BB992C5D76}) (Version: 12.5.0 - Bluebeam Software) Hidden
Bluebeam Revu x64 12 (HKLM-x32\...\InstallShield_{8F81B206-1111-4EFA-8431-42BB992C5D76}) (Version: 12.5.0 - Bluebeam Software)
BlueCielo Meridian Enterprise (x64) (HKLM\...\{D4D62738-7FF0-4B33-9EF9-3D1CCDCD74F0}) (Version: 9.30.32 - BlueCielo ECM Solutions)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{64973F6A-8754-43D1-BDD0-FC6F0546347B}) (Version: 14.4.6.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{80416A15-214B-4F25-A025-ED6E875631F2}) (Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.100.14 - Citrix Systems, Inc.)
Conductor Comparison Program (HKLM-x32\...\{D130D35B-CF88-41F9-9F31-D4F7CDDC3388}) (Version: 2.7.4bU - CTC Global Corporation)
Configuration Manager Client (HKLM\...\{343D4507-997F-4553-9F86-2BB81F19A05E}) (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.)
Dell System Detect - 1  (HKCU\...\58d94f3ce2c27db0) (Version: 6.12.0.1 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DWG TrueView 2014 (HKLM\...\{5783F2D7-D028-0409-0100-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FAD Tools (HKLM-x32\...\{B50C49F8-2628-40F8-B86B-40B9283A0BCB}) (Version: 5.0.21 - DiGioia, Gray & Associates, LLC)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
FLI-MAP Flip7 (HKLM-x32\...\FLI-MAP Flip7) (Version:  - )
FLI-MAP Prerequisites (HKLM-x32\...\{9842186D-55DB-4C97-8DB8-CE5947FA5227}) (Version: 1.0.0 - Fugro Chance Inc.)
GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HHD Software Free Hex Editor Neo 6.11 (HKLM\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.11.0.5363 - HHD Software, Ltd.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6316.0 - IDT)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
join.me (HKCU\...\JoinMe) (Version: 1.11.1.256 - LogMeIn, Inc.)
KIP PrintPro (HKCU\...\0ef34d52acf913b0) (Version: 1.1.5751.19340 - KIP)
K-Lite Codec Pack 8.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LEGATO EmailXtender Shortcut Addin 4.81 (HKLM-x32\...\{BEF5B614-5652-49B5-90A0-7F47DABA0E9F}) (Version: 4.81.1043 - EMC Corporation)
LinkedIn Outlook Connector (HKLM-x32\...\LinkedIn Outlook Connector) (Version: 1.1.10.0 - LinkedIn)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Mathcad 15 M005 (HKLM-x32\...\{7A3049A3-D145-4A32-8FD4-60BF7950BC98}) (Version: 15.0.0.5 - PTC)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Lync 2013 (HKLM-x32\...\Office15.LYNC) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (HKLM-x32\...\{95140000-007C-0409-0000-0000000FF1CE}) (Version: 14.0.6114.5003 - Microsoft Corporation)
Microsoft Project Standard 2013 (HKLM-x32\...\Office15.PRJSTD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM-x32\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{705AFC05-AD2F-473E-A2ED-BED746D473F2}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 (HKLM-x32\...\{6F396FFB-CC3A-4335-BC0B-2AEF38F4492C}) (Version: 2.0.5050.0 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
MicroStation V8i (SELECTseries 2) 08.11.07.443 (HKLM-x32\...\{7E9B0F70-EEF6-41E1-BF89-FDC4B9EDBD9C}) (Version: 8.11.7.443 - Bentley Systems, Incorporated)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Online Plug-in (HKLM-x32\...\{C0F6F192-C145-44AF-8D68-CC6F91DE9F9B}) (Version: 14.2.100.14 - Citrix Systems, Inc.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PLS-CADD (HKLM-x32\...\PLS-CADD) (Version: 14.00+ - Power Line Systems, Inc.)
PLS-POLE (HKLM-x32\...\PLS-POLE) (Version: 14.00 - Power Line Systems, Inc.)
Print (HKLM-x32\...\{46CA69B2-91DC-4C83-B90F-6A94102B2049}) (Version: 8.000.0069 - )
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{D2FDD9AD-F2FA-42D7-B4B6-43202C53F142}) (Version: 1.1.12 - PTC)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RateKit (HKLM-x32\...\{78260C75-F843-4F3F-BD7A-D47DED0DD2A2}) (Version: 4.1 - PDC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5985 - Realtek Semiconductor Corp.)
Resource Tuner 2.04 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.04 - Heaventools Software)
SAPS (HKLM-x32\...\SAPS) (Version: 14.00 - Power Line Systems, Inc.)
Self-service Plug-in (HKLM-x32\...\{D294F212-1DB8-47C8-9579-A53F50186DA2}) (Version: 4.2.100.5943 - Citrix Systems, Inc.) Hidden
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0017-0000-0000-0000000FF1CE}_Office15.SharePointDesigner_{0ED32FD9-24E7-4F6F-A036-E50313B3799A}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-012C-0000-0000-0000000FF1CE}_Office15.LYNC_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Southwire SAG10 3.10.1v (HKLM-x32\...\Southwire SAG10_is1) (Version:  - Southwire)
SQL Server 2014 Client Tools (HKLM\...\{2BA1811B-44C0-4C50-8C5A-CE68AB25ED71}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{1D01EDF6-7E93-4FEE-AA09-C5669511100C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{5EACF47D-EB70-4FE0-83DE-9FD9693C24B9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (HKLM\...\{832D6A7D-13F7-42CB-9AC6-5859800269AE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (HKLM\...\{B40B7A25-308B-4650-8B42-E51710CDD4D9}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{026E123D-2160-46C7-A801-87D27D46835E}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM\...\{700C00BA-E947-4B77-8EF1-588DF210E931}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Techsoft PixEdit 8 (HKLM-x32\...\{9BED3AE6-A8E5-4033-AB21-24A6D6AB76F3}) (Version: 8.0.13 - Techsoft a.s.)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TOWER (HKLM-x32\...\TOWER) (Version: 14.00 - Power Line Systems, Inc.)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.LYNC_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.LYNC_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PRJSTD_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.SharePointDesigner_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.LYNC_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-012C-0000-0000-0000000FF1CE}_Office15.LYNC_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
Vibrec (HKLM-x32\...\{212E7444-0998-4E4B-8E3A-801490B58B83}_is1) (Version: 1.4.125 - AFL Telecommunications LLC)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windchill ProductPoint Client Manager-2.0_2010.09.06.001 (HKLM-x32\...\{225B779B-94BA-4A83-9E11-6F1D99ECE7CD}) (Version: 2.0.1906 - PTC)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.0.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.2 - The Wireshark developer community, https://www.wireshark.org)
XviD 1.1 final uninstall (HKLM-x32\...\XviD_is1) (Version: 1.1 - XviD team (Koepi))
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Device ID: ROOT\NET\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: IDMWFP
Description: IDMWFP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDMWFP
Device ID: ROOT\LEGACY_IDMWFP\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 32722.53 MB
Available physical RAM: 24746.64 MB
Total Virtual: 54232.47 MB
Available Virtual: 45592.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.59 GB) (Free:23.08 GB) NTFS

========================= Users: ========================================

User accounts for \\(edit3)6901

Administrator            Guest                    Jack                     
(edit3)                      Stephen                  


**** End of log ****

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/8/2016
Scan Time: 10:50 AM
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.08.05
Rootkit Database: v2016.02.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: stephen.lo(edit4)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 826863
Time Elapsed: 36 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Backdoor.Agent, C:\Users\stephen.lo(edit4)\explorer.exe, Quarantined, [d67f5530089150e62b7e6d6903001ee2],

Physical Sectors: 0
(No malicious items detected)


(end)
 



#4 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:12:41 AM

Posted 08 March 2016 - 02:47 PM

Hi,

The MBAM rootkit database will only have its date incremented when they release new signatures, so you're okay there. Editing out personal information should be fine as long as you indicate when you do. Let's collect a couple more logs:

:step1: aOpBoaQ.pngMalwarebytes Anti-Malware
  • Go in the Settings tab and enable "Explorer context menu entry", and then in Detection and Protection in the left pane make sure that the Scan for rootkits option is checked.
    9146fs7.png
:step2: aOpBoaQ.pngMalwarebytes Anti-Malware - Clean Mode
  • Re-open Malwarebytes Anti-Malware;
  • Click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the checkbox by Threat is checked (it means that every item detected is checked), then click on the Remove Selected button;
  • Click on Save Results after the deletion (in the bottom-right corner) and select Copy to clipboard. Paste the content in your next reply;
:step3: Z7YgZ8d.pngTDSSKiller
  • Download TDSSKiller from BleepingComputer, then move the executable file on your Desktop;
  • Right-click on tdsskiller.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the End User Licence Agreement (EULA) and the KSN Statement;
  • Once the application is done initializing, click on the Change parameters button;
  • In addition to the current checked boxes, check these two as well:
    • Verify file digital signature;
    • Detect TDLFS file system;
  • Once done, click on Ok then click on Start scan;
  • After the scan is complete, click on the Report button, in the top right corner;
  • A report window will open with the scan log. Copy and paste it in your next reply;
5KB3EXa.pngUpload a file on VirusTotal
  • Open Malwarebytes Anti-Malware;
  • Go to the "History" tab and then the "Quarantine" section. Find the file with a location of "C:\Users\yourusername\explorer.exe" and click "Restore".
  • Open your favorite web browser, and go on virustotal.com;
  • From there, click on the Select a file button and wait for the Windows Explorer to open;
  • Browse to C:\Users\yourusername, select explorer.exe and click on Open;
  • Once it's done, click on the Analyze button;
  • If you get a message that the file was already analyzed, click on the Re-analyze button;
  • Once done, copy and paste the VirusTotal report URL in your next reply;
  • Go back to your home directory (C:\Users\<yourusername>) in Windows Explorer, right click (do not open it/left click on it) explorer.exe and select "Scan with Malwarebytes". The file should be removed and placed back in the quarantine; you can move it to the recycle bin manually if not.
Let me know if you have any issues performing these steps; I had to modify these instructions a bit so hopefully my modifications do not make them hard to follow.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#5 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 05:33 PM

Thank you. It looks like "Explorer context menu entry" was already selected. I enabled the rootkit scan though. No items were detected. It may be irrelevant but last week before I reformatted the other PC that I mentioned in the first post, these two tools did not state anything obvious either. At the same time though, a different program from this site identified that my java was out of date but it kept rolling back. I am having trouble posting the entire logs. I will try breaking it out in multiple posts.

 

Here is the link requested. Malwarebytes detected the file when I scanned it. I chose quarantine again. It asked me to reboot after that.

https://www.virustotal.com/en/file/221aff3b92b019fc6af13938637514525df2ad798a1ff7e71ab96bda39651e12/analysis/

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/8/2016
Scan Time: 2:27 PM
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.08.06
Rootkit Database: v2016.02.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: stephen.lo(edit4)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 829434
Time Elapsed: 1 hr, 3 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#6 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 05:35 PM

15:50:07.0358 0x10e4  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12

15:50:11.0538 0x10e4  ============================================================

15:50:11.0539 0x10e4  Current date / time: 2016/03/08 15:50:11.0538

15:50:11.0539 0x10e4  SystemInfo:

15:50:11.0539 0x10e4 

15:50:11.0539 0x10e4  OS Version: 6.1.7601 ServicePack: 1.0

15:50:11.0539 0x10e4  Product type: Workstation

15:50:11.0539 0x10e4  ComputerName: (edit3)6901

15:50:11.0539 0x10e4  UserName: stephen.lo(edit4)

15:50:11.0539 0x10e4  Windows directory: C:\windows

15:50:11.0539 0x10e4  System windows directory: C:\windows

15:50:11.0539 0x10e4  Running under WOW64

15:50:11.0539 0x10e4  Processor architecture: Intel x64

15:50:11.0539 0x10e4  Number of processors: 8

15:50:11.0539 0x10e4  Page size: 0x1000

15:50:11.0539 0x10e4  Boot type: Normal boot

15:50:11.0539 0x10e4  ============================================================

15:50:12.0768 0x10e4  KLMD registered as C:\windows\system32\drivers\59706689.sys

15:50:13.0649 0x10e4  System UUID: {81BE4D1B-8714-4B76-DF23-A4036AF98E21}

15:50:14.0194 0x10e4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:50:14.0206 0x10e4  ============================================================

15:50:14.0206 0x10e4  \Device\Harddisk0\DR0:

15:50:14.0206 0x10e4  MBR partitions:

15:50:14.0206 0x10e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x804, BlocksNum 0x95CAC

15:50:14.0206 0x10e4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x964B0, BlocksNum 0x1D12EA34

15:50:14.0206 0x10e4  ============================================================

15:50:14.0253 0x10e4  C: <-> \Device\Harddisk0\DR0\Partition2

15:50:14.0253 0x10e4  ============================================================

15:50:14.0253 0x10e4  Initialize success

15:50:14.0253 0x10e4  ============================================================

15:50:40.0374 0x2044  ============================================================

15:50:40.0374 0x2044  Scan started

15:50:40.0374 0x2044  Mode: Manual; SigCheck; TDLFS;

15:50:40.0374 0x2044  ============================================================

15:50:40.0374 0x2044  KSN ping started

15:50:42.0773 0x2044  KSN ping finished: true

15:50:45.0674 0x2044  ================ Scan system memory ========================

15:50:45.0674 0x2044  System memory - ok

15:50:45.0674 0x2044  ================ Scan services =============================

15:50:46.0275 0x2044  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys

15:50:46.0333 0x2044  1394ohci - ok

15:50:46.0386 0x2044  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys

15:50:46.0397 0x2044  ACPI - ok

15:50:46.0447 0x2044  [ 12C5274CD87449A2A37A607CDB321922, 50FA524E66A8FA04037DC954D3AB5383C633898F111A3B7488630B649B897370 ] acpials         C:\windows\system32\DRIVERS\acpials.sys

15:50:46.0462 0x2044  acpials - ok

15:50:46.0489 0x2044  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys

15:50:46.0498 0x2044  AcpiPmi - ok

15:50:46.0586 0x2044  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\windows\system32\DRIVERS\acsock64.sys

15:50:46.0597 0x2044  acsock - ok

15:50:46.0809 0x2044  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

15:50:46.0816 0x2044  AdobeARMservice - ok

15:50:46.0915 0x2044  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:50:46.0924 0x2044  AdobeFlashPlayerUpdateSvc - ok

15:50:46.0969 0x2044  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys

15:50:46.0981 0x2044  adp94xx - ok

15:50:47.0021 0x2044  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys

15:50:47.0031 0x2044  adpahci - ok

15:50:47.0062 0x2044  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys

15:50:47.0071 0x2044  adpu320 - ok

15:50:47.0117 0x2044  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll

15:50:47.0140 0x2044  AeLookupSvc - ok

15:50:47.0182 0x2044  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\windows\system32\drivers\afd.sys

15:50:47.0196 0x2044  AFD - ok

15:50:47.0224 0x2044  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys

15:50:47.0231 0x2044  agp440 - ok

15:50:47.0292 0x2044  [ 89CD44C10D9B4D87725FF07F18A5702F, 6FB4CA3E8D9D65ED341F97DD7CF792CFACC5EAD4296DFC4E22D770B2383DFB91 ] aksdf           C:\windows\system32\drivers\aksdf.sys

15:50:47.0300 0x2044  aksdf - ok

15:50:47.0386 0x2044  [ BA0B6FD78AE88D39B9D3D984F295A137, 87185242D18C9BE6A763E7849F0F2968B7313BB81A4E44FC4E021A36284D0D0C ] aksfridge       C:\windows\system32\drivers\aksfridge.sys

15:50:47.0394 0x2044  aksfridge - ok

15:50:47.0426 0x2044  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe

15:50:47.0434 0x2044  ALG - ok

15:50:47.0459 0x2044  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys

15:50:47.0465 0x2044  aliide - ok

15:50:47.0548 0x2044  [ 9D933382E9FB8B615C81F5F610738462, 9205AD9B894682329F617BA9BBE4F8DEA7CA59B01BA0B68B136DDACE9BD7A09A ] AMD External Events Utility C:\windows\system32\atiesrxx.exe

15:50:47.0562 0x2044  AMD External Events Utility - ok

15:50:47.0588 0x2044  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys

15:50:47.0594 0x2044  amdide - ok

15:50:47.0619 0x2044  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys

15:50:47.0638 0x2044  AmdK8 - ok

15:50:47.0696 0x2044  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\windows\system32\DRIVERS\amdkmafd.sys

15:50:47.0702 0x2044  amdkmafd - ok

15:50:47.0736 0x2044  amdkmdag - ok

15:50:47.0818 0x2044  [ 837931BA1BD452017CD5AA22A64F1FCA, A7090E7E1147FD0995B0A91FC3ECB9D72FF26DA49D2642CA4EC97597EFA4AF9E ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys

15:50:47.0838 0x2044  amdkmdap - ok

15:50:47.0852 0x2044  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys

15:50:47.0860 0x2044  AmdPPM - ok

15:50:47.0873 0x2044  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys

15:50:47.0881 0x2044  amdsata - ok

15:50:47.0910 0x2044  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys

15:50:47.0918 0x2044  amdsbs - ok

15:50:47.0931 0x2044  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys

15:50:47.0938 0x2044  amdxata - ok

15:50:47.0954 0x2044  ApfiltrService - ok

15:50:48.0005 0x2044  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\windows\system32\drivers\appid.sys

15:50:48.0013 0x2044  AppID - ok

15:50:48.0031 0x2044  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\windows\System32\appidsvc.dll

15:50:48.0039 0x2044  AppIDSvc - ok

15:50:48.0067 0x2044  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\windows\System32\appinfo.dll

15:50:48.0091 0x2044  Appinfo - ok

15:50:48.0296 0x2044  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:50:48.0302 0x2044  Apple Mobile Device Service - ok

15:50:48.0368 0x2044  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\windows\System32\appmgmts.dll

15:50:48.0386 0x2044  AppMgmt - ok

15:50:48.0415 0x2044  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys

15:50:48.0422 0x2044  arc - ok

15:50:48.0445 0x2044  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys

15:50:48.0452 0x2044  arcsas - ok

15:50:48.0560 0x2044  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:50:48.0568 0x2044  aspnet_state - ok

15:50:48.0593 0x2044  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys

15:50:48.0617 0x2044  AsyncMac - ok

15:50:48.0648 0x2044  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys

15:50:48.0655 0x2044  atapi - ok

15:50:48.0692 0x2044  [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys

15:50:48.0701 0x2044  AtiHDAudioService - ok

15:50:48.0771 0x2044  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

15:50:48.0787 0x2044  AudioEndpointBuilder - ok

15:50:48.0798 0x2044  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll

15:50:48.0814 0x2044  AudioSrv - ok

15:50:48.0904 0x2044  [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

15:50:48.0913 0x2044  Autodesk Content Service - ok

15:50:49.0175 0x2044  [ 749D739598A94967BEF0CD00B12F3B65, 7A73B24427FDC5BAF93F3F8270AEFB898BB0C0A43F351E5BE651252176A2EAF7 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

15:50:49.0246 0x2044  AVGIDSAgent - ok

15:50:49.0330 0x2044  [ 92B7689FBC131E143421A19C18320E34, D3A323015790355070A380731CA56547F518F8AF800BC71670481A646C8FEEB3 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdrivera.sys

15:50:49.0339 0x2044  AVGIDSDriver - ok

15:50:49.0390 0x2044  [ 44F8A5F466891EDE5BA5EBBB7F1184E8, 944EF9A6EAE4D58634BDFEEBAC77A8A02375D8F937DCB989D7B4E96A1EA02466 ] AVGIDSHA        C:\windows\system32\DRIVERS\avgidsha.sys

15:50:49.0398 0x2044  AVGIDSHA - ok

15:50:49.0413 0x2044  [ 7A01A673385EC817567E43F55E05BC5F, 00A3795818E451D665AB15C176DC06E7C678125C071572AEBA7BA4748CC1A69E ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys

15:50:49.0421 0x2044  Avgldx64 - ok

15:50:49.0499 0x2044  [ CA38DDB966B78E293A0B401BAEAB56AA, 23A7F7175A1E7426F316FAA81B446B1B4AF89BE96D6D376DD9D1286F1B9ED6EA ] Avgloga         C:\windows\system32\DRIVERS\avgloga.sys

15:50:49.0510 0x2044  Avgloga - ok

15:50:49.0538 0x2044  [ A4618F1940A11880293F099157CC351B, 555157D523FCC4C27CACACF7C29656DB3CDD186A3EF42FDC2D16790D377ACEB2 ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys

15:50:49.0547 0x2044  Avgmfx64 - ok

15:50:49.0565 0x2044  [ E191E443B0F7B05E784279A1C29B9D2A, 24B2B048C2CE5520A6B0E6702F55B5B65411E3E3D0857301E430EF2F9D7ECAFE ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys

15:50:49.0571 0x2044  Avgrkx64 - ok

15:50:49.0583 0x2044  [ 83E9BF9805F4DC9C797A61C7F12343FA, 4D92810DCF6737BA55735915D4BAA0DB1B49EC655E7E95C38D6D8BC3022DC017 ] Avgtdia         C:\windows\system32\DRIVERS\avgtdia.sys

15:50:49.0593 0x2044  Avgtdia - ok

15:50:49.0643 0x2044  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

15:50:49.0653 0x2044  avgwd - ok

15:50:49.0749 0x2044  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll

15:50:49.0760 0x2044  AxInstSV - ok

15:50:49.0793 0x2044  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys

15:50:49.0815 0x2044  b06bdrv - ok

15:50:49.0896 0x2044  [ 00E4FD35CE3E817F19D6BC2B6F97FD90, C2062C64C7737BAF92767B73C856B9A3C505758C1F0D411DCBB23D26837041D1 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys

15:50:49.0907 0x2044  b57nd60a - ok

15:50:49.0914 0x2044  BCM42RLY - ok

15:50:50.0033 0x2044  [ D20EE58C13FF343B90550861EBCD9DDD, D177D56FE6AE0408C0A60AC17DEFAAD5EFEC1D7435A495E9265D0744639E8639 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl664.sys

15:50:50.0101 0x2044  BCM43XX - ok

15:50:50.0225 0x2044  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll

15:50:50.0234 0x2044  BDESVC - ok

15:50:50.0252 0x2044  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys

15:50:50.0286 0x2044  Beep - ok

15:50:50.0357 0x2044  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll

15:50:50.0374 0x2044  BFE - ok

15:50:50.0405 0x2044  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll

15:50:50.0450 0x2044  BITS - ok

15:50:50.0474 0x2044  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys

15:50:50.0494 0x2044  blbdrive - ok

15:50:50.0560 0x2044  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:50:50.0571 0x2044  Bonjour Service - ok

15:50:50.0614 0x2044  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys

15:50:50.0622 0x2044  bowser - ok

15:50:50.0645 0x2044  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys

15:50:50.0654 0x2044  BrFiltLo - ok

15:50:50.0657 0x2044  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys

15:50:50.0675 0x2044  BrFiltUp - ok

15:50:50.0715 0x2044  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys

15:50:50.0734 0x2044  BridgeMP - ok

15:50:50.0805 0x2044  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll

15:50:50.0814 0x2044  Browser - ok

15:50:50.0829 0x2044  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys

15:50:50.0845 0x2044  Brserid - ok

15:50:50.0857 0x2044  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys

15:50:50.0866 0x2044  BrSerWdm - ok

15:50:50.0881 0x2044  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys

15:50:50.0889 0x2044  BrUsbMdm - ok

15:50:50.0904 0x2044  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys

15:50:50.0911 0x2044  BrUsbSer - ok

15:50:50.0929 0x2044  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys

15:50:50.0937 0x2044  BthEnum - ok

15:50:50.0953 0x2044  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys

15:50:50.0969 0x2044  BTHMODEM - ok

15:50:50.0998 0x2044  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys

15:50:51.0009 0x2044  BthPan - ok

15:50:51.0053 0x2044  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys

15:50:51.0073 0x2044  BTHPORT - ok

15:50:51.0105 0x2044  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll

15:50:51.0139 0x2044  bthserv - ok

15:50:51.0151 0x2044  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys

15:50:51.0159 0x2044  BTHUSB - ok

15:50:51.0171 0x2044  btwaudio - ok

15:50:51.0210 0x2044  [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt         C:\windows\system32\drivers\btwavdt.sys

15:50:51.0217 0x2044  btwavdt - ok

15:50:51.0219 0x2044  btwl2cap - ok

15:50:51.0231 0x2044  [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid        C:\windows\system32\drivers\btwrchid.sys

15:50:51.0237 0x2044  btwrchid - ok

15:50:51.0674 0x2044  [ 9C51A2E99137E1EC7D3B6D245CC4212B, 7250EA733C967A2E4E3BC91E108E9DCD558B4F2D11C2E07C5650D192D135A580 ] CcmExec         C:\windows\CCM\CcmExec.exe

15:50:51.0704 0x2044  CcmExec - ok

15:50:51.0745 0x2044  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys

15:50:51.0765 0x2044  cdfs - ok

15:50:51.0786 0x2044  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys

15:50:51.0795 0x2044  cdrom - ok

15:50:51.0856 0x2044  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll

15:50:51.0879 0x2044  CertPropSvc - ok

15:50:51.0903 0x2044  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys

15:50:51.0914 0x2044  circlass - ok

15:50:51.0975 0x2044  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys

15:50:51.0986 0x2044  CLFS - ok

15:50:52.0062 0x2044  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:50:52.0069 0x2044  clr_optimization_v2.0.50727_32 - ok

15:50:52.0116 0x2044  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:50:52.0124 0x2044  clr_optimization_v2.0.50727_64 - ok

15:50:52.0210 0x2044  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:50:52.0218 0x2044  clr_optimization_v4.0.30319_32 - ok

15:50:52.0234 0x2044  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:50:52.0243 0x2044  clr_optimization_v4.0.30319_64 - ok

15:50:52.0258 0x2044  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys

15:50:52.0265 0x2044  CmBatt - ok

15:50:52.0279 0x2044  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys

15:50:52.0285 0x2044  cmdide - ok

15:50:52.0391 0x2044  [ 362FFD855807D60FF41C6C6DA235D52C, 95A850172D4F5D1091FBED460E05F1A1BCC01D688970DB2E18252B7216A1E2D1 ] CmRcService     C:\windows\CCM\RemCtrl\CmRcService.exe

15:50:52.0406 0x2044  CmRcService - ok

15:50:52.0478 0x2044  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\windows\system32\Drivers\cng.sys

15:50:52.0493 0x2044  CNG - ok

15:50:52.0519 0x2044  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys

15:50:52.0526 0x2044  Compbatt - ok

15:50:52.0558 0x2044  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys

15:50:52.0568 0x2044  CompositeBus - ok

15:50:52.0581 0x2044  COMSysApp - ok

15:50:52.0611 0x2044  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys

15:50:52.0618 0x2044  crcdisk - ok

15:50:52.0669 0x2044  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll

15:50:52.0693 0x2044  CryptSvc - ok

15:50:52.0721 0x2198  Object required for P2P: [ 749D739598A94967BEF0CD00B12F3B65 ] AVGIDSAgent

15:50:52.0727 0x2044  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\windows\system32\drivers\csc.sys

15:50:52.0755 0x2044  CSC - ok

15:50:52.0789 0x2044  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll

15:50:52.0805 0x2044  CscService - ok

15:50:52.0886 0x2044  [ 46373C2A6873A436C9569B433F45C76A, 685A9F5D005136B0B31B64BBB4BCF760C7FE53A3606D4BB70EF7922BE791C1A4 ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys

15:50:52.0895 0x2044  ctxusbm - ok

15:50:52.0934 0x2044  [ 23D4B856725F5FC3C4F410C150AB107B, 6F2D24E9A113670A71B1E6C51DA08FEDCEEA66898D14052921DA6B4C1CD81EE9 ] dc3d            C:\windows\system32\drivers\dc3d.sys

15:50:52.0940 0x2044  dc3d - ok

15:50:52.0982 0x2044  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll

15:50:53.0007 0x2044  DcomLaunch - ok

15:50:53.0049 0x2044  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll

15:50:53.0072 0x2044  defragsvc - ok

15:50:53.0129 0x2044  [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC            C:\windows\system32\Drivers\dfsc.sys

15:50:53.0151 0x2044  DfsC - ok

15:50:53.0168 0x2044  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll

15:50:53.0193 0x2044  Dhcp - ok

15:50:53.0303 0x2044  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\windows\system32\diagtrack.dll

15:50:53.0328 0x2044  DiagTrack - ok

15:50:53.0393 0x2044  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys

15:50:53.0413 0x2044  discache - ok

15:50:53.0446 0x2044  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys

15:50:53.0453 0x2044  Disk - ok

15:50:53.0475 0x2044  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\windows\system32\drivers\dmvsc.sys

15:50:53.0482 0x2044  dmvsc - ok

15:50:53.0506 0x2044  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll

15:50:53.0515 0x2044  Dnscache - ok

15:50:53.0525 0x2044  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll

15:50:53.0562 0x2044  dot3svc - ok

15:50:53.0582 0x2044  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll

15:50:53.0603 0x2044  DPS - ok

15:50:53.0646 0x2044  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys

15:50:53.0664 0x2044  drmkaud - ok

15:50:53.0727 0x2044  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys

15:50:53.0746 0x2044  DXGKrnl - ok

15:50:53.0817 0x2044  [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress      C:\windows\system32\DRIVERS\e1c62x64.sys

15:50:53.0828 0x2044  e1cexpress - ok

15:50:53.0856 0x2044  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\windows\system32\DRIVERS\e1y60x64.sys

15:50:53.0871 0x2044  e1yexpress - ok

15:50:53.0895 0x2044  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll

15:50:53.0915 0x2044  EapHost - ok

15:50:53.0982 0x2044  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys

15:50:54.0033 0x2044  ebdrv - ok

15:50:54.0084 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS             C:\windows\System32\lsass.exe

15:50:54.0093 0x2044  EFS - ok

15:50:54.0133 0x2044  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe

15:50:54.0149 0x2044  ehRecvr - ok

15:50:54.0158 0x2044  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe

15:50:54.0166 0x2044  ehSched - ok

15:50:54.0198 0x2044  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys

15:50:54.0211 0x2044  elxstor - ok

15:50:54.0222 0x2044  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys

15:50:54.0239 0x2044  ErrDev - ok

15:50:54.0275 0x2044  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll

15:50:54.0315 0x2044  EventSystem - ok

15:50:54.0359 0x2044  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys

15:50:54.0381 0x2044  exfat - ok

15:50:54.0401 0x2044  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys

15:50:54.0422 0x2044  fastfat - ok

15:50:54.0454 0x2044  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe

15:50:54.0481 0x2044  Fax - ok

15:50:54.0505 0x2044  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys

15:50:54.0513 0x2044  fdc - ok

15:50:54.0539 0x2044  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll

15:50:54.0558 0x2044  fdPHost - ok

15:50:54.0567 0x2044  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll

15:50:54.0586 0x2044  FDResPub - ok

15:50:54.0619 0x2044  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys

15:50:54.0626 0x2044  FileInfo - ok

15:50:54.0646 0x2044  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys

15:50:54.0665 0x2044  Filetrace - ok

15:50:54.0738 0x2044  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

15:50:54.0761 0x2044  FLEXnet Licensing Service 64 - ok

15:50:54.0798 0x2044  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys

15:50:54.0805 0x2044  flpydisk - ok

15:50:54.0819 0x2044  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys

15:50:54.0828 0x2044  FltMgr - ok

15:50:54.0902 0x2044  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\windows\system32\FntCache.dll

15:50:54.0925 0x2044  FontCache - ok

15:50:54.0957 0x2044  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:50:54.0962 0x2044  FontCache3.0.0.0 - ok

15:50:54.0991 0x2044  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys

15:50:55.0001 0x2044  FsDepends - ok

15:50:55.0021 0x2044  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys

15:50:55.0021 0x2044  Fs_Rec - ok

15:50:55.0091 0x2044  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys

15:50:55.0101 0x2044  fvevol - ok

15:50:55.0111 0x2044  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys

15:50:55.0121 0x2044  gagp30kx - ok

15:50:55.0211 0x2044  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys

15:50:55.0221 0x2044  GEARAspiWDM - ok

15:50:55.0271 0x2044  [ FE91DC3D9A696CCDDB9F51C25ACBC53A, 4E1A7BB3AC57530A1DF8AB7E981087275E89E6AC629F881C98E40F13150ED532 ] gpsvc           C:\windows\System32\gpsvc.dll

15:50:55.0311 0x2044  gpsvc - ok

15:50:55.0361 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:50:55.0371 0x2044  gupdate - ok

15:50:55.0371 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:50:55.0381 0x2044  gupdatem - ok

15:50:55.0431 0x2044  [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] hardlock        C:\windows\system32\drivers\hardlock.sys

15:50:55.0441 0x2044  hardlock - ok

15:50:55.0441 0x2044  hasplms - ok

15:50:55.0471 0x2044  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys

15:50:55.0471 0x2198  Object send P2P result: true

15:50:55.0481 0x2044  hcw85cir - ok

15:50:55.0521 0x2044  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

15:50:55.0541 0x2044  HdAudAddService - ok

15:50:55.0581 0x2044  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys

15:50:55.0591 0x2044  HDAudBus - ok

15:50:55.0601 0x2044  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys

15:50:55.0611 0x2044  HidBatt - ok

15:50:55.0621 0x2044  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys

15:50:55.0651 0x2044  HidBth - ok

15:50:55.0671 0x2044  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys

15:50:55.0681 0x2044  HidIr - ok

15:50:55.0701 0x2044  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll

15:50:55.0731 0x2044  hidserv - ok

15:50:55.0781 0x2044  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys

15:50:55.0801 0x2044  HidUsb - ok

15:50:55.0821 0x2044  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll

15:50:55.0841 0x2044  hkmsvc - ok

15:50:55.0861 0x2044  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll

15:50:55.0871 0x2044  HomeGroupListener - ok

15:50:55.0891 0x2044  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll

15:50:55.0901 0x2044  HomeGroupProvider - ok

15:50:55.0921 0x2044  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys

15:50:55.0931 0x2044  HpSAMD - ok

15:50:55.0991 0x2044  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys

15:50:56.0011 0x2044  HTTP - ok

15:50:56.0041 0x2044  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys

15:50:56.0041 0x2044  hwpolicy - ok

15:50:56.0061 0x2044  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys

15:50:56.0071 0x2044  i8042prt - ok

15:50:56.0101 0x2044  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\windows\system32\drivers\iaStor.sys

15:50:56.0111 0x2044  iaStor - ok

15:50:56.0151 0x2044  [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA         C:\windows\system32\DRIVERS\iaStorA.sys

15:50:56.0171 0x2044  iaStorA - ok

15:50:56.0251 0x2044  [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:50:56.0261 0x2044  IAStorDataMgrSvc - ok

15:50:56.0271 0x2044  [ C9FFC9330A5944A709549A28B5EB37C5, 7540DE3E48DCF64C9A3B015186D66A35CF1F181FDE6D700BE3F81AC8F7223236 ] iaStorF         C:\windows\system32\DRIVERS\iaStorF.sys

15:50:56.0281 0x2044  iaStorF - ok

15:50:56.0311 0x2044  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys

15:50:56.0321 0x2044  iaStorV - ok

15:50:56.0341 0x2044  IDMWFP - ok

15:50:56.0411 0x2044  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:50:56.0421 0x2044  idsvc - ok

15:50:56.0501 0x2044  IEEtwCollectorService - ok

15:50:56.0741 0x2044  [ 8CB8667F5A3B5515F2585F3254F3AAF7, 068E3E513AFF0ADAAB5EB5C019F13DD6D0BF4E8D69B98CFFCBA0368E04674CA8 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys

15:50:56.0911 0x2044  igfx - detected UnsignedFile.Multi.Generic ( 1 )

15:50:59.0272 0x2044  Detect skipped due to KSN trusted

15:50:59.0272 0x2044  igfx - ok

15:50:59.0302 0x2044  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys

15:50:59.0302 0x2044  iirsp - ok

15:50:59.0382 0x2044  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll

15:50:59.0402 0x2044  IKEEXT - ok

15:50:59.0502 0x2044  [ 561E2397C1F6B7DD01D95D1A7AF22BD3, 3B60A5D2A9485079BCD33F6906B410EA4377ECF3FD9385A22D38D2DBEBFF9B85 ] IntcAzAudAddService C:\windows\system32\drivers\RTDVHD64.sys

15:50:59.0532 0x2044  IntcAzAudAddService - ok

15:50:59.0552 0x2044  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys

15:50:59.0562 0x2044  IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )

15:51:01.0912 0x2044  Detect skipped due to KSN trusted

15:51:01.0912 0x2044  IntcDAud - ok

15:51:02.0023 0x2044  [ 87DD7CC57949A67176C666602563776B, BE4FEE53C5C048EBED825AC6ADD65912744DD6EA954561D9A38A151FE669C252 ] Intel® PROSet Monitoring Service C:\windows\system32\IProsetMonitor.exe

15:51:02.0033 0x2044  Intel® PROSet Monitoring Service - ok

15:51:02.0063 0x2044  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys

15:51:02.0063 0x2044  intelide - ok

15:51:02.0093 0x2044  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys

15:51:02.0103 0x2044  intelppm - ok

15:51:02.0133 0x2044  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll

15:51:02.0153 0x2044  IPBusEnum - ok

15:51:02.0183 0x2044  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys

15:51:02.0203 0x2044  IpFilterDriver - ok

15:51:02.0253 0x2044  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll

15:51:02.0283 0x2044  iphlpsvc - ok

15:51:02.0303 0x2044  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys

15:51:02.0313 0x2044  IPMIDRV - ok

15:51:02.0323 0x2044  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys

15:51:02.0343 0x2044  IPNAT - ok

15:51:02.0393 0x2044  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

15:51:02.0413 0x2044  iPod Service - ok

15:51:02.0433 0x2044  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys

15:51:02.0443 0x2044  IRENUM - ok

15:51:02.0463 0x2044  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys

15:51:02.0473 0x2044  isapnp - ok

15:51:02.0513 0x2044  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys

15:51:02.0523 0x2044  iScsiPrt - ok

15:51:02.0573 0x2044  [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs        C:\windows\system32\drivers\iusb3hcs.sys

15:51:02.0583 0x2044  iusb3hcs - ok

15:51:02.0633 0x2044  [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub        C:\windows\system32\DRIVERS\iusb3hub.sys

15:51:02.0643 0x2044  iusb3hub - ok

15:51:02.0693 0x2044  [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc        C:\windows\system32\DRIVERS\iusb3xhc.sys

15:51:02.0703 0x2044  iusb3xhc - ok

15:51:02.0723 0x2044  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys

15:51:02.0733 0x2044  kbdclass - ok

15:51:02.0743 0x2044  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys

15:51:02.0763 0x2044  kbdhid - ok

15:51:02.0793 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso          C:\windows\system32\lsass.exe

15:51:02.0793 0x2044  KeyIso - ok

15:51:02.0843 0x2044  [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys

15:51:02.0843 0x2044  KSecDD - ok

15:51:02.0863 0x2044  [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys

15:51:02.0873 0x2044  KSecPkg - ok

15:51:02.0893 0x2044  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys

15:51:02.0913 0x2044  ksthunk - ok

15:51:02.0943 0x2044  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll

15:51:02.0983 0x2044  KtmRm - ok

15:51:03.0033 0x2044  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll

15:51:03.0063 0x2044  LanmanServer - ok

15:51:03.0093 0x2044  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

15:51:03.0113 0x2044  LanmanWorkstation - ok

15:51:03.0213 0x2044  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

15:51:03.0223 0x2044  LBTServ - ok

15:51:03.0243 0x2044  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\windows\system32\DRIVERS\LEqdUsb.Sys

15:51:03.0243 0x2044  LEqdUsb - ok

15:51:03.0283 0x2044  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\windows\system32\DRIVERS\LHidEqd.Sys

15:51:03.0293 0x2044  LHidEqd - ok

15:51:03.0313 0x2044  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\windows\system32\DRIVERS\LHidFilt.Sys

15:51:03.0313 0x2044  LHidFilt - ok

15:51:03.0373 0x2044  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys

15:51:03.0393 0x2044  lltdio - ok

15:51:03.0423 0x2044  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll

15:51:03.0453 0x2044  lltdsvc - ok

15:51:03.0473 0x2044  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll

15:51:03.0493 0x2044  lmhosts - ok

15:51:03.0533 0x2044  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\windows\system32\DRIVERS\LMouFilt.Sys

15:51:03.0543 0x2044  LMouFilt - ok

15:51:03.0674 0x2044  [ 551FC1CE339A6A7C655B6C99C07C1ABB, 26F86BB321FDEE7834B2BBF26D270BE9545E9424D450F6751D4231418FA1D813 ] lpasvc          C:\Program Files\Microsoft Policy Platform\policyHost.exe

15:51:03.0684 0x2044  lpasvc - ok

15:51:03.0724 0x2044  [ 551FC1CE339A6A7C655B6C99C07C1ABB, 26F86BB321FDEE7834B2BBF26D270BE9545E9424D450F6751D4231418FA1D813 ] lppsvc          C:\Program Files\Microsoft Policy Platform\policyHost.exe

15:51:03.0724 0x2044  lppsvc - ok

15:51:03.0754 0x2044  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys

15:51:03.0764 0x2044  LSI_FC - ok

15:51:03.0804 0x2044  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys

15:51:03.0804 0x2044  LSI_SAS - ok

15:51:03.0834 0x2044  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys

15:51:03.0834 0x2044  LSI_SAS2 - ok

15:51:03.0864 0x2044  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys

15:51:03.0874 0x2044  LSI_SCSI - ok

15:51:03.0884 0x2044  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys

15:51:03.0914 0x2044  luafv - ok

15:51:03.0974 0x2044  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\windows\system32\drivers\mbam.sys

15:51:03.0984 0x2044  MBAMProtector - ok

15:51:04.0144 0x2044  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

15:51:04.0164 0x2044  MBAMScheduler - ok

15:51:04.0234 0x2044  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

15:51:04.0254 0x2044  MBAMService - ok

15:51:04.0294 0x2044  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\windows\system32\drivers\MBAMSwissArmy.sys

15:51:04.0304 0x2044  MBAMSwissArmy - ok

15:51:04.0334 0x2044  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys

15:51:04.0344 0x2044  MBAMWebAccessControl - ok

15:51:04.0374 0x2044  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll

15:51:04.0384 0x2044  Mcx2Svc - ok

15:51:04.0474 0x2044  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

15:51:04.0494 0x2044  MDM - detected UnsignedFile.Multi.Generic ( 1 )

15:51:06.0834 0x2044  Detect skipped due to KSN trusted

15:51:06.0834 0x2044  MDM - ok

15:51:06.0864 0x2044  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys

15:51:06.0864 0x2044  megasas - ok

15:51:06.0944 0x2044  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys

15:51:06.0954 0x2044  MegaSR - ok

15:51:07.0024 0x2044  [ 572C6D33C517B7FC6FECFD30CDA6CCEF, 69C836FE3EA22E822C236A9AD4EA573DD9881BCEB4E13C3892D87C8E9B1690E0 ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys

15:51:07.0034 0x2044  MEIx64 - ok

15:51:07.0134 0x2044  Microsoft SharePoint Workspace Audit Service - ok

15:51:07.0164 0x2044  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll

15:51:07.0184 0x2044  MMCSS - ok

15:51:07.0214 0x2044  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys

15:51:07.0244 0x2044  Modem - ok

15:51:07.0274 0x2044  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys

15:51:07.0284 0x2044  monitor - ok

15:51:07.0314 0x2044  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys

15:51:07.0324 0x2044  mouclass - ok

15:51:07.0334 0x2044  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys

15:51:07.0354 0x2044  mouhid - ok

15:51:07.0414 0x2044  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys

15:51:07.0424 0x2044  mountmgr - ok

15:51:07.0514 0x2044  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:51:07.0524 0x2044  MozillaMaintenance - ok

15:51:07.0544 0x2044  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys

15:51:07.0554 0x2044  mpio - ok

15:51:07.0574 0x2044  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys

15:51:07.0594 0x2044  mpsdrv - ok

15:51:07.0634 0x2044  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll

15:51:07.0664 0x2044  MpsSvc - ok

15:51:07.0714 0x2044  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys

15:51:07.0734 0x2044  MRxDAV - ok

15:51:07.0774 0x2044  [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys

15:51:07.0784 0x2044  mrxsmb - ok

15:51:07.0804 0x2044  [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys

15:51:07.0814 0x2044  mrxsmb10 - ok

15:51:07.0824 0x2044  [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys

15:51:07.0834 0x2044  mrxsmb20 - ok

15:51:07.0854 0x2044  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys

15:51:07.0864 0x2044  msahci - ok

15:51:07.0884 0x2044  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys

15:51:07.0894 0x2044  msdsm - ok

15:51:07.0934 0x2044  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe

15:51:07.0954 0x2044  MSDTC - ok

15:51:07.0974 0x2044  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys

15:51:08.0014 0x2044  Msfs - ok

15:51:08.0034 0x2044  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys

15:51:08.0044 0x2044  mshidkmdf - ok

15:51:08.0064 0x2044  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys

15:51:08.0074 0x2044  msisadrv - ok

15:51:08.0084 0x2044  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll

15:51:08.0114 0x2044  MSiSCSI - ok

15:51:08.0114 0x2044  msiserver - ok

15:51:08.0144 0x2044  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys

15:51:08.0164 0x2044  MSKSSRV - ok

15:51:08.0174 0x2044  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys

15:51:08.0204 0x2044  MSPCLOCK - ok

15:51:08.0204 0x2044  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys

15:51:08.0224 0x2044  MSPQM - ok

15:51:08.0244 0x2044  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys

15:51:08.0254 0x2044  MsRPC - ok

15:51:08.0274 0x2044  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys

15:51:08.0284 0x2044  mssmbios - ok

15:51:08.0514 0x2044  [ 2BF33397621FBB9360B05B0D20ABEB37, 4DC52F2E3DB1FF4F4958B2255BDD6AFD195A8A0AA2D944C35C4EDAA4DD4FC45C ] MSSQL$SQL6901   C:\Program Files\Microsoft SQL Server\MSSQL12.SQL6901\MSSQL\Binn\sqlservr.exe

15:51:08.0524 0x2044  MSSQL$SQL6901 - ok

15:51:08.0554 0x2044  [ C5E1FE7DB2202D37BA9A634E7F230A44, 14C14FF1748FD28C7B1AC5F97C10D1680189F9F678950AE10001A859AD89BF1D ] MSSQLFDLauncher$SQL6901 C:\Program Files\Microsoft SQL Server\MSSQL12.SQL6901\MSSQL\Binn\fdlauncher.exe

15:51:08.0554 0x2044  MSSQLFDLauncher$SQL6901 - ok

15:51:08.0584 0x2044  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys

15:51:08.0604 0x2044  MSTEE - ok

15:51:08.0614 0x2044  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys

15:51:08.0634 0x2044  MTConfig - ok

15:51:08.0695 0x2044  [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup             C:\windows\system32\Drivers\mup.sys

15:51:08.0705 0x2044  Mup - ok

15:51:08.0735 0x2044  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll

15:51:08.0755 0x2044  napagent - ok

15:51:08.0775 0x2044  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys

15:51:08.0795 0x2044  NativeWifiP - ok

15:51:08.0865 0x2044  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\windows\system32\drivers\ndis.sys

15:51:08.0885 0x2044  NDIS - ok

15:51:08.0915 0x2044  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys

15:51:08.0925 0x2044  NdisCap - ok



#7 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 05:36 PM

15:51:08.0945 0x2044  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys

15:51:08.0975 0x2044  NdisTapi - ok

15:51:08.0995 0x2044  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys

15:51:09.0035 0x2044  Ndisuio - ok

15:51:09.0045 0x2044  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys

15:51:09.0075 0x2044  NdisWan - ok

15:51:09.0095 0x2044  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys

15:51:09.0115 0x2044  NDProxy - ok

15:51:09.0195 0x2044  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

15:51:09.0205 0x2044  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

15:51:11.0555 0x2044  Detect skipped due to KSN trusted

15:51:11.0555 0x2044  Net Driver HPZ12 - ok

15:51:11.0605 0x2044  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\windows\system32\DRIVERS\netaapl64.sys

15:51:11.0615 0x2044  Netaapl - ok

15:51:11.0625 0x2044  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys

15:51:11.0645 0x2044  NetBIOS - ok

15:51:11.0675 0x2044  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys

15:51:11.0715 0x2044  NetBT - ok

15:51:11.0735 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon        C:\windows\system32\lsass.exe

15:51:11.0745 0x2044  Netlogon - ok

15:51:11.0795 0x2044  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll

15:51:11.0825 0x2044  Netman - ok

15:51:11.0895 0x2044  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:51:11.0905 0x2044  NetMsmqActivator - ok

15:51:11.0945 0x2044  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:51:11.0955 0x2044  NetPipeActivator - ok

15:51:11.0975 0x2044  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll

15:51:11.0995 0x2044  netprofm - ok

15:51:12.0015 0x2044  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:51:12.0015 0x2044  NetTcpActivator - ok

15:51:12.0025 0x2044  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:51:12.0035 0x2044  NetTcpPortSharing - ok

15:51:12.0145 0x2044  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\windows\system32\DRIVERS\netw5v64.sys

15:51:12.0235 0x2044  netw5v64 - ok

15:51:12.0415 0x2044  [ EB43840BABF5589E33186D094DE7381D, 028750D33516773258FEA120FE4108A2EEA3FC6FEC49C6B2C1926F57858173AC ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys

15:51:12.0535 0x2044  NETwNs64 - detected UnsignedFile.Multi.Generic ( 1 )

15:51:14.0956 0x2044  Detect skipped due to KSN trusted

15:51:14.0956 0x2044  NETwNs64 - ok

15:51:14.0986 0x2044  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys

15:51:14.0996 0x2044  nfrd960 - ok

15:51:15.0036 0x2044  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll

15:51:15.0066 0x2044  NlaSvc - ok

15:51:15.0106 0x2044  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\windows\system32\drivers\npf.sys

15:51:15.0116 0x2044  NPF - ok

15:51:15.0136 0x2044  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys

15:51:15.0156 0x2044  Npfs - ok

15:51:15.0176 0x2044  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll

15:51:15.0196 0x2044  nsi - ok

15:51:15.0216 0x2044  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys

15:51:15.0236 0x2044  nsiproxy - ok

15:51:15.0306 0x2044  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys

15:51:15.0326 0x2044  Ntfs - ok

15:51:15.0336 0x2044  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys

15:51:15.0376 0x2044  Null - ok

15:51:15.0406 0x2044  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys

15:51:15.0416 0x2044  nvraid - ok

15:51:15.0446 0x2044  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys

15:51:15.0456 0x2044  nvstor - ok

15:51:15.0466 0x2044  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys

15:51:15.0476 0x2044  nv_agp - ok

15:51:15.0506 0x2044  [ 6172DB160FC566CF24307941C0E94D8E, 81040AEF4E9D56F3514EC46ACF97CCEE38EF2E17CA18DC4FAE4A20561BA3B23C ] O2MDFRDR        C:\windows\system32\drivers\O2MDFw7x64.sys

15:51:15.0506 0x2044  O2MDFRDR - ok

15:51:15.0536 0x2044  [ 8ED738ABA394BBF6D7802698BE453112, E91E8C27FA111CC20CCB05F41CBF181C398F48A980B523A041CACE242990F77A ] O2MDRRDR        C:\windows\system32\drivers\O2MDRw7x64.sys

15:51:15.0536 0x2044  O2MDRRDR - ok

15:51:15.0546 0x2044  [ 61B2ACA7F48738AFC883C05FA136A468, 97A997E1FAD6193E1904280B134F9ABBC32CF59343B7F0038E8E5B10D27D6FA4 ] O2SDJRDR        C:\windows\system32\drivers\o2sdjw7x64.sys

15:51:15.0546 0x2044  O2SDJRDR - ok

15:51:15.0556 0x2044  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys

15:51:15.0566 0x2044  ohci1394 - ok

15:51:15.0626 0x2044  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:51:15.0626 0x2044  ose - ok

15:51:15.0906 0x2044  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:51:15.0986 0x2044  osppsvc - ok

15:51:16.0016 0x2044  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll

15:51:16.0036 0x2044  p2pimsvc - ok

15:51:16.0066 0x2044  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll

15:51:16.0076 0x2044  p2psvc - ok

15:51:16.0106 0x2044  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys

15:51:16.0106 0x2044  Parport - ok

15:51:16.0126 0x2044  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys

15:51:16.0136 0x2044  partmgr - ok

15:51:16.0186 0x2044  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll

15:51:16.0206 0x2044  PcaSvc - ok

15:51:16.0316 0x2044  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms

15:51:16.0316 0x2044  PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok

15:51:16.0346 0x2044  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys

15:51:16.0356 0x2044  pci - ok

15:51:16.0376 0x2044  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys

15:51:16.0386 0x2044  pciide - ok

15:51:16.0416 0x2044  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys

15:51:16.0426 0x2044  pcmcia - ok

15:51:16.0436 0x2044  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys

15:51:16.0446 0x2044  pcw - ok

15:51:16.0466 0x2044  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys

15:51:16.0486 0x2044  PEAUTH - ok

15:51:16.0526 0x2044  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\windows\system32\peerdistsvc.dll

15:51:16.0546 0x2044  PeerDistSvc - ok

15:51:16.0616 0x2044  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe

15:51:16.0626 0x2044  PerfHost - ok

15:51:16.0656 0x2044  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll

15:51:16.0696 0x2044  pla - ok

15:51:16.0746 0x2044  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll

15:51:16.0756 0x2044  PlugPlay - ok

15:51:16.0826 0x2044  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

15:51:16.0836 0x2044  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

15:51:19.0188 0x2044  Detect skipped due to KSN trusted

15:51:19.0188 0x2044  Pml Driver HPZ12 - ok

15:51:19.0218 0x2044  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll

15:51:19.0238 0x2044  PNRPAutoReg - ok

15:51:19.0268 0x2044  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll

15:51:19.0288 0x2044  PNRPsvc - ok

15:51:19.0308 0x2044  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll

15:51:19.0338 0x2044  PolicyAgent - ok

15:51:19.0358 0x2044  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll

15:51:19.0378 0x2044  Power - ok

15:51:19.0408 0x2044  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys

15:51:19.0428 0x2044  PptpMiniport - ok

15:51:19.0468 0x2044  [ C117970D3AE17FCDBA683D1D318B0440, E7E1A100BC1E98D068E81D9E6B9A9018A0193C5C859E39233BD843C4E83F5C47 ] prepdrvr        C:\windows\system32\DRIVERS\prepdrv.sys

15:51:19.0468 0x2044  prepdrvr - ok

15:51:19.0498 0x2044  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys

15:51:19.0508 0x2044  Processor - ok

15:51:19.0548 0x2044  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll

15:51:19.0568 0x2044  ProfSvc - ok

15:51:19.0608 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\windows\system32\lsass.exe

15:51:19.0618 0x2044  ProtectedStorage - ok

15:51:19.0648 0x2044  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys

15:51:19.0668 0x2044  Psched - ok

15:51:19.0728 0x2044  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys

15:51:19.0748 0x2044  ql2300 - ok

15:51:19.0768 0x2044  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys

15:51:19.0768 0x2044  ql40xx - ok

15:51:19.0798 0x2044  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll

15:51:19.0808 0x2044  QWAVE - ok

15:51:19.0818 0x2044  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys

15:51:19.0838 0x2044  QWAVEdrv - ok

15:51:19.0848 0x2044  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys

15:51:19.0868 0x2044  RasAcd - ok

15:51:19.0918 0x2044  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys

15:51:19.0958 0x2044  RasAgileVpn - ok

15:51:19.0968 0x2044  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll

15:51:19.0998 0x2044  RasAuto - ok

15:51:20.0018 0x2044  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys

15:51:20.0048 0x2044  Rasl2tp - ok

15:51:20.0078 0x2044  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll

15:51:20.0108 0x2044  RasMan - ok

15:51:20.0118 0x2044  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys

15:51:20.0148 0x2044  RasPppoe - ok

15:51:20.0168 0x2044  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys

15:51:20.0188 0x2044  RasSstp - ok

15:51:20.0248 0x2044  [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys

15:51:20.0258 0x2044  rdbss - ok

15:51:20.0288 0x2044  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys

15:51:20.0298 0x2044  rdpbus - ok

15:51:20.0318 0x2044  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys

15:51:20.0348 0x2044  RDPCDD - ok

15:51:20.0358 0x2044  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\windows\system32\drivers\rdpdr.sys

15:51:20.0378 0x2044  RDPDR - ok

15:51:20.0388 0x2044  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys

15:51:20.0428 0x2044  RDPENCDD - ok

15:51:20.0438 0x2044  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys

15:51:20.0458 0x2044  RDPREFMP - ok

15:51:20.0548 0x2044  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys

15:51:20.0568 0x2044  RdpVideoMiniport - ok

15:51:20.0608 0x2044  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys

15:51:20.0628 0x2044  RDPWD - ok

15:51:20.0658 0x2044  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys

15:51:20.0658 0x2044  rdyboost - ok

15:51:20.0698 0x2044  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll

15:51:20.0728 0x2044  RemoteAccess - ok

15:51:20.0818 0x2044  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll

15:51:20.0838 0x2044  RemoteRegistry - ok

15:51:21.0068 0x2044  [ 813B179ABA2E31CA2B146ACFFAB2AF1C, 82CF1E7EC6E62F423CDA4B67F310B7BBBBEEFA9856D31F4BE031FF3455D53A37 ] ReportServer$SQL6901 C:\Program Files\Microsoft SQL Server\MSRS12.SQL6901\Reporting Services\ReportServer\bin\ReportingServicesService.exe

15:51:21.0108 0x2044  ReportServer$SQL6901 - ok

15:51:21.0158 0x2044  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys

15:51:21.0178 0x2044  RFCOMM - ok

15:51:21.0208 0x2044  [ 9C23519FC1FD331AAAEDC145AB947293, 14F98B720418ABD4C4AEF293E4C3B3BEB3163B0B676B57FFACF42D1755E4496F ] rimmptsk        C:\windows\system32\drivers\rimmpx64.sys

15:51:21.0208 0x2044  rimmptsk - ok

15:51:21.0308 0x2044  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe

15:51:21.0308 0x2044  rpcapd - ok

15:51:21.0348 0x2044  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll

15:51:21.0368 0x2044  RpcEptMapper - ok

15:51:21.0388 0x2044  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe

15:51:21.0398 0x2044  RpcLocator - ok

15:51:21.0418 0x2044  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll

15:51:21.0438 0x2044  RpcSs - ok

15:51:21.0498 0x2044  [ E2319BDFF45DC9600E3751BE690F044D, 93F7A1EB1DB5F5CD41846F8D1DD5F08569DDE55AB125A01131B4ED20C322B956 ] RsFx0310        C:\windows\system32\DRIVERS\RsFx0310.sys

15:51:21.0508 0x2044  RsFx0310 - ok

15:51:21.0538 0x2044  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys

15:51:21.0558 0x2044  rspndr - ok

15:51:21.0588 0x2044  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\windows\system32\drivers\vms3cap.sys

15:51:21.0588 0x2044  s3cap - ok

15:51:21.0608 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs           C:\windows\system32\lsass.exe

15:51:21.0618 0x2044  SamSs - ok

15:51:21.0648 0x2044  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys

15:51:21.0648 0x2044  sbp2port - ok

15:51:21.0668 0x2044  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll

15:51:21.0698 0x2044  SCardSvr - ok

15:51:21.0708 0x2044  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys

15:51:21.0728 0x2044  scfilter - ok

15:51:21.0788 0x2044  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll

15:51:21.0808 0x2044  Schedule - ok

15:51:21.0828 0x2044  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll

15:51:21.0848 0x2044  SCPolicySvc - ok

15:51:21.0868 0x2044  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\DRIVERS\sdbus.sys

15:51:21.0898 0x2044  sdbus - ok

15:51:21.0918 0x2044  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll

15:51:21.0928 0x2044  SDRSVC - ok

15:51:21.0938 0x2044  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys

15:51:21.0948 0x2044  secdrv - ok

15:51:21.0958 0x2044  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll

15:51:21.0978 0x2044  seclogon - ok

15:51:21.0998 0x2044  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll

15:51:22.0018 0x2044  SENS - ok

15:51:22.0028 0x2044  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll

15:51:22.0038 0x2044  SensrSvc - ok

15:51:22.0058 0x2044  [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64      C:\windows\System32\Drivers\Sentinel64.sys

15:51:22.0068 0x2044  Sentinel64 - ok

15:51:22.0098 0x2044  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys

15:51:22.0098 0x2044  Serenum - ok

15:51:22.0128 0x2044  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys

15:51:22.0148 0x2044  Serial - ok

15:51:22.0158 0x2044  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys

15:51:22.0178 0x2044  sermouse - ok

15:51:22.0198 0x2044  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll

15:51:22.0228 0x2044  SessionEnv - ok

15:51:22.0248 0x2044  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys

15:51:22.0258 0x2044  sffdisk - ok

15:51:22.0288 0x2044  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys

15:51:22.0308 0x2044  sffp_mmc - ok

15:51:22.0328 0x2044  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys

15:51:22.0338 0x2044  sffp_sd - ok

15:51:22.0358 0x2044  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys

15:51:22.0368 0x2044  sfloppy - ok

15:51:22.0398 0x2044  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll

15:51:22.0418 0x2044  SharedAccess - ok

15:51:22.0458 0x2044  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll

15:51:22.0478 0x2044  ShellHWDetection - ok

15:51:22.0508 0x2044  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys

15:51:22.0508 0x2044  SiSRaid2 - ok

15:51:22.0538 0x2044  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys

15:51:22.0548 0x2044  SiSRaid4 - ok

15:51:22.0638 0x2044  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

15:51:22.0648 0x2044  SkypeUpdate - ok

15:51:22.0678 0x2044  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys

15:51:22.0708 0x2044  Smb - ok

15:51:22.0758 0x2044  [ 3838C2F668A8017782163C342B9248AE, 9833303CDFFD48DD6FA6A05D6F6654B5E6CE89D316FBB8B0277AFF96092181E8 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys

15:51:22.0768 0x2044  SmbDrvI - ok

15:51:23.0129 0x2044  smstsmgr - ok

15:51:23.0149 0x2044  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe

15:51:23.0169 0x2044  SNMPTRAP - ok

15:51:23.0229 0x2044  [ BAECAF8945218EC7390BFE2277406354, 46A0F71A260F00EAF9C9888527C32492614711C8BA59BE22A7A11D1C1F8AEE12 ] SNTUSB64        C:\windows\system32\DRIVERS\SNTUSB64.SYS

15:51:23.0239 0x2044  SNTUSB64 - ok

15:51:23.0249 0x2044  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys

15:51:23.0259 0x2044  spldr - ok

15:51:23.0269 0x2044  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe

15:51:23.0289 0x2044  Spooler - ok

15:51:23.0359 0x2044  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe

15:51:23.0439 0x2044  sppsvc - ok

15:51:23.0449 0x2044  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll

15:51:23.0469 0x2044  sppuinotify - ok

15:51:23.0579 0x2044  [ DBC6CB6619C0741CF5C49F12FC692234, 7B82FAE61AF1A29297EF405F9271FDB551ED0950AF4DA04E007C2DE7D889CBD4 ] SQLAgent$SQL6901 C:\Program Files\Microsoft SQL Server\MSSQL12.SQL6901\MSSQL\Binn\SQLAGENT.EXE

15:51:23.0599 0x2044  SQLAgent$SQL6901 - ok

15:51:23.0710 0x2044  [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

15:51:23.0730 0x2044  SQLBrowser - ok

15:51:23.0780 0x2044  [ C386F811A5E2F87DCF3EA4A527A20AA6, D68DF4E237AC6CBE193DE3A5C48F473F332A1D3CFC7BC21AFDE3EF922DA08279 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

15:51:23.0780 0x2044  SQLWriter - ok

15:51:23.0810 0x2044  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys

15:51:23.0820 0x2044  srv - ok

15:51:23.0840 0x2044  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys

15:51:23.0850 0x2044  srv2 - ok

15:51:23.0880 0x2044  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys

15:51:23.0900 0x2044  srvnet - ok

15:51:23.0940 0x2044  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll

15:51:23.0960 0x2044  SSDPSRV - ok

15:51:23.0970 0x2044  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll

15:51:24.0000 0x2044  SstpSvc - ok

15:51:24.0010 0x2044  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys

15:51:24.0010 0x2044  stexstor - ok

15:51:24.0040 0x2044  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll

15:51:24.0050 0x2044  stisvc - ok

15:51:24.0070 0x2044  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\windows\system32\drivers\vmstorfl.sys

15:51:24.0080 0x2044  storflt - ok

15:51:24.0080 0x2044  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\windows\system32\storsvc.dll

15:51:24.0090 0x2044  StorSvc - ok

15:51:24.0110 0x2044  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\windows\system32\drivers\storvsc.sys

15:51:24.0120 0x2044  storvsc - ok

15:51:24.0140 0x2044  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys

15:51:24.0150 0x2044  swenum - ok

15:51:24.0170 0x2044  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll

15:51:24.0210 0x2044  swprv - ok

15:51:24.0290 0x2044  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\windows\system32\sysmain.dll

15:51:24.0330 0x2044  SysMain - ok

15:51:24.0350 0x2044  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll

15:51:24.0370 0x2044  TabletInputService - ok

15:51:24.0390 0x2044  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll

15:51:24.0410 0x2044  TapiSrv - ok

15:51:24.0420 0x2044  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll

15:51:24.0440 0x2044  TBS - ok

15:51:24.0530 0x2044  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys

15:51:24.0560 0x2044  Tcpip - ok

15:51:24.0600 0x2044  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys

15:51:24.0630 0x2044  TCPIP6 - ok

15:51:24.0650 0x2044  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys

15:51:24.0660 0x2044  tcpipreg - ok

15:51:24.0680 0x2044  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys

15:51:24.0680 0x2044  TDPIPE - ok

15:51:24.0700 0x2044  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys

15:51:24.0710 0x2044  TDTCP - ok

15:51:24.0750 0x2044  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\windows\system32\DRIVERS\tdx.sys

15:51:24.0780 0x2044  tdx - ok

15:51:24.0800 0x2044  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys

15:51:24.0810 0x2044  TermDD - ok

15:51:24.0860 0x2044  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll

15:51:24.0880 0x2044  TermService - ok

15:51:24.0900 0x2044  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll

15:51:24.0920 0x2044  Themes - ok

15:51:24.0940 0x2044  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll

15:51:24.0960 0x2044  THREADORDER - ok

15:51:24.0980 0x2044  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll

15:51:25.0000 0x2044  TrkWks - ok

15:51:25.0040 0x2044  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

15:51:25.0060 0x2044  TrustedInstaller - ok

15:51:25.0110 0x2044  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys

15:51:25.0120 0x2044  tssecsrv - ok

15:51:25.0160 0x2044  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys

15:51:25.0170 0x2044  TsUsbFlt - ok

15:51:25.0240 0x2044  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys

15:51:25.0250 0x2044  TsUsbGD - ok

15:51:25.0270 0x2044  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys

15:51:25.0290 0x2044  tunnel - ok

15:51:25.0310 0x2044  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys

15:51:25.0310 0x2044  uagp35 - ok

15:51:25.0330 0x2044  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys

15:51:25.0360 0x2044  udfs - ok

15:51:25.0390 0x2044  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe

15:51:25.0400 0x2044  UI0Detect - ok

15:51:25.0430 0x2044  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys

15:51:25.0440 0x2044  uliagpkx - ok

15:51:25.0450 0x2044  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys

15:51:25.0480 0x2044  umbus - ok

15:51:25.0500 0x2044  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys

15:51:25.0510 0x2044  UmPass - ok

15:51:25.0540 0x2044  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll

15:51:25.0550 0x2044  UmRdpService - ok

15:51:25.0570 0x2044  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll

15:51:25.0590 0x2044  upnphost - ok

15:51:25.0620 0x2044  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys

15:51:25.0620 0x2044  USBAAPL64 - ok

15:51:25.0670 0x2044  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys

15:51:25.0680 0x2044  usbaudio - ok

15:51:25.0730 0x2044  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys

15:51:25.0740 0x2044  usbccgp - ok

15:51:25.0790 0x2044  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys

15:51:25.0800 0x2044  usbcir - ok

15:51:25.0860 0x2044  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys

15:51:25.0890 0x2044  usbehci - ok

15:51:25.0940 0x2044  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys

15:51:25.0960 0x2044  usbhub - ok

15:51:26.0010 0x2044  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys

15:51:26.0010 0x2044  usbohci - ok

15:51:26.0110 0x2044  [ 6A477133FA0DE50E166372DA18341841, F1591035FF5F9121BF982C9FA0125A38AE3E19C996F59930545B1CC5DFEF4348 ] USBPcap         C:\windows\system32\DRIVERS\USBPcap.sys

15:51:26.0120 0x2044  USBPcap - ok

15:51:26.0140 0x2044  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys

15:51:26.0150 0x2044  usbprint - ok

15:51:26.0170 0x2044  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS

15:51:26.0180 0x2044  USBSTOR - ok

15:51:26.0230 0x2044  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys

15:51:26.0240 0x2044  usbuhci - ok

15:51:26.0260 0x2044  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll

15:51:26.0280 0x2044  UxSms - ok

15:51:26.0290 0x2044  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc        C:\windows\system32\lsass.exe

15:51:26.0300 0x2044  VaultSvc - ok

15:51:26.0300 0x2044  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys

15:51:26.0310 0x2044  vdrvroot - ok

15:51:26.0330 0x2044  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe

15:51:26.0360 0x2044  vds - ok

15:51:26.0390 0x2044  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys

15:51:26.0400 0x2044  vga - ok

15:51:26.0420 0x2044  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys

15:51:26.0450 0x2044  VgaSave - ok

15:51:26.0470 0x2044  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys

15:51:26.0480 0x2044  vhdmp - ok

15:51:26.0510 0x2044  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys

15:51:26.0510 0x2044  viaide - ok

15:51:26.0540 0x2044  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\windows\system32\drivers\vmbus.sys

15:51:26.0550 0x2044  vmbus - ok

15:51:26.0570 0x2044  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys

15:51:26.0580 0x2044  VMBusHID - ok

15:51:26.0600 0x2044  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys

15:51:26.0610 0x2044  volmgr - ok

15:51:26.0620 0x2044  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys

15:51:26.0630 0x2044  volmgrx - ok

15:51:26.0670 0x2044  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys

15:51:26.0680 0x2044  volsnap - ok

15:51:26.0770 0x2044  [ 78836108CF5AC6A0B365AC50A72F16D6, 53130B29A84E1CB5E96B81137DF7CFA69BF2A3C7E884ED45069BA9F5438776C1 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

15:51:26.0780 0x2044  vpnagent - ok

15:51:26.0810 0x2044  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\windows\system32\DRIVERS\vpnva64-6.sys

15:51:26.0820 0x2044  vpnva - ok

15:51:26.0830 0x2044  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys

15:51:26.0840 0x2044  vsmraid - ok

15:51:26.0890 0x2044  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe

15:51:26.0930 0x2044  VSS - ok

15:51:26.0950 0x2044  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys

15:51:26.0960 0x2044  vwifibus - ok

15:51:26.0980 0x2044  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys

15:51:26.0990 0x2044  vwififlt - ok

15:51:27.0020 0x2044  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll

15:51:27.0040 0x2044  W32Time - ok

15:51:27.0050 0x2044  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys

15:51:27.0080 0x2044  WacomPen - ok

15:51:27.0090 0x2044  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys

15:51:27.0110 0x2044  WANARP - ok

15:51:27.0120 0x2044  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys

15:51:27.0130 0x2044  Wanarpv6 - ok

15:51:27.0190 0x2044  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe

15:51:27.0220 0x2044  WatAdminSvc - ok

15:51:27.0270 0x2044  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe

15:51:27.0300 0x2044  wbengine - ok

15:51:27.0320 0x2044  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll

15:51:27.0330 0x2044  WbioSrvc - ok

15:51:27.0350 0x2044  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll

15:51:27.0360 0x2044  wcncsvc - ok

15:51:27.0370 0x2044  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

15:51:27.0380 0x2044  WcsPlugInService - ok

15:51:27.0410 0x2044  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys

15:51:27.0410 0x2044  Wd - ok

15:51:27.0470 0x2044  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys

15:51:27.0490 0x2044  Wdf01000 - ok

15:51:27.0530 0x2044  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll

15:51:27.0550 0x2044  WdiServiceHost - ok

15:51:27.0560 0x2044  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll

15:51:27.0570 0x2044  WdiSystemHost - ok

15:51:27.0600 0x2044  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\windows\System32\webclnt.dll

15:51:27.0610 0x2044  WebClient - ok

15:51:27.0620 0x2044  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll

15:51:27.0650 0x2044  Wecsvc - ok

15:51:27.0670 0x2044  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll

15:51:27.0690 0x2044  wercplsupport - ok

15:51:27.0720 0x2044  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll

15:51:27.0740 0x2044  WerSvc - ok

15:51:27.0750 0x2044  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys

15:51:27.0770 0x2044  WfpLwf - ok

15:51:27.0790 0x2044  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys

15:51:27.0800 0x2044  WIMMount - ok

15:51:27.0820 0x2044  WinDefend - ok

15:51:27.0840 0x2044  WinHttpAutoProxySvc - ok

15:51:27.0880 0x2044  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll

15:51:27.0920 0x2044  Winmgmt - ok

15:51:28.0070 0x2044  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll

15:51:28.0110 0x2044  WinRM - ok

15:51:28.0140 0x2044  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\drivers\WinUsb.sys

15:51:28.0150 0x2044  WinUsb - ok

15:51:28.0180 0x2044  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll

15:51:28.0210 0x2044  Wlansvc - ok

15:51:28.0230 0x2044  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys

15:51:28.0250 0x2044  WmiAcpi - ok

15:51:28.0280 0x2044  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe

15:51:28.0290 0x2044  wmiApSrv - ok

15:51:28.0310 0x2044  WMPNetworkSvc - ok

15:51:28.0340 0x2044  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll

15:51:28.0350 0x2044  WPCSvc - ok

15:51:28.0370 0x2044  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll

15:51:28.0380 0x2044  WPDBusEnum - ok

15:51:28.0400 0x2044  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys

15:51:28.0420 0x2044  ws2ifsl - ok

15:51:28.0430 0x2044  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll

15:51:28.0440 0x2044  wscsvc - ok

15:51:28.0440 0x2044  WSearch - ok

15:51:28.0530 0x2044  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\windows\system32\wuaueng.dll

15:51:28.0570 0x2044  wuauserv - ok

15:51:28.0630 0x2044  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys

15:51:28.0640 0x2044  WudfPf - ok

15:51:28.0650 0x2044  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys

15:51:28.0660 0x2044  WUDFRd - ok

15:51:28.0700 0x2044  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll

15:51:28.0720 0x2044  wudfsvc - ok

15:51:28.0771 0x2044  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll

15:51:28.0791 0x2044  WwanSvc - ok

15:51:28.0821 0x2044  ================ Scan global ===============================

15:51:28.0871 0x2044  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll

15:51:28.0911 0x2044  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\windows\system32\winsrv.dll

15:51:28.0921 0x2044  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\windows\system32\winsrv.dll

15:51:28.0931 0x2044  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll

15:51:28.0981 0x2044  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe

15:51:28.0981 0x2044  [ Global ] - ok

15:51:28.0981 0x2044  ================ Scan MBR ==================================

15:51:28.0991 0x2044  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

15:51:29.0281 0x2044  \Device\Harddisk0\DR0 - ok

15:51:29.0281 0x2044  ================ Scan VBR ==================================

15:51:29.0291 0x2044  [ 187E190F7D27B3F88828E6EFB3DD6CB1 ] \Device\Harddisk0\DR0\Partition1

15:51:29.0291 0x2044  \Device\Harddisk0\DR0\Partition1 - ok

15:51:29.0301 0x2044  [ C3A5B49EAB2DAB3D3814CDE3B06A93E1 ] \Device\Harddisk0\DR0\Partition2

15:51:29.0301 0x2044  \Device\Harddisk0\DR0\Partition2 - ok

15:51:29.0301 0x2044  ================ Scan generic autorun ======================

15:51:29.0391 0x2044  [ 690051005AED736DA0F5DD40DA5937DB, FA3CD1CF50EFEE6AAFCAAC4D3FE6699ADB2BD7DCC497CA994AAABD8B45B157E0 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

15:51:29.0401 0x2044  Autodesk Sync - ok

15:51:29.0501 0x2044  [ A5CC90E39091FD58ADCB9FEED3EB0112, E55BB4F7F43EC54B91646FC196BFE81E0A53B555E16083978420ED3B89458D4D ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe

15:51:29.0541 0x2044  RtHDVCpl - ok

15:51:29.0651 0x2044  [ 7C43D619834A07522699F342407781E9, 9442DC075BFDA2C2848A9E536FE6DFCC98BE88991CA266D621B538F046EC87A3 ] C:\Program Files\BC-Meridian\Program\AMHOOKTRAY.EXE

15:51:29.0671 0x2044  AMHookTray64 - ok

15:51:29.0691 0x2044  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe

15:51:29.0701 0x2044  Logitech Download Assistant - ok

15:51:29.0791 0x2044  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

15:51:29.0801 0x2044  AdobeAAMUpdater-1.0 - ok

15:51:29.0881 0x2044  [ 936257B1F76DB8B2DF6283A75D368B77, 25482A4D56CC60846B493D5C4DD16D342B59CB1AB4AFEAA7BBD0281087228CBF ] C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe

15:51:29.0891 0x2044  BbInstallUser - ok

15:51:30.0001 0x2044  [ 4FA0E7472362F084E352CE06A9214645, 3183C81EB5B219E72724C64D6159000B38F8965CD8572E3DD38C7E3F86179300 ] C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe

15:51:30.0011 0x2044  BbPrintMonitor - ok

15:51:30.0191 0x2044  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe

15:51:30.0241 0x2044  EvtMgr6 - ok

15:51:30.0311 0x2044  [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe

15:51:30.0311 0x2044  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )

15:51:32.0761 0x2044  Detect skipped due to KSN trusted

15:51:32.0761 0x2044  IAStorIcon - ok

15:51:32.0801 0x2044  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe

15:51:32.0811 0x2044  iTunesHelper - ok

15:51:32.0851 0x2044  [ 796227FCA947A0B8E3D6A097B27F2363, F14B1F8CF253A27554D4C24228911355FA475AABF086B66A498E825E8E3CBFA5 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

15:51:32.0861 0x2044  USB3MON - ok

15:51:32.0911 0x2044  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

15:51:32.0921 0x2044  BCSSync - ok

15:51:33.0011 0x2044  [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

15:51:33.0021 0x2044  APSDaemon - ok

15:51:33.0061 0x2044  [ 94D673E328752717EFAA3A89929F144E, 8EECBED092A05EA3EA713CE976DB3A88E4794B3270952EC2FD05128C639C9999 ] C:\Program Files (x86)\Common Files\Cyco Shared\AmUpdateU.exe

15:51:33.0071 0x2044  AMUpdate - ok

15:51:33.0121 0x2044  [ F34E1A250DEEA207B99081FB8D028B03, D37DC1705AE4F7E66030ED8696189BBADB4A75CD3972751C03463BC5539D534C ] C:\Program Files (x86)\BC-Meridian\Program\AMHOOKTRAYU.EXE

15:51:33.0131 0x2044  AMHookTray - ok

15:51:33.0211 0x2044  GoogleDriveSync - ok

15:51:33.0281 0x2044  Lync - ok

15:51:33.0281 0x2044  GarminExpressTrayApp - ok

15:51:33.0461 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:33.0471 0x2044  Google Update - ok

15:51:33.0521 0x2044  MusicManager - ok

15:51:33.0521 0x2044  GoogleDriveSync - ok

15:51:33.0521 0x2044  Lync - ok

15:51:33.0531 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:33.0531 0x2044  Google Update - ok

15:51:33.0752 0x2044  [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe

15:51:33.0882 0x2044  CCleaner Monitoring - ok

15:51:33.0922 0x2044  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

15:51:33.0942 0x2044  OfficeSyncProcess - ok

15:51:34.0012 0x2044  Skype - ok

15:51:34.0012 0x2044  GoogleDriveSync - ok

15:51:34.0012 0x2044  Lync - ok

15:51:34.0012 0x2044  GarminExpressTrayApp - ok

15:51:34.0022 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:34.0032 0x2044  Google Update - ok

15:51:34.0032 0x2044  MusicManager - ok

15:51:34.0032 0x2044  GoogleDriveSync - ok

15:51:34.0032 0x2044  Lync - ok

15:51:34.0032 0x2044  GarminExpressTrayApp - ok

15:51:34.0032 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:34.0042 0x2044  Google Update - ok

15:51:34.0042 0x2044  MusicManager - ok

15:51:34.0042 0x2044  GoogleDriveSync - ok

15:51:34.0052 0x2044  Lync - ok

15:51:34.0052 0x2044  GarminExpressTrayApp - ok

15:51:34.0052 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:34.0062 0x2044  Google Update - ok

15:51:34.0062 0x2044  MusicManager - ok

15:51:34.0062 0x2044  GoogleDriveSync - ok

15:51:34.0062 0x2044  Lync - ok

15:51:34.0062 0x2044  GarminExpressTrayApp - ok

15:51:34.0072 0x2044  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\stephen.lo(edit4)\AppData\Local\Google\Update\GoogleUpdate.exe

15:51:34.0072 0x2044  Google Update - ok

15:51:34.0072 0x2044  MusicManager - ok

15:51:34.0142 0x2044  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:51:34.0172 0x2044  Sidebar - ok

15:51:34.0192 0x2044  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:51:34.0212 0x2044  mctadmin - ok

15:51:34.0242 0x2044  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:51:34.0272 0x2044  Sidebar - ok

15:51:34.0272 0x2044  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:51:34.0282 0x2044  mctadmin - ok

15:51:34.0312 0x2044  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:51:34.0332 0x2044  Sidebar - ok

15:51:34.0342 0x2044  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:51:34.0352 0x2044  mctadmin - ok

15:51:34.0352 0x2044  Waiting for KSN requests completion. In queue: 231

15:51:35.0352 0x2044  Waiting for KSN requests completion. In queue: 14

15:51:36.0352 0x2044  Waiting for KSN requests completion. In queue: 14

15:51:37.0402 0x2044  AV detected via SS2: AVG AntiVirus Business Edition, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )

15:51:37.0402 0x2044  AV detected via SS2: AVG update module, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x40000 ( disabled : updated )

15:51:37.0412 0x2044  Win FW state via NFP2: enabled ( trusted )

15:51:39.0933 0x2044  ============================================================

15:51:39.0933 0x2044  Scan finished

15:51:39.0933 0x2044  ============================================================

15:51:39.0933 0x2168  Detected object count: 0

15:51:39.0933 0x2168  Actual detected object count: 0



#8 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:12:41 AM

Posted 08 March 2016 - 06:26 PM

Hi,

 

I don't see anything necessarily wrong in those logs. I do have a few questions, though:

 

 

USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.0.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.2 - The Wireshark developer community, https://www.wireshark.org)

 

 

Did you or someone on this computer install these programs? They're not inherently bad but they do seem a bit out of place.

 

Additionally, did you archive (with WinZip, send to compressed folder, etc) that file before you uploaded it to VirusTotal?

 

Other than that, what makes you think this specific computer is infected?


Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#9 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 08 March 2016 - 07:44 PM

I did not zip the file before uploading. I did install those programs, yes. The first two were included with the third.

 

I was concerned with a high amount of network traffic generating, memory consumption, and many open connections. VPN would not work faster than dialup. I was having an issue with MS word operating extremely slow with high network and disk activity also. I then noticed that windows updates would not complete or the same were being installed repeatedly. The mail server went down overnight. The next day it looked like many months of updates came. Right now, it is writing a large page file, reading many OTeleData_.etl files, and writing a firefox sessionstore-backups\recovery.js under the same process id in resource monitor multiple times.

 

Wireshark showed malformed packets, bad checksums, and out of order packets. From my limited understanding/guessing, it looked like dns requests would be sent to multiple servers at the same time except that the correct one would be delayed. Then there would be strings of HTTP get requests. Maybe this has been being watched closely and corrected remotely however if you are not seeing anything odd.



#10 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:12:41 AM

Posted 09 March 2016 - 10:45 AM

Hi,

Thanks for the information. Do you know how that file ("explorer.exe") could have gotten in your user directory? Have you run AdwCleaner recently?

OTeleData is Outlook and recovery.js is Firefox.

I do not extensively use Wireshark but I'm willing to bet it's just not able to reconstruct the packets properly, probably because they're on an odd port. If you can screenshot it showing those things (malformed packets, HTTP GET, etc) I can take a look, but HTTP GET requests are normal (a lot of things run in the background) and none of what you've described resembles malware at all.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#11 stephenl9

stephenl9
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 11 March 2016 - 09:16 AM

I did save that file to my user directory after downloading it from this site. I noticed that it uploaded as a rar because I did not "trust" it within its properties from the right click menu. When I trusted it and then uploaded it, it was no longer a rar and scanned clean. I ran it about two weeks ago and was going to again right before I decided to post on this forum instead.
 
When/if I need to start a thread about the other computer that I have been having trouble with, I can post a log from wireshark. I only had permission to capture traffic on the network that this computer is on for a few minutes.
 
I think that I have some issue with Java. I notice that an old extension is listed in my add-ins in firefox. I already reinstalled that browser and searched/removed old versions in java control panel. In \Program Files (x86)\Java\ I have a folder for both jre1.8.0_73 and jre7. In the jre7 folder is "bin" folder modified this morning. It only contains msvcr100.dll
 
I opened regedit to see if it would list plugins. I see a "TaskBarIDs" key under Hkeycurrentuser\mozilla\firefox listing E7CF176E110C211B if that might mean anything? A Mozilla plugins key is listed @tools.google.com/google update;version=3. it lists a path to local\google\update\1.3.29.5\npgoogleupdate3.dll The same key is listed twice except the second one states version=9 with the same path.
Then I have some netscape navigator suffixes listed to application/msexcel and msword and "application/vnd.adobe/xdp". User trusted external applications listed has a path to acrobat 11 under netscape navigator. I have never had netscape though. Does any of that seem odd? I tried to paste a screenshot but it would not let me. If it seems normal, I will just work on getting rid of old java and wait it out a bit.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users