Hi there. Yep even opening the explorer window to try and run farbar had not finished opening up after about 5 minutes, so I have had to run it and aswMBR from safe mode with networking switched on, so if the log reports do not show all the services that would run normally, I apologise. Yes, the computer is running very slow. The start up programs haven't even loaded up after about half an hour. I also thought there might be a problem with spybot updates as the log said files were missing and would be installed on the next update, but it later says "is missing and will be installed on next update (version xxxxxx)". it later says it has downloaded and extracted the files, so I think spybot is fully and properly updated, but again I could only run it under safe mode, so it may not have captured everything. I have got it down to about 8 malware.

I am running windows vista home basic edition. As we speak I am just running a full scan with aswMBR in the hope that it might pick something up. I have already done a full scan with Bullguard and it picked up about 6 malware cookie txts which I removed. But afterwards I did a sytem restore and didn't know whether the files had been put back, so I did another full scan, after doing an update, just in case the system restore had put it back to the state it was in at the point of backup. Does system restore do this?

I'm wondering if this is a specific rogue program that hasn't been got by you or other virus checker vendors, as I did find an .exe file with a very long number in the startup menu as the computer was reporting a dll missing. There's also a couple of other actions that are dubious: I had not initialised a copy command, but a dialouge came up saying "the c:\users\luciomags\appdata\roaming\macromedia\flash p...\setting.sol folder does not exist the file may have been moved or deleted. Also windows blocks a program called search results cleaner from running but a command prompt directory search with search*.exe reveals nothing. Could there possibly be hidden files in the startup, or indeed, anywhere else that are malicious? I have never seen this blocker program before. Isn't that the whole point of vista asking whether you want to run a program or not? Windows defender threw up an error but after research this is down to the virus checker; although I have tried to disable windows defender service with msconfig to no avail. Last of all a program (a tool to aid in the developing services for windowsNT) starts on the taskbar requesting permission to run, but you have to click the program icon in order for windows to ask whether you want it to run or not.

It's a mystery and any help would be greatly appreciated. Logs in next post

I have just tried to post this from the infected computer and it suddenly came up with connection problems/couldn't connect. My friend that I'm fixing the computer for said that he had that problem quite often himself; particularly on username/password webpages. Anyway here are the logs, posted from a decent machine; I.E. Linux based.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-10-2014
Ran by LucioMags (administrator) on LUCIOMAGS-PC on 23-10-2014 15:21:51
Running from C:\Users\LucioMags\Downloads
Loaded Profile: LucioMags (Available profiles: LucioMags)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3810304 2008-11-17] (Dell Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [1735760 2009-01-09] (Dell Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [288040 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ApnUpdater] => "C:\Program Files\Ask.com\Updater\Updater.exe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1118544 2014-10-23] (BullGuard Ltd.)
HKLM\...\Run: [BullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2325328 2014-10-23] (BullGuard Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [25623336 2009-10-09] (Skype Technologies S.A.)
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1095000 2013-12-30] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\MountPoints2: {70f5aeff-4192-11df-af5e-0023ae29e258} - E:\AutoRun.exe
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...\MountPoints2: {bd9c3e7e-3ce9-11df-854b-0023ae29e258} - E:\AutoRun.exe
HKU\S-1-5-21-2387892739-269016217-2709116024-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll => c:\Program Files\BullGuard Ltd\BullGuard\BgAgent.dll [86712 2014-10-23] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm167^YYA^gb&si=MDUK13&ptb=4E00FDAF-0D29-4C12-82F1-8BAC207FC96D&ind=2014061514&n=780c23ca&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm167^YYA^gb&si=MDUK13&ptb=4E00FDAF-0D29-4C12-82F1-8BAC207FC96D&ind=2014061514&n=780c23ca&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {3729F2E5-EF82-43F3-A5DA-0654CB94E9FE} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=%5EU3&apn_dtid=%5EOSJ000%5EYY%5EGB&apn_uid=00F02D99-9361-4B22-8A4D-6E8C8DD3AB6E&apn_sauid=703DD0B0-69A8-42F9-8DF5-63EA6DA640A5
SearchScopes: HKCU - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm167^YYA^gb&si=MDUK13&ptb=4E00FDAF-0D29-4C12-82F1-8BAC207FC96D&ind=2014061514&n=780c23ca&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?fr=mcafee&p={searchTerms}
SearchScopes: HKCU - {FA923E8B-A06E-4ACC-8729-D52EE8E386AA} URL = http://www.google.com/search?q={searchTerms}
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 05 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 06 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 07 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 08 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 09 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 10 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Winsock: Catalog9 21 C:\Windows\system32\BGLsp.dll [64336] (BullGuard Ltd.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-08]
FF HKLM\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard
FF Extension: BullGuard Safe Browsing - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard [2014-03-12]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [624464 2014-10-23] (BullGuard Ltd.)
S2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [513360 2014-10-23] (BullGuard Ltd.)
S2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [130896 2014-10-23] (BullGuard Ltd.)
S2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [356176 2014-10-23] (BullGuard Ltd.)
S2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [634192 2014-10-23] (BullGuard Ltd.)
S2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [589648 2014-10-23] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [436048 2014-10-23] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [239952 2014-10-23] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [330576 2014-10-23] (BullGuard Ltd.)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-30] (Garmin Ltd or its subsidiaries)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)
S2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-11-17] (Dell Inc.) [File not signed]
S2 Websteroids; "C:\ProgramData\Websteroids\WebsteroidsService.exe" "C:\ProgramData\Websteroids\Websteroids.exe"
S2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [35024 2014-09-08] (Agnitum Ltd.)
S3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [340688 2014-09-08] (Agnitum Ltd.)
S3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-11-17] (Broadcom Corporation)
S1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [98608 2014-06-18] (BullGuard Ltd.)
S1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [63584 2013-11-06] (BullGuard Ltd.)
S1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [261360 2014-10-13] (BullGuard Ltd.)
S1 NovaShieldTDIDriver; C:\Windows\System32\DRIVERS\NSNetmon.sys [21888 2014-10-13] (BullGuard Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [343456 2013-12-18] (BitDefender S.R.L.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:21 - 2014-10-23 15:22 - 00015577 _____ () C:\Users\LucioMags\Downloads\FRST.txt
2014-10-23 15:21 - 2014-10-23 15:21 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-10-23 15:21 - 2014-10-23 15:21 - 00000000 ____D () C:\FRST
2014-10-23 15:05 - 2014-10-23 15:05 - 01103360 _____ (Farbar) C:\Users\LucioMags\Downloads\FRST.exe
2014-10-23 14:59 - 2014-10-23 14:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LUCIOMAGS-PC-Microsoft®-Windows-Vista™-Home-Basic-(32-bit).dat
2014-10-23 14:58 - 2014-10-23 14:58 - 00000000 ____D () C:\RegBackup
2014-10-23 14:56 - 2014-10-23 14:56 - 00001976 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-10-23 14:56 - 2014-10-23 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-10-23 14:56 - 2014-10-23 14:56 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-10-23 14:55 - 2014-10-23 14:55 - 04215584 _____ () C:\Users\LucioMags\Downloads\tweaking.com_registry_backup_setup.exe
2014-10-22 13:45 - 2014-10-22 13:45 - 00000000 _____ () C:\Users\LucioMags\AppData\Local\{1F03DFAB-CC2F-4F2B-9055-8E5F4C324CBA}
2014-10-19 18:37 - 2014-10-19 18:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-19 18:37 - 2014-10-19 18:37 - 00000000 _____ () C:\Windows\setupact.log
2014-10-19 16:24 - 2014-10-19 16:24 - 00000000 ____D () C:\Users\LucioMags\AppData\Roaming\SpeedMaxPc
2014-10-19 16:22 - 2014-10-22 11:34 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-10-19 10:12 - 2014-10-19 10:26 - 06000640 _____ () C:\Program Files\GUT1BCA.tmp
2014-10-18 09:37 - 2014-10-18 09:37 - 00000000 ____D () C:\Users\LucioMags\AppData\Roaming\ParetoLogic
2014-10-18 09:35 - 2014-10-18 11:26 - 00000394 _____ () C:\Windows\Tasks\RegCure Pro.job
2014-10-18 09:35 - 2014-10-18 10:07 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-10-18 09:35 - 2014-10-18 09:35 - 00000000 ____D () C:\Program Files\ParetoLogic
2014-10-17 19:14 - 2014-10-17 19:14 - 00000107 _____ () C:\Windows\wininit.ini
2014-10-17 17:51 - 2014-10-17 20:55 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-10-17 17:50 - 2014-10-23 15:08 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-10-17 17:50 - 2014-10-17 20:55 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-10-17 17:50 - 2014-10-17 17:50 - 00001930 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-17 17:50 - 2014-10-17 17:50 - 00001918 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-17 17:50 - 2014-10-17 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-17 17:49 - 2014-10-17 17:55 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-17 17:49 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-17 17:25 - 2014-10-23 11:53 - 00001656 _____ () C:\Windows\PFRO.log
2014-10-15 08:13 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 08:13 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 08:13 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 08:03 - 2014-09-28 00:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 03:11 - 2014-10-15 03:12 - 00000000 ____D () C:\005afd5fb2bcdc987e
2014-10-15 03:11 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-15 03:05 - 2014-10-15 03:11 - 00000000 ____D () C:\2d5f852583b292c82e2aaad67c63
2014-10-15 03:04 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 22:03 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 22:03 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 22:03 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 22:03 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 22:03 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 22:03 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 22:03 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-14 22:03 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 22:03 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 22:03 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 22:03 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-14 22:03 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 22:03 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 22:03 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-14 22:03 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 22:03 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 22:03 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 22:03 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 22:03 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-14 22:03 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-14 22:03 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-25 03:04 - 2014-09-09 07:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:20 - 2012-03-08 08:13 - 00000000 ____D () C:\ProgramData\BullGuard
2014-10-23 15:09 - 2010-02-14 12:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 15:08 - 2012-03-08 08:26 - 00000268 _____ () C:\Windows\system32\config\afw_hm.conf
2014-10-23 15:08 - 2012-03-08 08:26 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-10-23 15:08 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 15:08 - 2006-11-02 13:45 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 15:08 - 2006-11-02 13:45 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 14:30 - 2008-01-21 02:38 - 01055954 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 14:30 - 2006-11-02 13:58 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-23 14:04 - 2013-05-18 22:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 12:41 - 2006-11-02 13:44 - 00228936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-23 11:21 - 2014-01-22 12:40 - 00140280 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2014-10-23 11:21 - 2013-11-18 12:17 - 00064336 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2014-10-22 13:42 - 2010-02-06 20:10 - 00000000 ____D () C:\Users\LucioMags
2014-10-22 13:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-10-22 13:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-22 13:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-10-22 13:42 - 2006-11-02 11:22 - 41943040 _____ () C:\Windows\system32\config\components_previous
2014-10-22 13:42 - 2006-11-02 11:22 - 36700160 _____ () C:\Windows\system32\config\software_previous
2014-10-22 13:42 - 2006-11-02 11:22 - 20447232 _____ () C:\Windows\system32\config\system_previous
2014-10-22 13:42 - 2006-11-02 11:22 - 04980736 _____ () C:\Windows\system32\config\default_previous
2014-10-22 13:42 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-10-22 13:42 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-10-22 10:40 - 2010-02-19 16:21 - 00000000 ____D () C:\Users\LucioMags\AppData\Roaming\Skype
2014-10-19 10:32 - 2010-02-14 12:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 19:14 - 2011-11-28 14:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-17 17:25 - 2011-11-28 14:32 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-10-15 09:47 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-15 03:25 - 2013-07-16 12:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 03:12 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-13 23:19 - 2013-11-28 14:23 - 00261360 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\NSKernel.sys
2014-10-13 23:19 - 2013-11-28 14:23 - 00021888 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\NSNetmon.sys
2014-09-25 11:23 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-09-24 09:03 - 2013-05-18 22:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 09:03 - 2013-05-18 22:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\LucioMags\AppData\Local\Temp\DataCard_Setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-23 14:22

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2014
Ran by LucioMags at 2014-10-23 15:23:16
Running from C:\Users\LucioMags\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: BullGuard Antivirus (Enabled - Up to date) {EDBB5818-2352-E06B-028A-4E6873B92CC5}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: BullGuard Antispyware (Enabled - Up to date) {56DAB9FC-0568-EFE5-383A-751A083E6678}
FW: BullGuard Firewall (Disabled) {D580D93D-693D-E133-29D5-E75D8D6A6BBE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATTENTION
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 14.0 - BullGuard Ltd.)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.115.102 - ALPS ELECTRIC CO., LTD.)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Elevated Installer (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{0904cc72-1b29-426a-b0f0-228d2744a4f6}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.63.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 9.2.17 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20113 - Realtek Semiconductor Corp.)
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 4.1 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.1.179 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{DCA74850-096D-40CD-BB81-17034E51ACB6}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2387892739-269016217-2709116024-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

==================== Restore Points =========================

07-10-2014 08:19:21 Scheduled Checkpoint
07-10-2014 22:58:03 Scheduled Checkpoint
08-10-2014 20:58:31 Scheduled Checkpoint
10-10-2014 17:39:36 Scheduled Checkpoint
11-10-2014 09:03:12 Scheduled Checkpoint
12-10-2014 00:46:12 Scheduled Checkpoint
13-10-2014 21:07:19 Scheduled Checkpoint
14-10-2014 23:09:27 Scheduled Checkpoint
15-10-2014 02:02:08 Windows Update
15-10-2014 06:58:30 Windows Update
15-10-2014 22:14:54 Scheduled Checkpoint
16-10-2014 13:34:30 Scheduled Checkpoint
17-10-2014 20:54:01 Scheduled Checkpoint
19-10-2014 10:17:36 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2011-11-28 15:05 - 00438691 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com (http://www.007guard.com)
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com (http://www.008k.com)
127.0.0.1 008k.com
127.0.0.1 www.00hq.com (http://www.00hq.com)
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com (http://www.032439.com)
127.0.0.1 032439.com
127.0.0.1 www.0scan.com (http://www.0scan.com)
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com (http://www.1000gratisproben.com)
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com (http://www.1001namen.com)
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com (http://www.100888290cs.com)
127.0.0.1 www.100sexlinks.com (http://www.100sexlinks.com)
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com (http://www.10sek.com)
127.0.0.1 www.1-2005-search.com (http://www.1-2005-search.com)
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info (http://www.123fporn.info)
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com (http://www.123haustiereundmehr.com)

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1028AC08-DF1F-4CAD-9061-859E60CB5949} - System32\Tasks\Foresight Software Update3 => C:\Program Files\Common Files\Foresight Software\UUS3\Update3.exe
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {29903ACF-87C4-464D-B58F-6D699677B78B} - System32\Tasks\{B396E731-7D20-4CDE-BB89-A62509736AFA} => C:\Program Files\Skype\Phone\Skype.exe [2009-10-09] (Skype Technologies S.A.)
Task: {40E8453A-48F3-49C0-92F7-3C8944948675} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {51AAAB3F-252A-49F5-AE09-772AF2FB073B} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {5C25A634-7539-4A84-9460-518B16A1B42B} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {89598E38-AA49-42F9-9DEC-014210DB848B} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {899C572A-9D41-47B9-ADB6-6C9156FB18C1} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-10-22] (ParetoLogic, Inc.)
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {8EFB6D16-5CF2-4E22-8E44-61F5731D12F2} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {900B69D2-8C96-4E98-BCAE-48412DB4E78E} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {9A6405EB-A69A-416B-9890-6CBA381E67D9} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {9B656C5D-B5A3-4F24-ABDD-2EB6987F7027} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {9F390455-BBC7-43BE-B928-C164FAB3A7F7} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {A6D6CB0D-9D60-4B27-8AEC-2C4591EBA869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {C70E1EA0-24DC-489A-8691-7081F960E0E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E2332E14-7E28-45C8-8290-131397E2AEE6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-10-02 16:48 - 2014-10-23 11:21 - 00491344 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll
2013-10-02 16:48 - 2014-10-23 11:21 - 00074064 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll
2013-10-02 16:48 - 2014-10-23 11:21 - 00560464 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll
2013-10-02 16:48 - 2014-10-23 11:21 - 00056656 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll
2013-10-02 16:48 - 2014-10-23 11:21 - 00074064 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
2013-10-02 16:48 - 2014-10-23 11:21 - 00560464 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

========================= Accounts: ==========================

Administrator (S-1-5-21-2387892739-269016217-2709116024-500 - Administrator - Disabled)
Guest (S-1-5-21-2387892739-269016217-2709116024-501 - Limited - Disabled)
LucioMags (S-1-5-21-2387892739-269016217-2709116024-1000 - Administrator - Enabled) => C:\Users\LucioMags

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 03:20:21 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/23/2014 03:16:01 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:55 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:50 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PerfDiskC:\Windows\System32\perfdisk.dll4

Error: (10/23/2014 03:15:36 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 02:51:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 02:50:50 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/23/2014 02:28:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application SDScan.exe, version 2.4.40.181, time stamp 0x535a5179, faulting module SDScanLibrary.dll_unloaded, version 0.0.0.0, time stamp 0x535a510a, exception code 0xc0000005, fault offset 0x04c3f6e2,
process id 0x1780, application start time 0xSDScan.exe0.


System errors:
=============
Error: (10/23/2014 03:21:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: BdAgent
BdSpy
NovaShieldFilterDriver
NovaShieldTDIDriver
spldr
Wanarpv6

Error: (10/23/2014 03:21:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (10/23/2014 03:20:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/23/2014 03:20:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/23/2014 03:20:21 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/23/2014 03:20:14 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/23/2014 03:07:54 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 2) (User: NT AUTHORITY)
Description: 0

Error: (10/23/2014 02:51:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: BdAgent
BdSpy
NovaShieldFilterDriver
NovaShieldTDIDriver
spldr
Wanarpv6

Error: (10/23/2014 02:51:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (10/23/2014 02:51:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wcncsvc{375FF001-DD27-11D9-8F9C-0002B3988E81}


Microsoft Office Sessions:
=========================
Error: (10/23/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 03:20:21 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/23/2014 03:16:01 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:55 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:50 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 03:15:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PerfDiskC:\Windows\System32\perfdisk.dll4

Error: (10/23/2014 03:15:36 PM) (Source: PerfDisk) (EventID: 1000) (User: )
Description:

Error: (10/23/2014 02:51:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 02:50:50 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/23/2014 02:28:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDScan.exe2.4.40.181535a5179SDScanLibrary.dll_unloaded0.0.0.0535a510ac000000504c3f6e2178001cfeec3f29a7a5c


CodeIntegrity Errors:
===================================
Date: 2014-05-11 22:46:14.990
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-05-04 09:36:26.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-05-03 09:52:09.519
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-04-28 08:30:23.380
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-04-23 20:50:11.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-04-23 08:36:19.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-04-21 09:01:08.709
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-04-16 17:21:59.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-03-25 06:42:20.034
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2014-03-17 07:31:09.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU 585 @ 2.16GHz
Percentage of memory in use: 55%
Total physical RAM: 985.63 MB
Available physical RAM: 439.48 MB
Total Pagefile: 2241.6 MB
Available Pagefile: 1782.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.01 GB) (Free:104.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: E3641CF3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
aswMBR version 1.0.1.2161 Copyright(c) 2014 AVAST Software
Run date: 2014-10-23 15:32:32
-----------------------------
15:32:32.367 OS Version: Windows 6.0.6002 Service Pack 2
15:32:32.367 Number of processors: 1 586 0xF0D
15:32:32.367 ComputerName: LUCIOMAGS-PC UserName: LucioMags
15:32:35.268 Initialize success
15:32:35.284 VM: driver load error: 2
15:35:12.579 AVAST engine defs: 14102300
15:35:26.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:35:26.744 Disk 0 Vendor: FUJITSU_MHZ2160BH_G2 00850009 Size: 152627MB BusType: 3
15:35:26.853 Disk 0 MBR read successfully
15:35:26.868 Disk 0 MBR scan
15:35:27.071 Disk 0 Windows VISTA default MBR code
15:35:27.071 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
15:35:27.118 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152586 MB offset 81920
15:35:27.212 Disk 0 scanning sectors +312578048
15:35:27.524 Disk 0 scanning C:\Windows\system32\drivers
15:35:47.679 Service scanning
15:36:20.423 Modules scanning
15:36:31.062 Disk 0 trace - called modules:
15:36:31.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
15:36:31.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x845f0320]
15:36:31.140 3 CLASSPNP.SYS[863a28b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x83b1db98]
15:36:33.184 AVAST engine scan C:\Windows
15:36:37.318 AVAST engine scan C:\Windows\system32
15:40:40.148 AVAST engine scan C:\Windows\system32\drivers
15:40:56.060 AVAST engine scan C:\Users\LucioMags
15:42:49.721 AVAST engine scan C:\ProgramData
15:45:24.130 Disk 0 statistics 2444897/0/0 @ 3.24 MB/s
15:45:24.146 Scan finished successfully
15:46:24.206 Disk 0 MBR has been saved successfully to "C:\Users\LucioMags\Downloads\MBR.dat"
15:46:24.252 The log file has been saved successfully to "C:\Users\LucioMags\Downloads\aswMBR.txt"

hi doubleoseverin2,

Lets start with this:

Download TDSSkiller.exe (http://support.kaspersky.com/downloads/utils/tdsskiller.exe) and save it to the Desktop. Run it in safe mode then reboot normally and run it again if possible.

Right-click the .exe and select run as admin or allow the UAC prompt.

When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System

Click: OK
Press: Start Scan

If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue

If malicious objects are found, they show in the Scan results.

Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.

(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)

When done, the log can be found in your root drive which by default is C:\

Logs are named like this:
C:\TDSSKiller.X.X.X_10.04.2014_12.25.23_log.txt
TDSSKiller.[Version]_[Date]_[Time]_log.txt


Please post the TDSSKiller log in your reply.

Hi there shelf life. Sorry I have taken so long to reply, but i've been busy with other stuff. I have run tdsskiller twice (one in safe mode and normal) both times I ran it as administrator and with the detect tdlfs checkbox ticked. Unfortunately no threats were found, but the computer seems to be behaving slightly better (it seems to come and go; there's no accounting for it!) although when I first ran it in normal mode; i.e. not safe mode it did come back saying "the operation returned because the timeout period expired" so there's definetly something up. I can't remember whether I mentioned it in the previous post, but even in safe mode it was blocking me from getting to this spybot site, so I have had to use my linux machine to download tdsskiller onto usb stick and copy it across to the infected machine in question and, obviously, also copied the logs back onto usb stick on the linux machine.

Anyway, here are the logs for both runs:

13:54:00.0780 0x07a4 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
13:54:13.0104 0x07a4 ============================================================
13:54:13.0104 0x07a4 Current date / time: 2014/11/12 13:54:13.0104
13:54:13.0104 0x07a4 SystemInfo:
13:54:13.0104 0x07a4
13:54:13.0104 0x07a4 OS Version: 6.0.6002 ServicePack: 2.0
13:54:13.0104 0x07a4 Product type: Workstation
13:54:13.0104 0x07a4 ComputerName: LUCIOMAGS-PC
13:54:13.0104 0x07a4 UserName: LucioMags
13:54:13.0104 0x07a4 Windows directory: C:\Windows
13:54:13.0104 0x07a4 System windows directory: C:\Windows
13:54:13.0104 0x07a4 Processor architecture: Intel x86
13:54:13.0104 0x07a4 Number of processors: 1
13:54:13.0104 0x07a4 Page size: 0x1000
13:54:13.0104 0x07a4 Boot type: Safe boot with network
13:54:13.0104 0x07a4 ============================================================
13:54:15.0662 0x07a4 KLMD registered as C:\Windows\system32\drivers\56013310.sys
13:54:15.0787 0x07a4 System UUID: {2F9AFD6A-B675-5C49-57AE-C2557F554E85}
13:54:16.0380 0x07a4 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:54:16.0380 0x07a4 Drive \Device\Harddisk1\DR1 - Size: 0x3BD800000 ( 14.96 Gb ), SectorSize: 0x200, Cylinders: 0x7A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:54:16.0380 0x07a4 ============================================================
13:54:16.0380 0x07a4 \Device\Harddisk0\DR0:
13:54:16.0380 0x07a4 MBR partitions:
13:54:16.0380 0x07a4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x12A05000
13:54:16.0380 0x07a4 \Device\Harddisk1\DR1:
13:54:16.0380 0x07a4 MBR partitions:
13:54:16.0380 0x07a4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DEBFE0
13:54:16.0380 0x07a4 ============================================================
13:54:16.0411 0x07a4 C: <-> \Device\Harddisk0\DR0\Partition1
13:54:16.0411 0x07a4 ============================================================
13:54:16.0411 0x07a4 Initialize success
13:54:16.0411 0x07a4 ============================================================
13:56:13.0973 0x0288 ============================================================
13:56:13.0973 0x0288 Scan started
13:56:13.0973 0x0288 Mode: Manual; TDLFS;
13:56:13.0973 0x0288 ============================================================
13:56:13.0973 0x0288 KSN ping started
13:56:27.0779 0x0288 KSN ping finished: true
13:56:29.0900 0x0288 ================ Scan system memory ========================
13:56:29.0900 0x0288 System memory - ok
13:56:29.0900 0x0288 ================ Scan services =============================
13:56:30.0103 0x0288 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:56:30.0119 0x0288 ACPI - ok
13:56:30.0337 0x0288 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:56:30.0337 0x0288 AdobeARMservice - ok
13:56:30.0478 0x0288 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:56:30.0493 0x0288 AdobeFlashPlayerUpdateSvc - ok
13:56:30.0540 0x0288 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:56:30.0556 0x0288 adp94xx - ok
13:56:30.0587 0x0288 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:56:30.0618 0x0288 adpahci - ok
13:56:30.0634 0x0288 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:56:30.0634 0x0288 adpu160m - ok
13:56:30.0649 0x0288 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:56:30.0665 0x0288 adpu320 - ok
13:56:30.0712 0x0288 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:56:30.0727 0x0288 AeLookupSvc - ok
13:56:30.0805 0x0288 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
13:56:30.0883 0x0288 AFD - ok
13:56:30.0946 0x0288 [ 68DD1D7A0783D184054184AEED5A779B, 873E72777FF27D95D94C186604936751B461E3046A4061872FEFBAFAC957F0C8 ] AFW C:\Windows\system32\DRIVERS\afw.sys
13:56:30.0946 0x0288 AFW - ok
13:56:30.0992 0x0288 [ 851D40AD98DCB7FF408CDB61983C4C3A, 5D1D0FF1BCB76E7690EB445538C8E9829B320767DB45B269AB390541D5C9AD20 ] afwcore C:\Windows\system32\DRIVERS\afwcore.sys
13:56:31.0024 0x0288 afwcore - ok
13:56:31.0102 0x0288 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:56:31.0102 0x0288 agp440 - ok
13:56:31.0180 0x0288 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:56:31.0195 0x0288 aic78xx - ok
13:56:31.0211 0x0288 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
13:56:31.0211 0x0288 ALG - ok
13:56:31.0226 0x0288 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
13:56:31.0226 0x0288 aliide - ok
13:56:31.0258 0x0288 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:56:31.0258 0x0288 amdagp - ok
13:56:31.0320 0x0288 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
13:56:31.0320 0x0288 amdide - ok
13:56:31.0336 0x0288 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:56:31.0336 0x0288 AmdK7 - ok
13:56:31.0351 0x0288 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:56:31.0367 0x0288 AmdK8 - ok
13:56:31.0445 0x0288 [ 448DA519F3B6FFA158C513156053181E, AA37D1F9CAE0D92A381F2F95E980C5ABD688DB115DD79F9B3DBBCCF9715BEF7A ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
13:56:31.0460 0x0288 ApfiltrService - ok
13:56:31.0554 0x0288 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
13:56:31.0554 0x0288 Appinfo - ok
13:56:31.0616 0x0288 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
13:56:31.0616 0x0288 arc - ok
13:56:31.0663 0x0288 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:56:31.0663 0x0288 arcsas - ok
13:56:31.0772 0x0288 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:56:31.0804 0x0288 aspnet_state - ok
13:56:31.0866 0x0288 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:56:31.0866 0x0288 AsyncMac - ok
13:56:31.0897 0x0288 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
13:56:31.0897 0x0288 atapi - ok
13:56:31.0975 0x0288 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:56:32.0006 0x0288 AudioEndpointBuilder - ok
13:56:32.0022 0x0288 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:56:32.0038 0x0288 Audiosrv - ok
13:56:32.0069 0x0288 [ 423C7B87E886AC93D22936EA82665F83, 98B807D855A746E68525AEEBB6D45AF418861C2111D7F8493A8A6FB59F6C6F8E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
13:56:32.0069 0x0288 BCM42RLY - ok
13:56:32.0209 0x0288 [ B56999BE8F22BA3071E4CEAFA9E82E26, 9130E93495738A16DA83DDBC077C153D1E24FACD203DABF299DBEE45DD326A64 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
13:56:32.0256 0x0288 BCM43XX - ok
13:56:32.0381 0x0288 [ 809F903D456C24142ACDD90ACB7EF6E8, 973C386D5EF3417424A17038F67AEE719D9AC83D43D17A2FE564AE9CB923C4DB ] BdAgent C:\Windows\system32\DRIVERS\BdAgent.sys
13:56:32.0381 0x0288 BdAgent - ok
13:56:32.0474 0x0288 [ 4952053742AE6305F6E4E165A7FAA10D, 5B34495086D1EC5558AC29718DB366C4FA8C6AFC39BB623832222A5B099F2945 ] BdSpy C:\Windows\system32\drivers\BdSpy.sys
13:56:32.0474 0x0288 BdSpy - ok
13:56:32.0537 0x0288 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
13:56:32.0537 0x0288 Beep - ok
13:56:32.0646 0x0288 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
13:56:32.0677 0x0288 BFE - ok
13:56:32.0771 0x0288 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
13:56:32.0864 0x0288 BITS - ok
13:56:32.0896 0x0288 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:56:32.0896 0x0288 blbdrive - ok
13:56:32.0927 0x0288 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:56:32.0927 0x0288 bowser - ok
13:56:33.0005 0x0288 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:56:33.0005 0x0288 BrFiltLo - ok
13:56:33.0020 0x0288 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:56:33.0020 0x0288 BrFiltUp - ok
13:56:33.0036 0x0288 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
13:56:33.0052 0x0288 Browser - ok
13:56:33.0114 0x0288 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:56:33.0114 0x0288 Brserid - ok
13:56:33.0145 0x0288 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:56:33.0145 0x0288 BrSerWdm - ok
13:56:33.0161 0x0288 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:56:33.0161 0x0288 BrUsbMdm - ok
13:56:33.0176 0x0288 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:56:33.0176 0x0288 BrUsbSer - ok
13:56:33.0457 0x0288 [ 43817F28790F2F038EE933F8788F98EB, 62F2B236EA8CBB89031AE558490D034FFA5FDCFC8BA45BDE2662461B9ECE84C4 ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
13:56:33.0473 0x0288 BsBackup - ok
13:56:33.0598 0x0288 [ C4587FFFA74221B588B7771CFA64E122, 41E2FBE8F5936EC89EADC9B2ACD09E5456EACE508EDB532C7D9AA9ECE3A6E441 ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
13:56:33.0613 0x0288 BsBhvScan - ok
13:56:33.0660 0x0288 [ 3F66A33278FD3331F3C2BBC19B942E49, 60C265970CE427AB3A00DECB48BD15C98F346C708ECA337F00FE3789EB43A7E7 ] BsCache C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll
13:56:33.0660 0x0288 BsCache - ok
13:56:33.0754 0x0288 [ BA4B2E0691E5C5BFF886536EE02A2FF3, 9ADE7C9A8630DE5E5F6BFFE49A0BB327376751B33D07790E4B0DFBB84AF28F32 ] BsFileScan c:\program files\bullguard ltd\bullguard\BsFileScan.dll
13:56:33.0769 0x0288 BsFileScan - ok
13:56:33.0863 0x0288 [ 70B7127E88CACB235BA221BE8000CFF5, D4057DBF2181C530094A5D88A885A8D9184AA8177482DB6F72D4EF3E88BBB6A2 ] BsFire c:\program files\bullguard ltd\bullguard\BsFire.dll
13:56:33.0878 0x0288 BsFire - ok
13:56:34.0081 0x0288 [ 4C846909CCD026BC4C136D0F547B6203, 77E06F544667A5FBA72EEF461F5E072705AAC718D57550ADD90FEE6D2AC81988 ] BsMailProxy c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll
13:56:34.0097 0x0288 BsMailProxy - ok
13:56:34.0206 0x0288 [ 3FF1705ED1002C2D6801E0C204D1B27C, D905CC006D519AB82F695C5718B6F2229B7E4C458925973C00B4F0855652C1B6 ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
13:56:34.0206 0x0288 BsMain - ok
13:56:34.0268 0x0288 [ 97589179D89BF668A1BE6DDC33F7327F, 41EA609B528C323ECF1572F5A67DF2C4244FFD6C44DE2DC10739C2E31F62602B ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
13:56:34.0268 0x0288 BsScanner - ok
13:56:34.0362 0x0288 [ B5D0156C54A8391388DE772610EB4DC0, 9352B04674D0122F610FCD0596D2499E714F5428B03C1A8A4B73424CB2AA5746 ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
13:56:34.0362 0x0288 BsUpdate - ok
13:56:34.0456 0x0288 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:56:34.0456 0x0288 BTHMODEM - ok
13:56:34.0518 0x0288 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:56:34.0518 0x0288 cdfs - ok
13:56:34.0549 0x0288 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:56:34.0549 0x0288 cdrom - ok
13:56:34.0690 0x0288 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
13:56:34.0690 0x0288 CertPropSvc - ok
13:56:34.0721 0x0288 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
13:56:34.0721 0x0288 circlass - ok
13:56:34.0752 0x0288 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
13:56:34.0768 0x0288 CLFS - ok
13:56:34.0877 0x0288 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:56:34.0877 0x0288 clr_optimization_v2.0.50727_32 - ok
13:56:35.0002 0x0288 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:56:35.0095 0x0288 clr_optimization_v4.0.30319_32 - ok
13:56:35.0173 0x0288 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:56:35.0173 0x0288 CmBatt - ok
13:56:35.0236 0x0288 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:56:35.0236 0x0288 cmdide - ok
13:56:35.0314 0x0288 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:56:35.0314 0x0288 Compbatt - ok
13:56:35.0329 0x0288 COMSysApp - ok
13:56:35.0392 0x0288 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:56:35.0392 0x0288 crcdisk - ok
13:56:35.0407 0x0288 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:56:35.0407 0x0288 Crusoe - ok
13:56:35.0501 0x0288 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:56:35.0516 0x0288 CryptSvc - ok
13:56:35.0626 0x0288 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:56:35.0704 0x0288 DcomLaunch - ok
13:56:35.0735 0x0288 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:56:35.0735 0x0288 DfsC - ok
13:56:35.0891 0x0288 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
13:56:35.0984 0x0288 DFSR - ok
13:56:36.0078 0x0288 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:56:36.0094 0x0288 Dhcp - ok
13:56:36.0172 0x0288 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
13:56:36.0187 0x0288 disk - ok
13:56:36.0281 0x0288 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:56:36.0281 0x0288 Dnscache - ok
13:56:36.0312 0x0288 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
13:56:36.0328 0x0288 dot3svc - ok
13:56:36.0390 0x0288 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
13:56:36.0390 0x0288 DPS - ok
13:56:36.0484 0x0288 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:56:36.0484 0x0288 drmkaud - ok
13:56:36.0593 0x0288 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:56:36.0671 0x0288 DXGKrnl - ok
13:56:36.0718 0x0288 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:56:36.0718 0x0288 E1G60 - ok
13:56:36.0780 0x0288 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
13:56:36.0780 0x0288 EapHost - ok
13:56:36.0858 0x0288 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
13:56:36.0874 0x0288 Ecache - ok
13:56:36.0967 0x0288 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:56:36.0998 0x0288 elxstor - ok
13:56:37.0061 0x0288 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:56:37.0092 0x0288 EMDMgmt - ok
13:56:37.0108 0x0288 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:56:37.0108 0x0288 ErrDev - ok
13:56:37.0154 0x0288 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
13:56:37.0186 0x0288 EventSystem - ok
13:56:37.0264 0x0288 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
13:56:37.0264 0x0288 exfat - ok
13:56:37.0326 0x0288 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:56:37.0342 0x0288 fastfat - ok
13:56:37.0420 0x0288 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:56:37.0435 0x0288 fdc - ok
13:56:37.0466 0x0288 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
13:56:37.0466 0x0288 fdPHost - ok
13:56:37.0482 0x0288 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
13:56:37.0482 0x0288 FDResPub - ok
13:56:37.0498 0x0288 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:56:37.0513 0x0288 FileInfo - ok
13:56:37.0529 0x0288 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:56:37.0529 0x0288 Filetrace - ok
13:56:37.0544 0x0288 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:56:37.0544 0x0288 flpydisk - ok
13:56:37.0591 0x0288 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:56:37.0607 0x0288 FltMgr - ok
13:56:37.0716 0x0288 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
13:56:37.0747 0x0288 FontCache - ok
13:56:37.0825 0x0288 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:56:37.0825 0x0288 FontCache3.0.0.0 - ok
13:56:37.0872 0x0288 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:56:37.0872 0x0288 Fs_Rec - ok
13:56:37.0903 0x0288 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:56:37.0903 0x0288 gagp30kx - ok
13:56:37.0997 0x0288 [ F84E17EEFC2EC0614265D2B204FEEE55, 59B7DE977A7E7B8B516706A4C1D6F2FA9F7894C527142B6579498C1724B5A3CF ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
13:56:37.0997 0x0288 Garmin Core Update Service - ok
13:56:38.0106 0x0288 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
13:56:38.0184 0x0288 gpsvc - ok
13:56:38.0278 0x0288 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:56:38.0293 0x0288 gupdate - ok
13:56:38.0340 0x0288 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:56:38.0340 0x0288 gupdatem - ok
13:56:38.0449 0x0288 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:56:38.0449 0x0288 gusvc - ok
13:56:38.0574 0x0288 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:56:38.0574 0x0288 HdAudAddService - ok
13:56:38.0652 0x0288 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:56:38.0683 0x0288 HDAudBus - ok
13:56:38.0714 0x0288 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:56:38.0714 0x0288 HidBth - ok
13:56:38.0746 0x0288 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
13:56:38.0746 0x0288 HidIr - ok
13:56:38.0777 0x0288 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
13:56:38.0777 0x0288 hidserv - ok
13:56:38.0808 0x0288 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:56:38.0808 0x0288 HidUsb - ok
13:56:38.0839 0x0288 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
13:56:38.0855 0x0288 hkmsvc - ok
13:56:38.0886 0x0288 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:56:38.0917 0x0288 HpCISSs - ok
13:56:38.0948 0x0288 [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:56:38.0980 0x0288 HTTP - ok
13:56:39.0026 0x0288 hwdatacard - ok
13:56:39.0042 0x0288 hwusbfake - ok
13:56:39.0104 0x0288 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:56:39.0104 0x0288 i2omp - ok
13:56:39.0182 0x0288 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:56:39.0198 0x0288 i8042prt - ok
13:56:39.0245 0x0288 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:56:39.0260 0x0288 iaStorV - ok
13:56:39.0385 0x0288 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:56:39.0416 0x0288 idsvc - ok
13:56:39.0572 0x0288 [ 8DAD27DD28A4274866767C89C0BF154F, E2E285DE595E2DC0E3A38AD79AF2605759B211BA06AE2904A3F0062F7F5ACB5E ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
13:56:39.0682 0x0288 igfx - ok
13:56:39.0744 0x0288 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:56:39.0744 0x0288 iirsp - ok
13:56:39.0838 0x0288 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
13:56:39.0884 0x0288 IKEEXT - ok
13:56:39.0978 0x0288 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
13:56:39.0978 0x0288 intelide - ok
13:56:40.0025 0x0288 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:56:40.0025 0x0288 intelppm - ok
13:56:40.0056 0x0288 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:56:40.0056 0x0288 IPBusEnum - ok
13:56:40.0087 0x0288 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:56:40.0087 0x0288 IpFilterDriver - ok
13:56:40.0134 0x0288 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:56:40.0150 0x0288 iphlpsvc - ok
13:56:40.0165 0x0288 IpInIp - ok
13:56:40.0196 0x0288 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:56:40.0196 0x0288 IPMIDRV - ok
13:56:40.0228 0x0288 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:56:40.0243 0x0288 IPNAT - ok
13:56:40.0290 0x0288 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:56:40.0290 0x0288 IRENUM - ok
13:56:40.0368 0x0288 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:56:40.0368 0x0288 isapnp - ok
13:56:40.0415 0x0288 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:56:40.0415 0x0288 iScsiPrt - ok
13:56:40.0493 0x0288 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:56:40.0493 0x0288 iteatapi - ok
13:56:40.0555 0x0288 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:56:40.0555 0x0288 iteraid - ok
13:56:40.0618 0x0288 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:56:40.0618 0x0288 kbdclass - ok
13:56:40.0711 0x0288 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:56:40.0711 0x0288 kbdhid - ok
13:56:40.0758 0x0288 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
13:56:40.0758 0x0288 KeyIso - ok
13:56:40.0820 0x0288 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:56:40.0836 0x0288 KSecDD - ok
13:56:40.0930 0x0288 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:56:40.0961 0x0288 KtmRm - ok
13:56:40.0992 0x0288 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
13:56:41.0023 0x0288 LanmanServer - ok
13:56:41.0101 0x0288 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:56:41.0117 0x0288 LanmanWorkstation - ok
13:56:41.0164 0x0288 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:56:41.0164 0x0288 lltdio - ok
13:56:41.0210 0x0288 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:56:41.0210 0x0288 lltdsvc - ok
13:56:41.0242 0x0288 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:56:41.0242 0x0288 lmhosts - ok
13:56:41.0288 0x0288 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:56:41.0304 0x0288 LSI_FC - ok
13:56:41.0335 0x0288 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:56:41.0335 0x0288 LSI_SAS - ok
13:56:41.0382 0x0288 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:56:41.0382 0x0288 LSI_SCSI - ok
13:56:41.0429 0x0288 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
13:56:41.0429 0x0288 luafv - ok
13:56:41.0507 0x0288 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
13:56:41.0507 0x0288 megasas - ok
13:56:41.0569 0x0288 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
13:56:41.0616 0x0288 MegaSR - ok
13:56:41.0663 0x0288 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
13:56:41.0678 0x0288 MMCSS - ok
13:56:41.0694 0x0288 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
13:56:41.0694 0x0288 Modem - ok
13:56:41.0756 0x0288 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:56:41.0772 0x0288 monitor - ok
13:56:41.0788 0x0288 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:56:41.0788 0x0288 mouclass - ok
13:56:41.0819 0x0288 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:56:41.0819 0x0288 mouhid - ok
13:56:41.0834 0x0288 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:56:41.0834 0x0288 MountMgr - ok
13:56:41.0897 0x0288 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:56:41.0912 0x0288 mpio - ok
13:56:41.0944 0x0288 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:56:41.0959 0x0288 mpsdrv - ok
13:56:42.0006 0x0288 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:56:42.0037 0x0288 MpsSvc - ok
13:56:42.0068 0x0288 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:56:42.0068 0x0288 Mraid35x - ok
13:56:42.0115 0x0288 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:56:42.0115 0x0288 MRxDAV - ok
13:56:42.0162 0x0288 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:56:42.0162 0x0288 mrxsmb - ok
13:56:42.0271 0x0288 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:56:42.0271 0x0288 mrxsmb10 - ok
13:56:42.0334 0x0288 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:56:42.0334 0x0288 mrxsmb20 - ok
13:56:42.0412 0x0288 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
13:56:42.0412 0x0288 msahci - ok
13:56:42.0474 0x0288 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:56:42.0490 0x0288 msdsm - ok
13:56:42.0552 0x0288 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
13:56:42.0568 0x0288 MSDTC - ok
13:56:42.0583 0x0288 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:56:42.0583 0x0288 Msfs - ok
13:56:42.0646 0x0288 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:56:42.0646 0x0288 msisadrv - ok
13:56:42.0692 0x0288 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:56:42.0692 0x0288 MSiSCSI - ok
13:56:42.0708 0x0288 msiserver - ok
13:56:42.0770 0x0288 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:56:42.0770 0x0288 MSKSSRV - ok
13:56:42.0833 0x0288 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:56:42.0833 0x0288 MSPCLOCK - ok
13:56:42.0895 0x0288 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:56:42.0895 0x0288 MSPQM - ok
13:56:42.0958 0x0288 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:56:42.0958 0x0288 MsRPC - ok
13:56:43.0036 0x0288 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:56:43.0036 0x0288 mssmbios - ok
13:56:43.0082 0x0288 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:56:43.0082 0x0288 MSTEE - ok
13:56:43.0129 0x0288 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
13:56:43.0129 0x0288 Mup - ok
13:56:43.0176 0x0288 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
13:56:43.0254 0x0288 napagent - ok
13:56:43.0285 0x0288 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:56:43.0301 0x0288 NativeWifiP - ok
13:56:43.0394 0x0288 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:56:43.0410 0x0288 NDIS - ok
13:56:43.0457 0x0288 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:56:43.0457 0x0288 NdisTapi - ok
13:56:43.0472 0x0288 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:56:43.0472 0x0288 Ndisuio - ok
13:56:43.0504 0x0288 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:56:43.0519 0x0288 NdisWan - ok
13:56:43.0535 0x0288 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:56:43.0535 0x0288 NDProxy - ok
13:56:43.0566 0x0288 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:56:43.0566 0x0288 NetBIOS - ok
13:56:43.0597 0x0288 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:56:43.0613 0x0288 netbt - ok
13:56:43.0660 0x0288 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
13:56:43.0660 0x0288 Netlogon - ok
13:56:43.0753 0x0288 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
13:56:43.0831 0x0288 Netman - ok
13:56:43.0909 0x0288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:56:43.0972 0x0288 NetMsmqActivator - ok
13:56:43.0972 0x0288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:56:43.0987 0x0288 NetPipeActivator - ok
13:56:44.0034 0x0288 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
13:56:44.0050 0x0288 netprofm - ok
13:56:44.0065 0x0288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:56:44.0081 0x0288 NetTcpActivator - ok
13:56:44.0081 0x0288 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:56:44.0096 0x0288 NetTcpPortSharing - ok
13:56:44.0159 0x0288 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:56:44.0159 0x0288 nfrd960 - ok
13:56:44.0206 0x0288 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
13:56:44.0221 0x0288 NlaSvc - ok
13:56:44.0330 0x0288 [ CA01A33633E45D122752581A4F19E161, FA98ED6E9953CE2D255E8A7C22944A68CD691104DEDEC3928CDB59CB04E5FA9B ] NovaShieldFilterDriver C:\Windows\system32\DRIVERS\NSKernel.sys
13:56:44.0330 0x0288 NovaShieldFilterDriver - ok
13:56:44.0377 0x0288 [ 3EFA383638F87788AD17EAEB2562C084, BD5CC8EF57862D41FB026EE498708B93EE95A629AA48E54AD930F03F1557075E ] NovaShieldTDIDriver C:\Windows\system32\DRIVERS\NSNetmon.sys
13:56:44.0377 0x0288 NovaShieldTDIDriver - ok
13:56:44.0455 0x0288 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:56:44.0455 0x0288 Npfs - ok
13:56:44.0502 0x0288 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
13:56:44.0502 0x0288 nsi - ok
13:56:44.0518 0x0288 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:56:44.0518 0x0288 nsiproxy - ok
13:56:44.0596 0x0288 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:56:44.0642 0x0288 Ntfs - ok
13:56:44.0674 0x0288 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:56:44.0674 0x0288 ntrigdigi - ok
13:56:44.0705 0x0288 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
13:56:44.0705 0x0288 Null - ok
13:56:44.0736 0x0288 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:56:44.0752 0x0288 nvraid - ok
13:56:44.0783 0x0288 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:56:44.0783 0x0288 nvstor - ok
13:56:44.0814 0x0288 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:56:44.0814 0x0288 nv_agp - ok
13:56:44.0830 0x0288 NwlnkFlt - ok
13:56:44.0845 0x0288 NwlnkFwd - ok
13:56:44.0861 0x0288 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:56:44.0861 0x0288 ohci1394 - ok
13:56:44.0939 0x0288 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:56:45.0017 0x0288 p2pimsvc - ok
13:56:45.0064 0x0288 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
13:56:45.0110 0x0288 p2psvc - ok
13:56:45.0188 0x0288 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
13:56:45.0204 0x0288 Parport - ok
13:56:45.0266 0x0288 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:56:45.0266 0x0288 partmgr - ok
13:56:45.0344 0x0288 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:56:45.0344 0x0288 Parvdm - ok
13:56:45.0438 0x0288 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
13:56:45.0438 0x0288 PcaSvc - ok
13:56:45.0516 0x0288 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
13:56:45.0516 0x0288 pci - ok
13:56:45.0563 0x0288 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
13:56:45.0563 0x0288 pciide - ok
13:56:45.0578 0x0288 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:56:45.0594 0x0288 pcmcia - ok
13:56:45.0719 0x0288 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:56:45.0812 0x0288 PEAUTH - ok
13:56:46.0000 0x0288 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
13:56:46.0093 0x0288 pla - ok
13:56:46.0140 0x0288 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:56:46.0156 0x0288 PlugPlay - ok
13:56:46.0249 0x0288 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:56:46.0280 0x0288 PNRPAutoReg - ok
13:56:46.0374 0x0288 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:56:46.0405 0x0288 PNRPsvc - ok
13:56:46.0499 0x0288 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:56:46.0561 0x0288 PolicyAgent - ok
13:56:46.0608 0x0288 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:56:46.0608 0x0288 PptpMiniport - ok
13:56:46.0670 0x0288 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
13:56:46.0670 0x0288 Processor - ok
13:56:46.0748 0x0288 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
13:56:46.0748 0x0288 ProfSvc - ok
13:56:46.0811 0x0288 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
13:56:46.0811 0x0288 ProtectedStorage - ok
13:56:46.0889 0x0288 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:56:46.0889 0x0288 PSched - ok
13:56:46.0998 0x0288 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:56:47.0045 0x0288 ql2300 - ok
13:56:47.0076 0x0288 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:56:47.0092 0x0288 ql40xx - ok
13:56:47.0138 0x0288 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
13:56:47.0154 0x0288 QWAVE - ok
13:56:47.0232 0x0288 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:56:47.0232 0x0288 QWAVEdrv - ok
13:56:47.0248 0x0288 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:56:47.0248 0x0288 RasAcd - ok
13:56:47.0279 0x0288 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
13:56:47.0279 0x0288 RasAuto - ok
13:56:47.0357 0x0288 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:56:47.0357 0x0288 Rasl2tp - ok
13:56:47.0450 0x0288 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
13:56:47.0466 0x0288 RasMan - ok
13:56:47.0528 0x0288 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:56:47.0528 0x0288 RasPppoe - ok
13:56:47.0560 0x0288 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:56:47.0560 0x0288 RasSstp - ok
13:56:47.0591 0x0288 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:56:47.0591 0x0288 rdbss - ok
13:56:47.0653 0x0288 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:56:47.0669 0x0288 RDPCDD - ok
13:56:47.0747 0x0288 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:56:47.0747 0x0288 rdpdr - ok
13:56:47.0762 0x0288 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:56:47.0762 0x0288 RDPENCDD - ok
13:56:47.0809 0x0288 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:56:47.0809 0x0288 RDPWD - ok
13:56:47.0903 0x0288 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
13:56:47.0903 0x0288 RemoteAccess - ok
13:56:47.0965 0x0288 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:56:47.0981 0x0288 RemoteRegistry - ok
13:56:48.0043 0x0288 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
13:56:48.0043 0x0288 RpcLocator - ok
13:56:48.0074 0x0288 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
13:56:48.0090 0x0288 RpcSs - ok
13:56:48.0152 0x0288 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:56:48.0152 0x0288 rspndr - ok
13:56:48.0215 0x0288 [ 9B09F336DE36A7A6CA871DE8A7847B65, 1F99D1F3298F0C66E93287E269EAB001140A9F2A6E867E11B30F21B04B720AB9 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
13:56:48.0215 0x0288 RTSTOR - ok
13:56:48.0277 0x0288 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
13:56:48.0277 0x0288 SamSs - ok
13:56:48.0324 0x0288 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:56:48.0324 0x0288 sbp2port - ok
13:56:48.0418 0x0288 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:56:48.0433 0x0288 SCardSvr - ok
13:56:48.0527 0x0288 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
13:56:48.0605 0x0288 Schedule - ok
13:56:48.0620 0x0288 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
13:56:48.0620 0x0288 SCPolicySvc - ok
13:56:48.0667 0x0288 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:56:48.0683 0x0288 SDRSVC - ok
13:56:48.0948 0x0288 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
13:56:49.0057 0x0288 SDScannerService - ok
13:56:49.0166 0x0288 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:56:49.0244 0x0288 SDUpdateService - ok
13:56:49.0291 0x0288 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:56:49.0307 0x0288 SDWSCService - ok
13:56:49.0369 0x0288 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:56:49.0369 0x0288 secdrv - ok
13:56:49.0400 0x0288 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
13:56:49.0400 0x0288 seclogon - ok
13:56:49.0463 0x0288 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
13:56:49.0494 0x0288 SENS - ok
13:56:49.0525 0x0288 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:56:49.0525 0x0288 Serenum - ok
13:56:49.0588 0x0288 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
13:56:49.0588 0x0288 Serial - ok
13:56:49.0603 0x0288 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:56:49.0619 0x0288 sermouse - ok
13:56:49.0650 0x0288 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
13:56:49.0650 0x0288 SessionEnv - ok
13:56:49.0712 0x0288 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:56:49.0712 0x0288 sffdisk - ok
13:56:49.0775 0x0288 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:56:49.0775 0x0288 sffp_mmc - ok
13:56:49.0790 0x0288 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:56:49.0790 0x0288 sffp_sd - ok
13:56:49.0837 0x0288 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:56:49.0837 0x0288 sfloppy - ok
13:56:49.0931 0x0288 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:56:49.0946 0x0288 SharedAccess - ok
13:56:50.0024 0x0288 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:56:50.0040 0x0288 ShellHWDetection - ok
13:56:50.0102 0x0288 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:56:50.0102 0x0288 sisagp - ok
13:56:50.0165 0x0288 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:56:50.0165 0x0288 SiSRaid2 - ok
13:56:50.0227 0x0288 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:56:50.0227 0x0288 SiSRaid4 - ok
13:56:50.0477 0x0288 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
13:56:50.0664 0x0288 slsvc - ok
13:56:50.0742 0x0288 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:56:50.0742 0x0288 SLUINotify - ok
13:56:50.0820 0x0288 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:56:50.0836 0x0288 Smb - ok
13:56:50.0898 0x0288 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:56:50.0898 0x0288 SNMPTRAP - ok
13:56:50.0976 0x0288 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
13:56:50.0976 0x0288 spldr - ok
13:56:51.0054 0x0288 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
13:56:51.0070 0x0288 Spooler - ok
13:56:51.0132 0x0288 sprtsvc_dellsupportcenter - ok
13:56:51.0179 0x0288 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
13:56:51.0194 0x0288 srv - ok
13:56:51.0226 0x0288 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:56:51.0241 0x0288 srv2 - ok
13:56:51.0257 0x0288 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:56:51.0272 0x0288 srvnet - ok
13:56:51.0288 0x0288 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:56:51.0304 0x0288 SSDPSRV - ok
13:56:51.0397 0x0288 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:56:51.0397 0x0288 SstpSvc - ok
13:56:51.0506 0x0288 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
13:56:51.0584 0x0288 stisvc - ok
13:56:51.0631 0x0288 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:56:51.0631 0x0288 swenum - ok
13:56:51.0678 0x0288 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
13:56:51.0694 0x0288 swprv - ok
13:56:51.0725 0x0288 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:56:51.0725 0x0288 Symc8xx - ok
13:56:51.0772 0x0288 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:56:51.0772 0x0288 Sym_hi - ok
13:56:51.0850 0x0288 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:56:51.0850 0x0288 Sym_u3 - ok
13:56:51.0943 0x0288 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
13:56:52.0021 0x0288 SysMain - ok
13:56:52.0052 0x0288 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:56:52.0052 0x0288 TabletInputService - ok
13:56:52.0099 0x0288 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:56:52.0115 0x0288 TapiSrv - ok
13:56:52.0177 0x0288 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
13:56:52.0177 0x0288 TBS - ok
13:56:52.0255 0x0288 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:56:52.0286 0x0288 Tcpip - ok
13:56:52.0349 0x0288 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:56:52.0380 0x0288 Tcpip6 - ok
13:56:52.0427 0x0288 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:56:52.0442 0x0288 tcpipreg - ok
13:56:52.0474 0x0288 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:56:52.0474 0x0288 TDPIPE - ok
13:56:52.0520 0x0288 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:56:52.0520 0x0288 TDTCP - ok
13:56:52.0614 0x0288 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:56:52.0614 0x0288 tdx - ok
13:56:52.0692 0x0288 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:56:52.0692 0x0288 TermDD - ok
13:56:52.0770 0x0288 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
13:56:52.0801 0x0288 TermService - ok
13:56:52.0817 0x0288 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
13:56:52.0832 0x0288 Themes - ok
13:56:52.0848 0x0288 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
13:56:52.0848 0x0288 THREADORDER - ok
13:56:52.0879 0x0288 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
13:56:52.0895 0x0288 TrkWks - ok
13:56:52.0957 0x0288 [ F2AEE22231046CAD8D2F94D2C0F9BEFB, 6D4068DD104EB80BA87C142276FA25F71336000ECD2679EE985C0436C162C1B0 ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
13:56:52.0973 0x0288 Trufos - ok
13:56:53.0035 0x0288 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:56:53.0035 0x0288 TrustedInstaller - ok
13:56:53.0129 0x0288 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:56:53.0129 0x0288 tssecsrv - ok
13:56:53.0207 0x0288 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:56:53.0222 0x0288 tunmp - ok
13:56:53.0254 0x0288 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:56:53.0254 0x0288 tunnel - ok
13:56:53.0285 0x0288 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:56:53.0285 0x0288 uagp35 - ok
13:56:53.0378 0x0288 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:56:53.0378 0x0288 udfs - ok
13:56:53.0456 0x0288 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:56:53.0456 0x0288 UI0Detect - ok
13:56:53.0519 0x0288 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:56:53.0519 0x0288 uliagpkx - ok
13:56:53.0612 0x0288 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:56:53.0612 0x0288 uliahci - ok
13:56:53.0644 0x0288 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:56:53.0659 0x0288 UlSata - ok
13:56:53.0737 0x0288 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:56:53.0737 0x0288 ulsata2 - ok
13:56:53.0800 0x0288 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:56:53.0800 0x0288 umbus - ok
13:56:53.0893 0x0288 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
13:56:53.0909 0x0288 upnphost - ok
13:56:53.0987 0x0288 [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:56:53.0987 0x0288 usbccgp - ok
13:56:54.0049 0x0288 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:56:54.0049 0x0288 usbcir - ok
13:56:54.0143 0x0288 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:56:54.0143 0x0288 usbehci - ok
13:56:54.0205 0x0288 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:56:54.0205 0x0288 usbhub - ok
13:56:54.0252 0x0288 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:56:54.0252 0x0288 usbohci - ok
13:56:54.0283 0x0288 [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:56:54.0283 0x0288 usbprint - ok
13:56:54.0314 0x0288 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:56:54.0314 0x0288 USBSTOR - ok
13:56:54.0330 0x0288 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:56:54.0330 0x0288 usbuhci - ok
13:56:54.0377 0x0288 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
13:56:54.0377 0x0288 UxSms - ok
13:56:54.0424 0x0288 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
13:56:54.0486 0x0288 vds - ok
13:56:54.0517 0x0288 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:56:54.0517 0x0288 vga - ok
13:56:54.0533 0x0288 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:56:54.0533 0x0288 VgaSave - ok
13:56:54.0580 0x0288 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:56:54.0595 0x0288 viaagp - ok
13:56:54.0626 0x0288 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:56:54.0626 0x0288 ViaC7 - ok
13:56:54.0658 0x0288 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
13:56:54.0673 0x0288 viaide - ok
13:56:54.0689 0x0288 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:56:54.0704 0x0288 volmgr - ok
13:56:54.0736 0x0288 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:56:54.0767 0x0288 volmgrx - ok
13:56:54.0798 0x0288 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:56:54.0814 0x0288 volsnap - ok
13:56:54.0860 0x0288 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:56:54.0860 0x0288 vsmraid - ok
13:56:54.0970 0x0288 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
13:56:55.0079 0x0288 VSS - ok
13:56:55.0110 0x0288 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
13:56:55.0126 0x0288 W32Time - ok
13:56:55.0172 0x0288 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:56:55.0172 0x0288 WacomPen - ok
13:56:55.0188 0x0288 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:56:55.0188 0x0288 Wanarp - ok
13:56:55.0204 0x0288 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:56:55.0204 0x0288 Wanarpv6 - ok
13:56:55.0297 0x0288 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:56:55.0375 0x0288 wcncsvc - ok
13:56:55.0422 0x0288 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:56:55.0422 0x0288 WcsPlugInService - ok
13:56:55.0438 0x0288 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
13:56:55.0438 0x0288 Wd - ok
13:56:55.0484 0x0288 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:56:55.0516 0x0288 Wdf01000 - ok
13:56:55.0547 0x0288 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:56:55.0547 0x0288 WdiServiceHost - ok
13:56:55.0562 0x0288 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:56:55.0562 0x0288 WdiSystemHost - ok
13:56:55.0640 0x0288 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
13:56:55.0656 0x0288 WebClient - ok
13:56:55.0750 0x0288 Websteroids - ok
13:56:55.0796 0x0288 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:56:55.0828 0x0288 Wecsvc - ok
13:56:55.0890 0x0288 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:56:55.0890 0x0288 wercplsupport - ok
13:56:55.0952 0x0288 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
13:56:55.0968 0x0288 WerSvc - ok
13:56:55.0984 0x0288 WinHttpAutoProxySvc - ok
13:56:56.0062 0x0288 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:56:56.0077 0x0288 Winmgmt - ok
13:56:56.0186 0x0288 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
13:56:56.0233 0x0288 WinRM - ok
13:56:56.0311 0x0288 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:56:56.0342 0x0288 Wlansvc - ok
13:56:56.0358 0x0288 wltrysvc - ok
13:56:56.0389 0x0288 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:56:56.0389 0x0288 WmiAcpi - ok
13:56:56.0452 0x0288 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:56:56.0467 0x0288 wmiApSrv - ok
13:56:56.0623 0x0288 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:56:56.0670 0x0288 WMPNetworkSvc - ok
13:56:56.0717 0x0288 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:56:56.0732 0x0288 WPCSvc - ok
13:56:56.0810 0x0288 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:56:56.0810 0x0288 WPDBusEnum - ok
13:56:56.0888 0x0288 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:56:56.0888 0x0288 WpdUsb - ok
13:56:57.0029 0x0288 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:56:57.0122 0x0288 WPFFontCache_v0400 - ok
13:56:57.0138 0x0288 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:56:57.0138 0x0288 ws2ifsl - ok
13:56:57.0185 0x0288 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
13:56:57.0185 0x0288 wscsvc - ok
13:56:57.0200 0x0288 WSearch - ok
13:56:57.0356 0x0288 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
13:56:57.0434 0x0288 wuauserv - ok
13:56:57.0528 0x0288 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:56:57.0528 0x0288 WudfPf - ok
13:56:57.0575 0x0288 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:56:57.0590 0x0288 WUDFRd - ok
13:56:57.0653 0x0288 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:56:57.0668 0x0288 wudfsvc - ok
13:56:57.0731 0x0288 yksvc - ok
13:56:57.0809 0x0288 [ 1A51DF1A5C658D534ED980D18F7982DE, ACC33646033D43B8FBCAA1C03CC8307B89FEE40ACFE4630D2A226CFB56B9D992 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
13:56:57.0824 0x0288 yukonwlh - ok
13:56:57.0840 0x0288 ================ Scan global ===============================
13:56:57.0871 0x0288 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
13:56:57.0918 0x0288 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:56:57.0965 0x0288 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
13:56:58.0012 0x0288 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
13:56:58.0090 0x0288 [ Global ] - ok
13:56:58.0090 0x0288 ================ Scan MBR ==================================
13:56:58.0152 0x0288 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:56:59.0322 0x0288 \Device\Harddisk0\DR0 - ok
13:56:59.0338 0x0288 [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
13:56:59.0494 0x0288 \Device\Harddisk1\DR1 - ok
13:56:59.0509 0x0288 ================ Scan VBR ==================================
13:56:59.0540 0x0288 [ 2FE44946F159A4AEF2212D1D8C92385D ] \Device\Harddisk0\DR0\Partition1
13:56:59.0587 0x0288 \Device\Harddisk0\DR0\Partition1 - ok
13:56:59.0603 0x0288 [ 1996C6A9818AAA78E4A51BF862515C78 ] \Device\Harddisk1\DR1\Partition1
13:56:59.0603 0x0288 \Device\Harddisk1\DR1\Partition1 - ok
13:56:59.0603 0x0288 ================ Scan generic autorun ======================
13:56:59.0930 0x0288 [ 4B36C7D9710C60EA7725685753BBFA5C, 818AECC62445090CC336E06736B9B803CB96CFDB2E680F1AA1ED1CD25911D7EC ] C:\Windows\system32\WLTRAY.exe
13:57:00.0118 0x0288 Broadcom Wireless Manager UI - ok
13:57:00.0211 0x0288 [ 43E3F9C0F3BC940F2D6DA1A72B177E42, DA910F256A762045136DD271B399620EBD45B72D316788E83A37BEA600D186E1 ] C:\Windows\system32\igfxtray.exe
13:57:00.0227 0x0288 IgfxTray - ok
13:57:00.0305 0x0288 [ 2413EC683C216B8A96E1BBC9CD1E01A2, ECD770B15F2F55A72DECA4DAA398EC881CD572B71FB6CA625F45EECD09A7421B ] C:\Windows\system32\hkcmd.exe
13:57:00.0320 0x0288 HotKeysCmds - ok
13:57:00.0383 0x0288 [ 953E9E1A9A2D0E862BB75FBFDEDB58F4, 79ACD5F8B444AA1C0C627253859E4D569C2A7980EB5FA81634339A5903777171 ] C:\Windows\system32\igfxpers.exe
13:57:00.0383 0x0288 Persistence - ok
13:57:00.0476 0x0288 [ 186C9D39541CC0DFFCC454F79AA0B0BF, 71D333B9037362650E5E4DBF4EFA3CFD49034C53F27C7FFDE8DE6149ADB6471D ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
13:57:00.0476 0x0288 PDVDDXSrv - ok
13:57:00.0601 0x0288 [ 00D1FB0073B4A8BD2989EA8FF4CC792B, 001A26FF51BF6BABF6325983F512CF8D84CADEE1CA36F166A41702D94C1B0841 ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
13:57:00.0617 0x0288 DellSupportCenter - ok
13:57:00.0851 0x0288 [ F21E12716F97300532E6CD9EB7CEC280, 958B27E49E23AF3538A9B4442C28C630A40300D76FE3411634E388DE40435259 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
13:57:00.0960 0x0288 QuickSet - ok
13:57:01.0085 0x0288 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:57:01.0132 0x0288 Sidebar - ok
13:57:01.0147 0x0288 WindowsWelcomeCenter - ok
13:57:01.0210 0x0288 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:57:01.0272 0x0288 Sidebar - ok
13:57:01.0288 0x0288 WindowsWelcomeCenter - ok
13:57:01.0334 0x0288 [ 00D1FB0073B4A8BD2989EA8FF4CC792B, 001A26FF51BF6BABF6325983F512CF8D84CADEE1CA36F166A41702D94C1B0841 ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
13:57:01.0350 0x0288 DellSupportCenter - ok
13:57:01.0366 0x0288 Skype - ok
13:57:01.0522 0x0288 [ 10FA625F8AD264545358A2575190A6DD, E16340234FEFE27D9EEB31D239D1288A0A6C80F4B91B7E82566B0BBEC0FAFF3D ] C:\Program Files\Garmin\Express Tray\ExpressTray.exe
13:57:01.0662 0x0288 GarminExpressTrayApp - ok
13:57:01.0927 0x0288 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
13:57:02.0114 0x0288 Spybot-S&D Cleaning - ok
13:57:02.0130 0x0288 Waiting for KSN requests completion. In queue: 323
13:57:03.0144 0x0288 Waiting for KSN requests completion. In queue: 8
13:57:04.0158 0x0288 Waiting for KSN requests completion. In queue: 8
13:57:05.0406 0x0288 AV detected via SS2: BullGuard Antivirus, c:\program files\bullguard ltd\bullguard\BullGuard.exe ( 14.1.0.0 ), 0x41000 ( enabled : updated )
13:57:05.0406 0x0288 FW detected via SS2: BullGuard Firewall, c:\program files\bullguard ltd\bullguard\BullGuard.exe ( 14.1.0.0 ), 0x40010 ( disabled )
13:57:05.0453 0x0288 Win FW state via NFP2: enabled
13:57:07.0871 0x0288 ============================================================
13:57:07.0871 0x0288 Scan finished
13:57:07.0871 0x0288 ============================================================
13:57:07.0871 0x05fc Detected object count: 0
13:57:07.0871 0x05fc Actual detected object count: 0
13:58:00.0131 0x0448 Deinitialize success

15:04:46.0904 0x17e0 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
15:04:56.0623 0x17e0 ============================================================
15:04:56.0623 0x17e0 Current date / time: 2014/11/12 15:04:56.0623
15:04:56.0623 0x17e0 SystemInfo:
15:04:56.0623 0x17e0
15:04:56.0623 0x17e0 OS Version: 6.0.6002 ServicePack: 2.0
15:04:56.0623 0x17e0 Product type: Workstation
15:04:56.0623 0x17e0 ComputerName: LUCIOMAGS-PC
15:04:56.0623 0x17e0 UserName: LucioMags
15:04:56.0623 0x17e0 Windows directory: C:\Windows
15:04:56.0623 0x17e0 System windows directory: C:\Windows
15:04:56.0623 0x17e0 Processor architecture: Intel x86
15:04:56.0623 0x17e0 Number of processors: 1
15:04:56.0623 0x17e0 Page size: 0x1000
15:04:56.0623 0x17e0 Boot type: Normal boot
15:04:56.0623 0x17e0 ============================================================
15:05:04.0516 0x17e0 KLMD registered as C:\Windows\system32\drivers\63805772.sys
15:05:05.0733 0x17e0 System UUID: {2F9AFD6A-B675-5C49-57AE-C2557F554E85}
15:05:09.0758 0x17e0 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:05:09.0945 0x17e0 Drive \Device\Harddisk1\DR2 - Size: 0x3BD800000 ( 14.96 Gb ), SectorSize: 0x200, Cylinders: 0x7A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:05:09.0945 0x17e0 ============================================================
15:05:09.0945 0x17e0 \Device\Harddisk0\DR0:
15:05:09.0992 0x17e0 MBR partitions:
15:05:09.0992 0x17e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x12A05000
15:05:09.0992 0x17e0 \Device\Harddisk1\DR2:
15:05:09.0992 0x17e0 MBR partitions:
15:05:09.0992 0x17e0 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DEBFE0
15:05:09.0992 0x17e0 ============================================================
15:05:10.0070 0x17e0 C: <-> \Device\Harddisk0\DR0\Partition1
15:05:10.0070 0x17e0 ============================================================
15:05:10.0070 0x17e0 Initialize success
15:05:10.0070 0x17e0 ============================================================
15:05:31.0486 0x11cc ============================================================
15:05:31.0486 0x11cc Scan started
15:05:31.0486 0x11cc Mode: Manual; TDLFS;
15:05:31.0486 0x11cc ============================================================
15:05:31.0486 0x11cc KSN ping started
15:05:58.0221 0x11cc KSN ping finished: true
15:06:08.0611 0x11cc ================ Scan system memory ========================
15:06:08.0611 0x11cc System memory - ok
15:06:08.0611 0x11cc ================ Scan services =============================
15:06:09.0328 0x11cc [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:06:09.0360 0x11cc ACPI - ok
15:06:09.0828 0x11cc [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:06:10.0155 0x11cc AdobeARMservice - ok
15:06:10.0467 0x11cc [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:06:10.0467 0x11cc AdobeFlashPlayerUpdateSvc - ok
15:06:10.0514 0x11cc [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:06:10.0873 0x11cc adp94xx - ok
15:06:11.0263 0x11cc [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:06:11.0949 0x11cc adpahci - ok
15:06:12.0604 0x11cc [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:06:13.0010 0x11cc adpu160m - ok
15:06:13.0135 0x11cc [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:06:13.0291 0x11cc adpu320 - ok
15:06:13.0603 0x11cc [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:06:13.0634 0x11cc AeLookupSvc - ok
15:06:13.0806 0x11cc [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
15:06:14.0133 0x11cc AFD - ok
15:06:14.0211 0x11cc [ 68DD1D7A0783D184054184AEED5A779B, 873E72777FF27D95D94C186604936751B461E3046A4061872FEFBAFAC957F0C8 ] AFW C:\Windows\system32\DRIVERS\afw.sys
15:06:14.0352 0x11cc AFW - ok
15:06:14.0476 0x11cc [ 851D40AD98DCB7FF408CDB61983C4C3A, 5D1D0FF1BCB76E7690EB445538C8E9829B320767DB45B269AB390541D5C9AD20 ] afwcore C:\Windows\system32\DRIVERS\afwcore.sys
15:06:14.0898 0x11cc afwcore - ok
15:06:15.0100 0x11cc [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:06:15.0225 0x11cc agp440 - ok
15:06:15.0303 0x11cc [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:06:15.0615 0x11cc aic78xx - ok
15:06:15.0662 0x11cc [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
15:06:15.0709 0x11cc ALG - ok
15:06:15.0740 0x11cc [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
15:06:15.0834 0x11cc aliide - ok
15:06:15.0943 0x11cc [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:06:16.0068 0x11cc amdagp - ok
15:06:16.0114 0x11cc [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
15:06:16.0177 0x11cc amdide - ok
15:06:16.0302 0x11cc [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:06:16.0426 0x11cc AmdK7 - ok
15:06:16.0473 0x11cc [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:06:16.0504 0x11cc AmdK8 - ok
15:06:16.0660 0x11cc [ 448DA519F3B6FFA158C513156053181E, AA37D1F9CAE0D92A381F2F95E980C5ABD688DB115DD79F9B3DBBCCF9715BEF7A ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:06:17.0160 0x11cc ApfiltrService - ok
15:06:17.0331 0x11cc [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
15:06:17.0394 0x11cc Appinfo - ok
15:06:17.0518 0x11cc [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
15:06:17.0643 0x11cc arc - ok
15:06:17.0752 0x11cc [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:06:17.0846 0x11cc arcsas - ok
15:06:19.0702 0x11cc [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:06:20.0654 0x11cc aspnet_state - ok
15:06:21.0793 0x11cc [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:06:21.0855 0x11cc AsyncMac - ok
15:06:21.0964 0x11cc [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
15:06:21.0996 0x11cc atapi - ok
15:06:22.0167 0x11cc [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:06:22.0276 0x11cc AudioEndpointBuilder - ok
15:06:22.0401 0x11cc [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:06:22.0401 0x11cc Audiosrv - ok
15:06:22.0573 0x11cc [ 423C7B87E886AC93D22936EA82665F83, 98B807D855A746E68525AEEBB6D45AF418861C2111D7F8493A8A6FB59F6C6F8E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
15:06:22.0588 0x11cc BCM42RLY - ok
15:06:23.0290 0x11cc [ B56999BE8F22BA3071E4CEAFA9E82E26, 9130E93495738A16DA83DDBC077C153D1E24FACD203DABF299DBEE45DD326A64 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
15:06:24.0351 0x11cc BCM43XX - ok
15:06:24.0523 0x11cc [ 809F903D456C24142ACDD90ACB7EF6E8, 973C386D5EF3417424A17038F67AEE719D9AC83D43D17A2FE564AE9CB923C4DB ] BdAgent C:\Windows\system32\DRIVERS\BdAgent.sys
15:06:24.0757 0x11cc BdAgent - ok
15:06:24.0866 0x11cc [ 4952053742AE6305F6E4E165A7FAA10D, 5B34495086D1EC5558AC29718DB366C4FA8C6AFC39BB623832222A5B099F2945 ] BdSpy C:\Windows\system32\drivers\BdSpy.sys
15:06:25.0116 0x11cc BdSpy - ok
15:06:25.0272 0x11cc [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
15:06:25.0287 0x11cc Beep - ok
15:06:25.0646 0x11cc [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
15:06:25.0896 0x11cc BFE - ok
15:06:26.0270 0x11cc [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
15:06:31.0995 0x11cc BITS - ok
15:06:32.0151 0x11cc [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:06:32.0385 0x11cc blbdrive - ok
15:06:32.0494 0x11cc [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:06:32.0588 0x11cc bowser - ok
15:06:32.0682 0x11cc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:06:32.0900 0x11cc BrFiltLo - ok
15:06:32.0947 0x11cc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:06:32.0994 0x11cc BrFiltUp - ok
15:06:33.0056 0x11cc [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
15:06:33.0103 0x11cc Browser - ok
15:06:33.0274 0x11cc [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:06:33.0540 0x11cc Brserid - ok
15:06:33.0602 0x11cc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:06:33.0774 0x11cc BrSerWdm - ok
15:06:34.0039 0x11cc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:06:34.0195 0x11cc BrUsbMdm - ok
15:06:34.0335 0x11cc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:06:34.0366 0x11cc BrUsbSer - ok
15:06:35.0068 0x11cc [ 3F92F8AAAA90AF4161679CC95532D926, 91D72C05F8320F4E4753C6C8202E075835E6D4E6092B7554EADFF710962248A6 ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
15:06:35.0755 0x11cc BsBackup - ok
15:06:36.0129 0x11cc [ 690CA0F920F2B6E60FBFA9F3313468B4, 74BA6BB61D18B9F0707C30EC9C15AE0150DB8B6E5F4E09F446C26AE3223B8EFB ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
15:06:37.0096 0x11cc BsBhvScan - ok
15:06:37.0299 0x11cc [ 500D2B085E524D4D7314EC566B997489, 1F12571102B9B51B1150298C48BAD9F6E52E06EAB09CF7DD7CB486BB6D6F8DCE ] BsCache C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll
15:06:37.0408 0x11cc BsCache - ok
15:06:37.0689 0x11cc [ B2A9727FDC1531CCAF03946D3C8C7D23, 123E750A40863181DFD2B39351E5F83F0B2961BDB1FA29F7859349AAC21C102D ] BsFileScan c:\program files\bullguard ltd\bullguard\BsFileScan.dll
15:06:38.0142 0x11cc BsFileScan - ok
15:06:38.0391 0x11cc [ 91B2208897608A2B14C329B2331C7513, 7F05B2E73685B3240C6940C63F821E31E3D3771FF3A63F02ACE9298F8C2863A6 ] BsFire c:\program files\bullguard ltd\bullguard\BsFire.dll
15:06:39.0780 0x11cc BsFire - ok
15:06:40.0201 0x11cc [ 76DFABB1236F9A1426F9C9918F48C162, 9E717335D8CAFE9CB282696A348B8271D3CAEFF095F3899290149309D7435818 ] BsMailProxy c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll
15:06:45.0177 0x11cc BsMailProxy - ok
15:06:45.0411 0x11cc [ 1D079A31BD8DBA3043EB2726BCD7C121, FA2ED1A5226296DBF483FEC82F87B1ED2880CBF478FDABE6220A37F12770131F ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
15:06:45.0474 0x11cc BsMain - ok
15:06:45.0536 0x11cc [ D066028A676451061249492F23348011, 1EE83BD3AEC35E6D0BFD9756877C5B5F5362C8DC3CD20981C953E7C1FA3DF8E7 ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
15:06:45.0552 0x11cc BsScanner - ok
15:06:45.0864 0x11cc [ B5D0156C54A8391388DE772610EB4DC0, 9352B04674D0122F610FCD0596D2499E714F5428B03C1A8A4B73424CB2AA5746 ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
15:06:46.0066 0x11cc BsUpdate - ok
15:06:46.0129 0x11cc [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:06:46.0144 0x11cc BTHMODEM - ok
15:06:46.0222 0x11cc [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:06:46.0269 0x11cc cdfs - ok
15:06:46.0316 0x11cc [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:06:46.0332 0x11cc cdrom - ok
15:06:46.0410 0x11cc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
15:06:46.0425 0x11cc CertPropSvc - ok
15:06:46.0456 0x11cc [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
15:06:46.0472 0x11cc circlass - ok
15:06:46.0706 0x11cc [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
15:06:46.0722 0x11cc CLFS - ok
15:06:47.0143 0x11cc [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:06:47.0580 0x11cc clr_optimization_v2.0.50727_32 - ok
15:06:47.0876 0x11cc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:06:48.0703 0x11cc clr_optimization_v4.0.30319_32 - ok
15:06:48.0937 0x11cc [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:06:48.0984 0x11cc CmBatt - ok
15:06:49.0046 0x11cc [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:06:49.0124 0x11cc cmdide - ok
15:06:49.0186 0x11cc [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:06:49.0249 0x11cc Compbatt - ok
15:06:49.0280 0x11cc COMSysApp - ok
15:06:49.0467 0x11cc [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:06:49.0483 0x11cc crcdisk - ok
15:06:49.0530 0x11cc [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:06:49.0576 0x11cc Crusoe - ok
15:06:49.0670 0x11cc [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:06:49.0670 0x11cc CryptSvc - ok
15:06:49.0717 0x11cc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:06:49.0795 0x11cc DcomLaunch - ok
15:06:49.0873 0x11cc [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:06:49.0951 0x11cc DfsC - ok
15:06:50.0481 0x11cc [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
15:06:50.0590 0x11cc DFSR - ok
15:06:50.0934 0x11cc [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:06:51.0012 0x11cc Dhcp - ok
15:06:51.0121 0x11cc [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
15:06:51.0324 0x11cc disk - ok
15:06:51.0417 0x11cc [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:06:51.0464 0x11cc Dnscache - ok
15:06:51.0558 0x11cc [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
15:06:51.0558 0x11cc dot3svc - ok
15:06:51.0667 0x11cc [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
15:06:51.0682 0x11cc DPS - ok
15:06:51.0792 0x11cc [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:06:51.0854 0x11cc drmkaud - ok
15:06:51.0948 0x11cc [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:06:51.0979 0x11cc DXGKrnl - ok
15:06:52.0010 0x11cc [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:06:52.0088 0x11cc E1G60 - ok
15:06:52.0166 0x11cc [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
15:06:52.0182 0x11cc EapHost - ok
15:06:52.0275 0x11cc [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
15:06:52.0306 0x11cc Ecache - ok
15:06:52.0431 0x11cc [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:06:52.0540 0x11cc elxstor - ok
15:06:52.0946 0x11cc [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:06:53.0164 0x11cc EMDMgmt - ok
15:06:53.0258 0x11cc [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:06:53.0352 0x11cc ErrDev - ok
15:06:53.0430 0x11cc [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
15:06:53.0445 0x11cc EventSystem - ok
15:06:53.0695 0x11cc [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
15:06:53.0835 0x11cc exfat - ok
15:06:53.0882 0x11cc [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:06:53.0929 0x11cc fastfat - ok
15:06:54.0100 0x11cc [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:06:54.0178 0x11cc fdc - ok
15:06:54.0210 0x11cc [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
15:06:54.0225 0x11cc fdPHost - ok
15:06:54.0225 0x11cc [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
15:06:54.0241 0x11cc FDResPub - ok
15:06:54.0256 0x11cc [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:06:54.0256 0x11cc FileInfo - ok
15:06:54.0272 0x11cc [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:06:54.0334 0x11cc Filetrace - ok
15:06:54.0381 0x11cc [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:06:54.0397 0x11cc flpydisk - ok
15:06:54.0522 0x11cc [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:06:54.0584 0x11cc FltMgr - ok
15:06:55.0130 0x11cc [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
15:06:55.0161 0x11cc FontCache - ok
15:06:55.0270 0x11cc [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:06:55.0364 0x11cc FontCache3.0.0.0 - ok
15:06:55.0411 0x11cc [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:06:55.0473 0x11cc Fs_Rec - ok
15:06:55.0536 0x11cc [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:06:55.0582 0x11cc gagp30kx - ok
15:06:55.0832 0x11cc [ F84E17EEFC2EC0614265D2B204FEEE55, 59B7DE977A7E7B8B516706A4C1D6F2FA9F7894C527142B6579498C1724B5A3CF ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
15:06:55.0941 0x11cc Garmin Core Update Service - ok
15:06:56.0113 0x11cc [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
15:06:56.0908 0x11cc gpsvc - ok
15:06:57.0189 0x11cc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:06:57.0532 0x11cc gupdate - ok
15:06:57.0564 0x11cc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:06:57.0564 0x11cc gupdatem - ok
15:06:57.0751 0x11cc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:06:58.0125 0x11cc gusvc - ok
15:06:58.0250 0x11cc [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:06:58.0359 0x11cc HdAudAddService - ok
15:06:58.0437 0x11cc [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:06:58.0468 0x11cc HDAudBus - ok
15:06:58.0500 0x11cc [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:06:58.0531 0x11cc HidBth - ok
15:06:58.0609 0x11cc [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
15:06:58.0640 0x11cc HidIr - ok
15:06:58.0687 0x11cc [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
15:06:58.0687 0x11cc hidserv - ok
15:06:58.0718 0x11cc [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:06:58.0734 0x11cc HidUsb - ok
15:06:58.0765 0x11cc [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
15:06:58.0796 0x11cc hkmsvc - ok
15:06:58.0968 0x11cc [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:07:00.0543 0x11cc HpCISSs - ok
15:07:00.0855 0x11cc [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:07:01.0620 0x11cc HTTP - ok
15:07:01.0651 0x11cc hwdatacard - ok
15:07:01.0666 0x11cc hwusbfake - ok
15:07:01.0791 0x11cc [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:07:02.0212 0x11cc i2omp - ok
15:07:02.0400 0x11cc [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:07:02.0462 0x11cc i8042prt - ok
15:07:02.0493 0x11cc [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:07:02.0571 0x11cc iaStorV - ok
15:07:03.0055 0x11cc [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:07:03.0242 0x11cc idsvc - ok
15:07:03.0679 0x11cc [ 8DAD27DD28A4274866767C89C0BF154F, E2E285DE595E2DC0E3A38AD79AF2605759B211BA06AE2904A3F0062F7F5ACB5E ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:07:04.0506 0x11cc igfx - ok
15:07:04.0599 0x11cc [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:07:04.0708 0x11cc iirsp - ok
15:07:04.0786 0x11cc [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
15:07:04.0927 0x11cc IKEEXT - ok
15:07:05.0145 0x11cc [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
15:07:05.0332 0x11cc intelide - ok
15:07:05.0426 0x11cc [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:07:05.0442 0x11cc intelppm - ok
15:07:05.0520 0x11cc [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:07:05.0520 0x11cc IPBusEnum - ok
15:07:05.0551 0x11cc [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:05.0566 0x11cc IpFilterDriver - ok
15:07:05.0629 0x11cc [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:07:05.0676 0x11cc iphlpsvc - ok
15:07:05.0691 0x11cc IpInIp - ok
15:07:05.0722 0x11cc [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:07:05.0738 0x11cc IPMIDRV - ok
15:07:05.0769 0x11cc [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:07:05.0785 0x11cc IPNAT - ok
15:07:05.0832 0x11cc [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:07:05.0832 0x11cc IRENUM - ok
15:07:05.0956 0x11cc [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:07:06.0128 0x11cc isapnp - ok
15:07:06.0300 0x11cc [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:07:06.0456 0x11cc iScsiPrt - ok
15:07:06.0596 0x11cc [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:07:06.0643 0x11cc iteatapi - ok
15:07:06.0674 0x11cc [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:07:06.0814 0x11cc iteraid - ok
15:07:06.0939 0x11cc [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:07:07.0048 0x11cc kbdclass - ok
15:07:07.0204 0x11cc [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:07:07.0251 0x11cc kbdhid - ok
15:07:07.0298 0x11cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
15:07:07.0298 0x11cc KeyIso - ok
15:07:07.0423 0x11cc [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:07:07.0860 0x11cc KSecDD - ok
15:07:07.0953 0x11cc [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:07:08.0452 0x11cc KtmRm - ok
15:07:08.0499 0x11cc [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
15:07:08.0546 0x11cc LanmanServer - ok
15:07:08.0624 0x11cc [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:07:08.0624 0x11cc LanmanWorkstation - ok
15:07:08.0702 0x11cc [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:07:08.0718 0x11cc lltdio - ok
15:07:08.0749 0x11cc [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:07:08.0764 0x11cc lltdsvc - ok
15:07:08.0780 0x11cc [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:07:08.0796 0x11cc lmhosts - ok
15:07:08.0842 0x11cc [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:07:08.0920 0x11cc LSI_FC - ok
15:07:08.0952 0x11cc [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:07:08.0967 0x11cc LSI_SAS - ok
15:07:09.0014 0x11cc [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:07:09.0061 0x11cc LSI_SCSI - ok
15:07:09.0108 0x11cc [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
15:07:09.0139 0x11cc luafv - ok
15:07:09.0217 0x11cc [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
15:07:09.0279 0x11cc megasas - ok
15:07:09.0357 0x11cc [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
15:07:09.0638 0x11cc MegaSR - ok
15:07:09.0669 0x11cc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
15:07:09.0669 0x11cc MMCSS - ok
15:07:09.0685 0x11cc [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
15:07:09.0732 0x11cc Modem - ok
15:07:09.0794 0x11cc [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:07:09.0810 0x11cc monitor - ok
15:07:09.0825 0x11cc [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:07:09.0856 0x11cc mouclass - ok
15:07:09.0903 0x11cc [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:07:09.0919 0x11cc mouhid - ok
15:07:09.0934 0x11cc [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:07:09.0950 0x11cc MountMgr - ok
15:07:10.0012 0x11cc [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:07:10.0168 0x11cc mpio - ok
15:07:10.0246 0x11cc [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:07:10.0278 0x11cc mpsdrv - ok
15:07:10.0402 0x11cc [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:07:10.0512 0x11cc MpsSvc - ok
15:07:10.0668 0x11cc [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:07:10.0699 0x11cc Mraid35x - ok
15:07:10.0730 0x11cc [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:07:10.0870 0x11cc MRxDAV - ok
15:07:10.0980 0x11cc [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:11.0042 0x11cc mrxsmb - ok
15:07:11.0120 0x11cc [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:11.0245 0x11cc mrxsmb10 - ok
15:07:11.0260 0x11cc [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:11.0307 0x11cc mrxsmb20 - ok
15:07:11.0432 0x11cc [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
15:07:11.0432 0x11cc msahci - ok
15:07:11.0494 0x11cc [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:07:11.0588 0x11cc msdsm - ok
15:07:11.0619 0x11cc [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
15:07:11.0697 0x11cc MSDTC - ok
15:07:11.0713 0x11cc [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:07:11.0760 0x11cc Msfs - ok
15:07:11.0838 0x11cc [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:07:12.0009 0x11cc msisadrv - ok
15:07:12.0072 0x11cc [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:07:12.0150 0x11cc MSiSCSI - ok
15:07:12.0150 0x11cc msiserver - ok
15:07:12.0259 0x11cc [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:07:12.0384 0x11cc MSKSSRV - ok
15:07:12.0462 0x11cc [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:12.0586 0x11cc MSPCLOCK - ok
15:07:12.0633 0x11cc [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:07:12.0664 0x11cc MSPQM - ok
15:07:12.0742 0x11cc [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:07:12.0789 0x11cc MsRPC - ok
15:07:12.0836 0x11cc [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:07:12.0852 0x11cc mssmbios - ok
15:07:12.0945 0x11cc [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:07:13.0008 0x11cc MSTEE - ok
15:07:13.0070 0x11cc [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
15:07:13.0132 0x11cc Mup - ok
15:07:13.0210 0x11cc [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
15:07:13.0226 0x11cc napagent - ok
15:07:13.0273 0x11cc [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:07:13.0382 0x11cc NativeWifiP - ok
15:07:13.0507 0x11cc [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:07:13.0569 0x11cc NDIS - ok
15:07:13.0585 0x11cc [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:13.0600 0x11cc NdisTapi - ok
15:07:13.0663 0x11cc [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:13.0678 0x11cc Ndisuio - ok
15:07:13.0710 0x11cc [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:13.0788 0x11cc NdisWan - ok
15:07:13.0819 0x11cc [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:07:13.0850 0x11cc NDProxy - ok
15:07:13.0881 0x11cc [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:07:13.0928 0x11cc NetBIOS - ok
15:07:13.0990 0x11cc [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:07:14.0100 0x11cc netbt - ok
15:07:14.0131 0x11cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
15:07:14.0131 0x11cc Netlogon - ok
15:07:14.0209 0x11cc [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
15:07:14.0287 0x11cc Netman - ok
15:07:14.0334 0x11cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:07:14.0412 0x11cc NetMsmqActivator - ok
15:07:14.0427 0x11cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:07:14.0427 0x11cc NetPipeActivator - ok
15:07:14.0490 0x11cc [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
15:07:14.0505 0x11cc netprofm - ok
15:07:14.0521 0x11cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:07:14.0521 0x11cc NetTcpActivator - ok
15:07:14.0536 0x11cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:07:14.0536 0x11cc NetTcpPortSharing - ok
15:07:14.0599 0x11cc [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:07:14.0661 0x11cc nfrd960 - ok
15:07:14.0708 0x11cc [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
15:07:14.0724 0x11cc NlaSvc - ok
15:07:14.0802 0x11cc [ CA01A33633E45D122752581A4F19E161, FA98ED6E9953CE2D255E8A7C22944A68CD691104DEDEC3928CDB59CB04E5FA9B ] NovaShieldFilterDriver C:\Windows\system32\DRIVERS\NSKernel.sys
15:07:14.0911 0x11cc NovaShieldFilterDriver - ok
15:07:14.0958 0x11cc [ 3EFA383638F87788AD17EAEB2562C084, BD5CC8EF57862D41FB026EE498708B93EE95A629AA48E54AD930F03F1557075E ] NovaShieldTDIDriver C:\Windows\system32\DRIVERS\NSNetmon.sys
15:07:14.0958 0x11cc NovaShieldTDIDriver - ok
15:07:14.0989 0x11cc [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:07:15.0004 0x11cc Npfs - ok
15:07:15.0051 0x11cc [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
15:07:15.0051 0x11cc nsi - ok
15:07:15.0082 0x11cc [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:07:15.0098 0x11cc nsiproxy - ok
15:07:15.0332 0x11cc [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:07:15.0441 0x11cc Ntfs - ok
15:07:15.0488 0x11cc [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:07:15.0504 0x11cc ntrigdigi - ok
15:07:15.0597 0x11cc [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
15:07:15.0597 0x11cc Null - ok
15:07:15.0675 0x11cc [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:07:16.0018 0x11cc nvraid - ok
15:07:16.0096 0x11cc [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:07:16.0143 0x11cc nvstor - ok
15:07:16.0206 0x11cc [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:07:16.0330 0x11cc nv_agp - ok
15:07:16.0346 0x11cc NwlnkFlt - ok
15:07:16.0362 0x11cc NwlnkFwd - ok
15:07:16.0393 0x11cc [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:07:16.0471 0x11cc ohci1394 - ok
15:07:16.0596 0x11cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:07:16.0658 0x11cc p2pimsvc - ok
15:07:16.0783 0x11cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
15:07:16.0798 0x11cc p2psvc - ok
15:07:16.0861 0x11cc [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
15:07:16.0954 0x11cc Parport - ok
15:07:17.0001 0x11cc [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:07:17.0017 0x11cc partmgr - ok
15:07:17.0032 0x11cc [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:07:17.0064 0x11cc Parvdm - ok
15:07:17.0142 0x11cc [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
15:07:17.0157 0x11cc PcaSvc - ok
15:07:17.0220 0x11cc [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
15:07:17.0235 0x11cc pci - ok
15:07:17.0313 0x11cc [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
15:07:17.0360 0x11cc pciide - ok
15:07:17.0407 0x11cc [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:07:17.0469 0x11cc pcmcia - ok
15:07:17.0594 0x11cc [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:07:17.0656 0x11cc PEAUTH - ok
15:07:17.0828 0x11cc [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
15:07:17.0984 0x11cc pla - ok
15:07:18.0031 0x11cc [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:07:18.0062 0x11cc PlugPlay - ok
15:07:18.0140 0x11cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:07:18.0234 0x11cc PNRPAutoReg - ok
15:07:18.0280 0x11cc [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:07:18.0296 0x11cc PNRPsvc - ok
15:07:18.0436 0x11cc [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:07:18.0483 0x11cc PolicyAgent - ok
15:07:18.0577 0x11cc [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:07:18.0592 0x11cc PptpMiniport - ok
15:07:18.0608 0x11cc [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
15:07:18.0670 0x11cc Processor - ok
15:07:18.0748 0x11cc [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
15:07:18.0764 0x11cc ProfSvc - ok
15:07:18.0780 0x11cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:07:18.0795 0x11cc ProtectedStorage - ok
15:07:18.0889 0x11cc [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:07:18.0920 0x11cc PSched - ok
15:07:19.0294 0x11cc [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:07:19.0825 0x11cc ql2300 - ok
15:07:19.0872 0x11cc [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:07:19.0981 0x11cc ql40xx - ok
15:07:20.0028 0x11cc [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
15:07:20.0043 0x11cc QWAVE - ok
15:07:20.0090 0x11cc [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:07:20.0121 0x11cc QWAVEdrv - ok
15:07:20.0199 0x11cc [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:07:20.0215 0x11cc RasAcd - ok
15:07:20.0246 0x11cc [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
15:07:20.0262 0x11cc RasAuto - ok
15:07:20.0277 0x11cc [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:20.0308 0x11cc Rasl2tp - ok
15:07:20.0418 0x11cc [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
15:07:20.0433 0x11cc RasMan - ok
15:07:20.0464 0x11cc [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:20.0542 0x11cc RasPppoe - ok
15:07:20.0605 0x11cc [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:07:20.0620 0x11cc RasSstp - ok
15:07:20.0683 0x11cc [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:07:20.0761 0x11cc rdbss - ok
15:07:20.0808 0x11cc [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:20.0823 0x11cc RDPCDD - ok
15:07:20.0886 0x11cc [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:07:20.0964 0x11cc rdpdr - ok
15:07:20.0979 0x11cc [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:07:20.0995 0x11cc RDPENCDD - ok
15:07:21.0073 0x11cc [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:07:21.0120 0x11cc RDPWD - ok
15:07:21.0198 0x11cc [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
15:07:21.0213 0x11cc RemoteAccess - ok
15:07:21.0244 0x11cc [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:07:21.0260 0x11cc RemoteRegistry - ok
15:07:21.0276 0x11cc [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
15:07:21.0291 0x11cc RpcLocator - ok
15:07:21.0400 0x11cc [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
15:07:21.0416 0x11cc RpcSs - ok
15:07:21.0447 0x11cc [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:07:21.0463 0x11cc rspndr - ok
15:07:21.0556 0x11cc [ 9B09F336DE36A7A6CA871DE8A7847B65, 1F99D1F3298F0C66E93287E269EAB001140A9F2A6E867E11B30F21B04B720AB9 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
15:07:21.0572 0x11cc RTSTOR - ok
15:07:21.0603 0x11cc [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
15:07:21.0603 0x11cc SamSs - ok
15:07:21.0650 0x11cc [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:07:21.0712 0x11cc sbp2port - ok
15:07:21.0790 0x11cc [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:07:21.0806 0x11cc SCardSvr - ok
15:07:21.0837 0x11cc [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
15:07:21.0931 0x11cc Schedule - ok
15:07:21.0962 0x11cc [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
15:07:21.0962 0x11cc SCPolicySvc - ok
15:07:22.0009 0x11cc [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:07:22.0024 0x11cc SDRSVC - ok
15:07:22.0383 0x11cc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:07:26.0892 0x11cc SDScannerService - ok
15:07:27.0219 0x11cc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:07:27.0609 0x11cc SDUpdateService - ok
15:07:27.0718 0x11cc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:07:27.0718 0x11cc SDWSCService - ok
15:07:27.0812 0x11cc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:07:37.0609 0x11cc secdrv - ok
15:07:37.0749 0x11cc [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
15:07:37.0765 0x11cc seclogon - ok
15:07:37.0905 0x11cc [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
15:07:37.0952 0x11cc SENS - ok
15:07:37.0983 0x11cc [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:07:38.0077 0x11cc Serenum - ok
15:07:38.0139 0x11cc [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
15:07:38.0186 0x11cc Serial - ok
15:07:38.0233 0x11cc [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:07:38.0295 0x11cc sermouse - ok
15:07:38.0482 0x11cc [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
15:07:38.0529 0x11cc SessionEnv - ok
15:07:38.0638 0x11cc [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:07:38.0685 0x11cc sffdisk - ok
15:07:38.0779 0x11cc [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:07:38.0810 0x11cc sffp_mmc - ok
15:07:38.0857 0x11cc [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:07:38.0950 0x11cc sffp_sd - ok
15:07:39.0169 0x11cc [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:07:39.0262 0x11cc sfloppy - ok
15:07:39.0450 0x11cc [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:07:39.0528 0x11cc SharedAccess - ok
15:07:39.0699 0x11cc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:39.0746 0x11cc ShellHWDetection - ok
15:07:39.0808 0x11cc [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:07:39.0902 0x11cc sisagp - ok
15:07:39.0996 0x11cc [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:07:40.0292 0x11cc SiSRaid2 - ok
15:07:40.0448 0x11cc [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:07:40.0588 0x11cc SiSRaid4 - ok
15:07:41.0415 0x11cc [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
15:07:42.0476 0x11cc slsvc - ok
15:07:42.0570 0x11cc [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:07:42.0585 0x11cc SLUINotify - ok
15:07:42.0616 0x11cc [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:07:42.0632 0x11cc Smb - ok
15:07:42.0772 0x11cc [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:07:42.0788 0x11cc SNMPTRAP - ok
15:07:42.0866 0x11cc [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
15:07:42.0897 0x11cc spldr - ok
15:07:43.0038 0x11cc [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
15:07:43.0053 0x11cc Spooler - ok
15:07:43.0240 0x11cc sprtsvc_dellsupportcenter - ok
15:07:43.0365 0x11cc [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
15:07:43.0740 0x11cc srv - ok
15:07:43.0802 0x11cc [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:07:43.0880 0x11cc srv2 - ok
15:07:43.0896 0x11cc [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:07:43.0958 0x11cc srvnet - ok
15:07:44.0020 0x11cc [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:07:44.0020 0x11cc SSDPSRV - ok
15:07:44.0301 0x11cc [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:07:44.0317 0x11cc SstpSvc - ok
15:07:44.0442 0x11cc [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
15:07:44.0520 0x11cc stisvc - ok
15:07:44.0566 0x11cc [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:07:44.0582 0x11cc swenum - ok
15:07:44.0629 0x11cc [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
15:07:44.0660 0x11cc swprv - ok
15:07:44.0676 0x11cc [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:07:44.0691 0x11cc Symc8xx - ok
15:07:44.0738 0x11cc [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:07:44.0832 0x11cc Sym_hi - ok
15:07:44.0847 0x11cc [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:07:44.0894 0x11cc Sym_u3 - ok
15:07:44.0941 0x11cc [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
15:07:45.0003 0x11cc SysMain - ok
15:07:45.0034 0x11cc [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:45.0081 0x11cc TabletInputService - ok
15:07:45.0175 0x11cc [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:07:45.0222 0x11cc TapiSrv - ok
15:07:45.0253 0x11cc [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
15:07:45.0253 0x11cc TBS - ok
15:07:45.0471 0x11cc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:07:45.0658 0x11cc Tcpip - ok
15:07:45.0861 0x11cc [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:07:45.0877 0x11cc Tcpip6 - ok
15:07:45.0924 0x11cc [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:07:45.0924 0x11cc tcpipreg - ok
15:07:45.0955 0x11cc [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:07:45.0970 0x11cc TDPIPE - ok
15:07:46.0002 0x11cc [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:07:46.0064 0x11cc TDTCP - ok
15:07:46.0204 0x11cc [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:07:46.0314 0x11cc tdx - ok
15:07:46.0376 0x11cc [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:07:46.0470 0x11cc TermDD - ok
15:07:46.0610 0x11cc [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
15:07:46.0672 0x11cc TermService - ok
15:07:46.0906 0x11cc [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
15:07:46.0969 0x11cc Themes - ok
15:07:46.0969 0x11cc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
15:07:46.0969 0x11cc THREADORDER - ok
15:07:47.0047 0x11cc [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
15:07:47.0047 0x11cc TrkWks - ok
15:07:47.0140 0x11cc [ F2AEE22231046CAD8D2F94D2C0F9BEFB, 6D4068DD104EB80BA87C142276FA25F71336000ECD2679EE985C0436C162C1B0 ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
15:07:47.0203 0x11cc Trufos - ok
15:07:47.0250 0x11cc [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:47.0265 0x11cc TrustedInstaller - ok
15:07:47.0312 0x11cc [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:47.0390 0x11cc tssecsrv - ok
15:07:47.0515 0x11cc [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:07:47.0515 0x11cc tunmp - ok
15:07:47.0640 0x11cc [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:07:47.0702 0x11cc tunnel - ok
15:07:47.0733 0x11cc [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:07:47.0764 0x11cc uagp35 - ok
15:07:47.0827 0x11cc [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:07:47.0858 0x11cc udfs - ok
15:07:47.0920 0x11cc [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:07:47.0920 0x11cc UI0Detect - ok
15:07:48.0045 0x11cc [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:07:48.0123 0x11cc uliagpkx - ok
15:07:48.0154 0x11cc [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:07:48.0186 0x11cc uliahci - ok
15:07:48.0264 0x11cc [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:07:48.0295 0x11cc UlSata - ok
15:07:48.0326 0x11cc [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:07:48.0342 0x11cc ulsata2 - ok
15:07:48.0373 0x11cc [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:07:48.0388 0x11cc umbus - ok
15:07:48.0404 0x11cc [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
15:07:48.0420 0x11cc upnphost - ok
15:07:48.0513 0x11cc [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:07:48.0591 0x11cc usbccgp - ok
15:07:48.0654 0x11cc [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:07:48.0747 0x11cc usbcir - ok
15:07:48.0825 0x11cc [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:07:48.0856 0x11cc usbehci - ok
15:07:48.0950 0x11cc [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:07:49.0090 0x11cc usbhub - ok
15:07:49.0122 0x11cc [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:07:49.0153 0x11cc usbohci - ok
15:07:49.0184 0x11cc [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:07:49.0246 0x11cc usbprint - ok
15:07:49.0340 0x11cc [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:07:49.0465 0x11cc USBSTOR - ok
15:07:49.0527 0x11cc [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:07:49.0590 0x11cc usbuhci - ok
15:07:49.0636 0x11cc [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
15:07:49.0668 0x11cc UxSms - ok
15:07:49.0777 0x11cc [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
15:07:49.0808 0x11cc vds - ok
15:07:49.0855 0x11cc [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:49.0917 0x11cc vga - ok
15:07:49.0948 0x11cc [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:07:49.0948 0x11cc VgaSave - ok
15:07:49.0995 0x11cc [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:07:50.0073 0x11cc viaagp - ok
15:07:50.0198 0x11cc [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:07:50.0276 0x11cc ViaC7 - ok
15:07:50.0292 0x11cc [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
15:07:50.0479 0x11cc viaide - ok
15:07:50.0526 0x11cc [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:07:50.0619 0x11cc volmgr - ok
15:07:50.0728 0x11cc [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:07:51.0072 0x11cc volmgrx - ok
15:07:51.0196 0x11cc [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:07:51.0415 0x11cc volsnap - ok
15:07:51.0477 0x11cc [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:07:51.0774 0x11cc vsmraid - ok
15:07:52.0023 0x11cc [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
15:07:52.0491 0x11cc VSS - ok
15:07:52.0678 0x11cc [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
15:07:52.0756 0x11cc W32Time - ok
15:07:52.0819 0x11cc [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:07:52.0834 0x11cc WacomPen - ok
15:07:52.0897 0x11cc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:07:53.0022 0x11cc Wanarp - ok
15:07:53.0037 0x11cc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:07:53.0037 0x11cc Wanarpv6 - ok
15:07:53.0209 0x11cc [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:07:53.0365 0x11cc wcncsvc - ok
15:07:53.0474 0x11cc [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:53.0521 0x11cc WcsPlugInService - ok
15:07:53.0708 0x11cc [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
15:07:53.0864 0x11cc Wd - ok
15:07:54.0238 0x11cc [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:07:54.0831 0x11cc Wdf01000 - ok
15:07:54.0909 0x11cc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:07:54.0925 0x11cc WdiServiceHost - ok
15:07:54.0925 0x11cc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:07:54.0940 0x11cc WdiSystemHost - ok
15:07:55.0050 0x11cc [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
15:07:55.0174 0x11cc WebClient - ok
15:07:55.0330 0x11cc Websteroids - ok
15:07:55.0377 0x11cc [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:07:55.0518 0x11cc Wecsvc - ok
15:07:55.0549 0x11cc [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:07:55.0564 0x11cc wercplsupport - ok
15:07:55.0596 0x11cc [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
15:07:55.0611 0x11cc WerSvc - ok
15:07:55.0674 0x11cc WinHttpAutoProxySvc - ok
15:07:55.0736 0x11cc [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:07:55.0752 0x11cc Winmgmt - ok
15:07:56.0173 0x11cc [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
15:07:56.0235 0x11cc WinRM - ok
15:07:56.0407 0x11cc [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:07:56.0578 0x11cc Wlansvc - ok
15:07:56.0594 0x11cc wltrysvc - ok
15:07:56.0656 0x11cc [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:07:56.0688 0x11cc WmiAcpi - ok
15:07:56.0781 0x11cc [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:07:56.0797 0x11cc wmiApSrv - ok
15:07:57.0312 0x11cc [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:07:57.0405 0x11cc WMPNetworkSvc - ok
15:07:57.0499 0x11cc [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:07:57.0514 0x11cc WPCSvc - ok
15:07:57.0577 0x11cc [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:07:57.0624 0x11cc WPDBusEnum - ok
15:07:57.0686 0x11cc [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
15:07:57.0733 0x11cc WpdUsb - ok
15:07:57.0889 0x11cc [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:07:57.0998 0x11cc WPFFontCache_v0400 - ok
15:07:58.0045 0x11cc [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:07:58.0092 0x11cc ws2ifsl - ok
15:07:58.0201 0x11cc [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
15:07:58.0216 0x11cc wscsvc - ok
15:07:58.0232 0x11cc WSearch - ok
15:07:58.0638 0x11cc [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
15:08:11.0742 0x11cc wuauserv - ok
15:08:11.0820 0x11cc [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:08:11.0820 0x11cc WudfPf - ok
15:08:11.0882 0x11cc [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:08:11.0898 0x11cc WUDFRd - ok
15:08:12.0069 0x11cc [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:08:12.0085 0x11cc wudfsvc - ok
15:08:12.0132 0x11cc yksvc - ok
15:08:12.0288 0x11cc [ 1A51DF1A5C658D534ED980D18F7982DE, ACC33646033D43B8FBCAA1C03CC8307B89FEE40ACFE4630D2A226CFB56B9D992 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
15:08:12.0319 0x11cc yukonwlh - ok
15:08:12.0350 0x11cc ================ Scan global ===============================
15:08:12.0475 0x11cc [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:08:12.0600 0x11cc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:08:12.0724 0x11cc [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:08:12.0818 0x11cc [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
15:08:12.0849 0x11cc [ Global ] - ok
15:08:12.0849 0x11cc ================ Scan MBR ==================================
15:08:12.0865 0x11cc [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:08:14.0503 0x11cc \Device\Harddisk0\DR0 - ok
15:08:14.0503 0x11cc [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR2
15:08:15.0954 0x11cc \Device\Harddisk1\DR2 - ok
15:08:15.0954 0x11cc ================ Scan VBR ==================================
15:08:15.0969 0x11cc [ 2FE44946F159A4AEF2212D1D8C92385D ] \Device\Harddisk0\DR0\Partition1
15:08:16.0047 0x11cc \Device\Harddisk0\DR0\Partition1 - ok
15:08:16.0063 0x11cc [ 1996C6A9818AAA78E4A51BF862515C78 ] \Device\Harddisk1\DR2\Partition1
15:08:16.0063 0x11cc \Device\Harddisk1\DR2\Partition1 - ok
15:08:16.0063 0x11cc ================ Scan generic autorun ======================
15:08:16.0858 0x11cc [ 4B36C7D9710C60EA7725685753BBFA5C, 818AECC62445090CC336E06736B9B803CB96CFDB2E680F1AA1ED1CD25911D7EC ] C:\Windows\system32\WLTRAY.exe
15:08:23.0754 0x11cc Broadcom Wireless Manager UI - ok
15:08:23.0878 0x11cc [ 43E3F9C0F3BC940F2D6DA1A72B177E42, DA910F256A762045136DD271B399620EBD45B72D316788E83A37BEA600D186E1 ] C:\Windows\system32\igfxtray.exe
15:08:31.0944 0x11cc IgfxTray - ok
15:08:32.0053 0x11cc [ 2413EC683C216B8A96E1BBC9CD1E01A2, ECD770B15F2F55A72DECA4DAA398EC881CD572B71FB6CA625F45EECD09A7421B ] C:\Windows\system32\hkcmd.exe
15:08:32.0302 0x11cc HotKeysCmds - ok
15:08:32.0365 0x11cc [ 953E9E1A9A2D0E862BB75FBFDEDB58F4, 79ACD5F8B444AA1C0C627253859E4D569C2A7980EB5FA81634339A5903777171 ] C:\Windows\system32\igfxpers.exe
15:08:32.0708 0x11cc Persistence - ok
15:08:32.0942 0x11cc [ 186C9D39541CC0DFFCC454F79AA0B0BF, 71D333B9037362650E5E4DBF4EFA3CFD49034C53F27C7FFDE8DE6149ADB6471D ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
15:08:33.0504 0x11cc PDVDDXSrv - ok
15:08:33.0878 0x11cc [ 00D1FB0073B4A8BD2989EA8FF4CC792B, 001A26FF51BF6BABF6325983F512CF8D84CADEE1CA36F166A41702D94C1B0841 ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
15:08:33.0987 0x11cc DellSupportCenter - ok
15:08:35.0001 0x11cc [ F21E12716F97300532E6CD9EB7CEC280, 958B27E49E23AF3538A9B4442C28C630A40300D76FE3411634E388DE40435259 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
15:08:37.0107 0x11cc QuickSet - ok
15:08:37.0419 0x11cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:08:37.0809 0x11cc Sidebar - ok
15:08:37.0809 0x11cc WindowsWelcomeCenter - ok
15:08:38.0043 0x11cc [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:08:38.0074 0x11cc Sidebar - ok
15:08:38.0074 0x11cc WindowsWelcomeCenter - ok
15:08:38.0152 0x11cc [ 00D1FB0073B4A8BD2989EA8FF4CC792B, 001A26FF51BF6BABF6325983F512CF8D84CADEE1CA36F166A41702D94C1B0841 ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
15:08:38.0262 0x11cc DellSupportCenter - ok
15:08:38.0262 0x11cc Skype - ok
15:08:38.0511 0x11cc [ 10FA625F8AD264545358A2575190A6DD, E16340234FEFE27D9EEB31D239D1288A0A6C80F4B91B7E82566B0BBEC0FAFF3D ] C:\Program Files\Garmin\Express Tray\ExpressTray.exe
15:08:39.0026 0x11cc GarminExpressTrayApp - ok
15:08:41.0397 0x11cc [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
15:08:43.0332 0x11cc Spybot-S&D Cleaning - ok
15:08:43.0347 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:44.0361 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:45.0375 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:46.0389 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:47.0403 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:48.0417 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:49.0431 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:50.0445 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:51.0459 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:52.0473 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:53.0487 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:54.0501 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:55.0515 0x11cc Waiting for KSN requests completion. In queue: 11
15:08:57.0028 0x11cc AV detected via SS2: BullGuard Antivirus, c:\program files\bullguard ltd\bullguard\BullGuard.exe ( 15.0.0.0 ), 0x41000 ( enabled : updated )
15:08:57.0044 0x11cc FW detected via SS2: BullGuard Firewall, c:\program files\bullguard ltd\bullguard\BullGuard.exe ( 15.0.0.0 ), 0x40010 ( disabled )
15:08:57.0465 0x11cc Win FW state via NFP2: enabled
15:09:00.0211 0x11cc ============================================================
15:09:00.0211 0x11cc Scan finished
15:09:00.0211 0x11cc ============================================================
15:09:00.0258 0x1344 Detected object count: 0
15:09:00.0258 0x1344 Actual detected object count: 0
15:09:28.0291 0x1768 Deinitialize success

Hi,

Its been awhile. Lets get a couple more downloads. You can try on the machine in question or use your linux machine and transfer them. Two will remove adware items. The third you can keep and use as a antimalware app.

Look in your add/remove programs file and uninstall: Ask and/or Asktoolbar and this: Websteroids-- Reboot machine after the uninstalls. then:

1) Adwcleaner:

Please download Adwcleaner.exe (http://www.bleepingcomputer.com/download/adwcleaner/) to your desktop.
Right click on AdwCleaner.exe, select "run as admin"
Click on the Scan button
Once the scan is done click on the Delete button. Items will already be checked for removal.
Machine may prompt for reboot to finish the process.
At restart a log will be generated which you can copy/paste in your reply.
Copy and paste the contents of the log file in your reply
You can also find the logfile at C:\AdwCleaner[R1].txt as well

2) JRT:

Please download Junkware Removal Tool to your desktop.

http://thisisudax.org/downloads/JRT.exe

Double click the icon or Right click for Vista/W7,8 and select Run as administrator
The tool will open and start scanning.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message

3): Malwarebytes, free edition:

These directions are old as the GUI has changed but its easy to figure out:
Please download the free version of Malwarebytes (http://www.malwarebytes.org/products/malwarebytes_free) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

Lets see what gets dragged up and we will go from there.

Hi there shelf life. All three checks have thrown up something, but I had to do them in safe mode as the machine is still very, very slow in normal mode. Even in safe mode when I tried ro download malwarebytes it was blocked. Thanks for all your help thus far. Here are the logs:

# AdwCleaner v4.101 - Report created 14/11/2014 at 14:34:43
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : LucioMags - LUCIOMAGS-PC
# Running from : C:\Users\LucioMags\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : Websteroids

***** [ Files / Folders ] *****

Folder Found : C:\Program Files\ParetoLogic
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\SpeedMaxPc
Folder Found : C:\ProgramData\Websteroids
Folder Found : C:\Users\LucioMags\AppData\Local\apn
Folder Found : C:\Users\LucioMags\AppData\Local\AskToolbar
Folder Found : C:\Users\LucioMags\AppData\Local\iac
Folder Found : C:\Users\LucioMags\AppData\Local\Websteroids
Folder Found : C:\Users\LucioMags\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\LucioMags\AppData\Roaming\DriverCure
Folder Found : C:\Users\LucioMags\AppData\Roaming\ParetoLogic
Folder Found : C:\Users\LucioMags\AppData\Roaming\SpeedMaxPc
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Scheduled Tasks ] *****

Task Found : paretologic update version3
Task Found : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3729F2E5-EF82-43F3-A5DA-0654CB94E9FE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Websteroids
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\ParetoLogic
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Google Chrome v38.0.2125.104

[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=00F02D99-9361-4B22-8A4D-6E8C8DD3AB6E&apn_ptnrs=U3&apn_sauid=703DD0B0-69A8-42F9-8DF5-63EA6DA640A5&apn_dtid=OSJ000YYGB&q={searchTerms}
[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=00F02D99-9361-4B22-8A4D-6E8C8DD3AB6E&apn_ptnrs=U3&apn_sauid=703DD0B0-69A8-42F9-8DF5-63EA6DA640A5&apn_dtid=OSJ000YYGB&q={searchTerms}

*************************

AdwCleaner[R0].txt - [8613 octets] - [14/11/2014 14:34:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8673 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows Vista (TM) Home Basic x86
Ran by LucioMags on 14/11/2014 at 14:53:06.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector.1
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\scheduled update for ask toolbar"
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/11/2014 at 14:54:44.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14/11/2014
Scan Time: 15:20:39
Logfile: mal.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.14.05
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: LucioMags

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295507
Time Elapsed: 17 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
Rogue.Multiple, C:\ProgramData\28523121, , [dfced269215bba7c9478c23224de1be5],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

hi,

So after the Scan with Adwcleaner you clicked on the Clean button? In my original directions I said after the scan click on the delete button, should be the Clean button. There is no delete button-- Your machine should have rebooted to finish the removal process and on reboot display a new log.

Run adwcleaner again, click on scan then when the scans done click on the clean button. Machine will reboot and on restart display a new log showing what was removed. Please post the log.

Here are the previous adwcleaner clean log and the new one. Sorry about that it's just that when adwcleaner rebooted the machine, it went into normal mode and even though it did eventually open up notepad with the s0 log, the machine was so slow, i couldn't do anything with it:

# AdwCleaner v4.101 - Report created 14/11/2014 at 14:37:00
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : LucioMags - LUCIOMAGS-PC
# Running from : C:\Users\LucioMags\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Websteroids

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\SpeedMaxPc
Folder Deleted : C:\ProgramData\Websteroids
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\LucioMags\AppData\Local\apn
Folder Deleted : C:\Users\LucioMags\AppData\Local\AskToolbar
Folder Deleted : C:\Users\LucioMags\AppData\Local\iac
Folder Deleted : C:\Users\LucioMags\AppData\Local\Websteroids
Folder Deleted : C:\Users\LucioMags\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\LucioMags\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\LucioMags\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\LucioMags\AppData\Roaming\SpeedMaxPc

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3729F2E5-EF82-43F3-A5DA-0654CB94E9FE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Websteroids
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Google Chrome v38.0.2125.104

[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=00F02D99-9361-4B22-8A4D-6E8C8DD3AB6E&apn_ptnrs=U3&apn_sauid=703DD0B0-69A8-42F9-8DF5-63EA6DA640A5&apn_dtid=OSJ000YYGB&q={searchTerms}
[C:\Users\LucioMags\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=00F02D99-9361-4B22-8A4D-6E8C8DD3AB6E&apn_ptnrs=U3&apn_sauid=703DD0B0-69A8-42F9-8DF5-63EA6DA640A5&apn_dtid=OSJ000YYGB&q={searchTerms}

*************************

AdwCleaner[R0].txt - [8753 octets] - [14/11/2014 14:34:43]
AdwCleaner[S0].txt - [8751 octets] - [14/11/2014 14:37:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8811 octets] ##########

# AdwCleaner v4.101 - Report created 15/11/2014 at 11:25:53
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : LucioMags - LUCIOMAGS-PC
# Running from : C:\Users\LucioMags\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [8753 octets] - [14/11/2014 14:34:43]
AdwCleaner[R1].txt - [975 octets] - [15/11/2014 11:16:41]
AdwCleaner[S0].txt - [8891 octets] - [14/11/2014 14:37:00]
AdwCleaner[S1].txt - [808 octets] - [15/11/2014 11:25:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [867 octets] ##########

So your machine runs ok in safe mode but not after a normal boot? did you notice if it started after installing software or a driver? It just bogs down and takes a long time to complete a task?


Even in safe mode when I tried ro download malwarebytes it was blocked
What do you mean by 'it was blocked' you couldnt get to the website?

That is correct. I don't know, as I say, I'm fixing this for a friend, but I will ask and get back to you. Correct. Like I say, I give up on it opening the computer window and indeed any other window. What I mean by 'it was blocked' is, yes, it could not connect to the web page; Internet Explorer came up with the diagnose problem web page. Like I said in the original post I think this is a new one (especially because that tool to help with NT development comes up on the taskbar) and must admit I'm out of my depth now. Possibly there is a way to find out which services/programs are taking up most of the CPU time (possibly with task manager) and kill them, but wouldn't know how to go about this properly; also with the machine operating so slowly in normal mode, would this be viable?

This type of problem can be hard to troubleshoot via posts.
I dont think its malware related. Something is running in normal boot thats not there in safe mode. You could compare task manager in both modes, alot ot the tasks would be normal Window processes though. You might notice something different.

You could also uninstall software via the add/remove program panel in safe mode starting with anything you dont use or recognize. You could check device manager after a normal boot and see if anything has the yellow exclamation point. I would suspect a software or driver conflict.
For the most part malware wants/needs a normally functioning machine to be successful.